Build your service using Pritunl and Lets Encrypt

Pritunl is an open source enterprise VPN platform which is used to easily build free VPN service.
It is built on the top of TLS/SSL protocol and is not easily banned by some countries. 🙂
However, by the default settings of its tutorial, the generated TLS certificate for Pritunl is not recognized by browsers because its certificate is not authorized by third-party CA.

To mitigate the effect, Let’s Encrypt, the well-known CA, is considered as the best choice for end-users.

This post briefs how to setup Let’s Encrypt’s SSL certificate and setup Pritunl on Ubuntu 14.04. You can follow the following easy steps to build your own VPN service.

  1. Go to Let’s Encrypt and apply for a certificate by the certbot script.
  2. If you are using apache, nginx or Plesk, please stop and remove it first. Otherwise, the later Pritunl will have a conflict on port 80. 
  3. Follow the post of Vultr to setup Pritunl.
  4. Congratulations! You have your own VPN service.  

Trouble Shotting
If your Pritunl service cannot normally start, please check Pritunl’s log in /var/log/pritunl.log. If the log displays the message like “ connection refused”, please check MongoDB’s log messages in /var/log/mongodb/mongod.log. You may find the following texts in the log file:
ERROR: Insufficient free space for journal files
Please make at least 3379MB available in /var/lib/mongo/journal or use –smallfiles

It seems that the disk space is not enough for running MongoDB and it will impact the service of Pritunl. To solve this issue, please add the following configuration in the configuration file (it is generally put in /etc/mongod.conf) of MongoDB.
    smallFiles: true

Then, restart MongoDB service by the command: service mongod restart

Finally, you may normally activate the Pritunl service.

Posted in Linux, VPN | Leave a comment

Math Editor in C#

When you are acquiring to integrate a math editor into your application in WPF (Windows Presentation Foundation), I recommend you to use this math editor project called OOP in the Real World – Creating an Equation Editor in Code Project platform.

However, the source code put in Code Project is out of date. If you want a new version of the source code and start to program it, I give the instructions for you as follows:

  1. Download the from  then get ICSharpCode.SharpZipLib.dll after extracting this zip file.
  2. Download the source codes from You can choose any relase version. In fact, I have tested the source codes with both versions and and they work.
  3. Extract the source codes and open the project solution.
  4. Put ICSharpCode.SharpZipLib.dll in your project if there’s no library refering to ICSharpCode.SharpZipLib.
  5. Right click on this project then click the item ‘project properties’. 
  6. Click the tab “Signing” then cancel the clickbox called “Sign the assembly”.

Afterall, you will build this project successfully.

Posted in C, Programming, WPF | Leave a comment

Install CKAN 2.5 on Ubuntu 14.04 LTS

Author: Jyun-Yao Huang (Allen;
System Environment: Ubuntu Linux 14.04 LTS (64bits)

1. Update the metadata of packages

$ sudo apt-get update

2. Install apache2, nginx, apache’s module wsgi and the library of postgres- libpq5.

$ sudo apt-get install -y nginx apache2 libapache2-mod-wsgi libpq5

3. Download deb-package of python-ckan.
There are two ways to get CKAN deb package.
First, here you can download my provided deb package in the cloud storage. URL:
Or, download it from CKAN official site.

$ wget

4. Install the package.

$ sudo dpkg -i python-ckan_2.5-trusty_amd64.deb

5. Install postgresql.

$ sudo apt-get install postgresql

6. Check the encoding format of Postgresql is UTF-8.

$ sudo -u postgres psql -l

7. Create the database account and the corresponding database. In this case, the account is ckan_default and the database is also called ckan_default.
Please remember your password of your database account.

$ sudo -u postgres createuser -S -D -R -P ckan_default
$ sudo -u postgres createdb -O ckan_default ckan_default -E utf-8

8. Edit the file at /etc/ckan/default/production.ini with super user’s permission. Check the settings below:

sqlalchemy.url = postgresql://ckan_default:pass@localhost/ckan_default

Please replace words in bold with the password of your created account for Postgresql.

9. Create the fold for CKAN storage. Type the following command to create storage.

$ sudo mkdir /var/lib/ckan
$ chown –R www-data:www-data /var/lib/ckan

10. Edit the file at /etc/ckan/default/production.ini with super user’s permission. Check the settings below:

ckan.storage_path = /var/lib/ckan

11. Download Solr 5.4.1
Warning: Form the CKAN official guide, if you install solr-jetty in Ubuntu 14.04, the JSP of Solr will not be supported. We have to install Solr.
There are two ways to get Solr package.
First, here you can download my provided Solr package in the cloud storage. URL:
Or download it from Solr’s site.

$ wget

12. Install Solr 5.4.1

$ tar xzf solr-5.4.1.tgz solr-5.4.1/bin/ –strip-components=2
$ sudo chmod +x
$ sudo ./ solr-5.4.1.tgz -f

13. Prepare the CKAN’s schema for Solr
In this case, we prepare a core named ckan for Solr.

$ sudo su
root$ mkdir /var/solr/data/ckan
root$ touch /var/solr/data/ckan/
root$ cp -a /opt/solr/server/solr/configsets/basic_configs/conf /var/solr/data/ckan
root$ mv /var/solr/data/ckan/conf/schema.xml /var/solr/data/ckan1/conf/schema.xml.orig
root$ ln -s /usr/lib/ckan/default/src/ckan/ckan/config/solr/schema.xml /var/solr/data/ckan/conf/schema.xml
root$ chown -R solr:solr /var/solr
root$ exit

14. [Support of Chinese Segmentation] Download the libraries for supporting Chinese segmentation in Solr. There are two packages: mmseg4j-core-x.y.z.jar and mmseg4j-lang-x.y.z.jar to be downloaded. I’ve prepared the zipped file – at

15. [Support of Chinese Segmentation] After downloading and unzipping it into mmseg4j-core-1.10.0.jar and mmseg4j-solr-2.3.0.jar, upload JARs under the folder – /opt/solr/server/solr-webapp/webapp/WEB-INF/lib.

16. [Support of Chinese Segmentation]Modify the schema file at /usr/lib/ckan/default/src/ckan/ckan/config/solr/schema.xml to let Solr support Chinese segmentation.

<fieldType name=”text” class=”solr.TextField” positionIncrementGap=”100″>
<analyzer type=”index”>
<tokenizer class=”com.chenlb.mmseg4j.solr.MMSegTokenizerFactory” mode=”max-word”/>
<filter class=”solr.SynonymFilterFactory” synonyms=”synonyms.txt” ignoreCase=”true” expand=”true”/>
<filter class=”solr.WordDelimiterFilterFactory” generateWordParts=”1″ generateNumberParts=”1″ catenateWords=”0″ catenateNumbers=”0″ catenateAll=”0″ splitOnCaseChange=”1″/>
<filter class=”solr.SnowballPorterFilterFactory” language=”English” protected=”protwords.txt”/>
<filter class=”solr.LowerCaseFilterFactory”/>
<filter class=”solr.ASCIIFoldingFilterFactory”/>
<analyzer type=”query”>
<tokenizer class=”com.chenlb.mmseg4j.solr.MMSegTokenizerFactory” mode=”max-word”/>
<filter class=”solr.SynonymFilterFactory” synonyms=”synonyms.txt” ignoreCase=”true” expand=”true”/>
<filter class=”solr.WordDelimiterFilterFactory” generateWordParts=”1″ generateNumberParts=”1″ catenateWords=”0″ catenateNumbers=”0″ catenateAll=”0″ splitOnCaseChange=”1″/>
<filter class=”solr.SnowballPorterFilterFactory” language=”English” protected=”protwords.txt”/>
<filter class=”solr.LowerCaseFilterFactory”/>
<filter class=”solr.ASCIIFoldingFilterFactory”/>

17. Restart Solr.

$ sudo service solr restart

18. Serve the following URL to create the core called ckan via your browser.

19. Edit the file at /etc/ckan/default/production.ini with super user’s permission. Check the setting for Solr below:

solr_url =

In this case, ckan is the core we used in Solr, so we add ckan as suffix of the URL.

20. Initialize your database. We have to use VirtualEnv which is a virtual environment written in Python. Here, (virtualEnv) is the mark for denoting you are in VirtualEnv.

$ . /usr/lib/ckan/default/bin/activate
$ (virtualEnv) cd /usr/lib/ckan/default/src/ckan
$ (virtualEnv) paster db init -c /etc/ckan/default/production.ini
$ (virtualEnv) deactivate

21. Create Administrator for CKAN.

$ . /usr/lib/ckan/default/bin/activate
$ (virtualEnv) cd /usr/lib/ckan/default/src/ckan
$ (virtualEnv) paster sysadmin add admin -c /etc/ckan/default/production.ini
$ (virtualEnv) deactivate

22. Restart apache2 and nginx.

$ sudo service apache2 restart
$ sudo service nginx restart

After that, you will get the following CKAN site.

Image 39

Support of SSL

With the support of SSL, we can enhance the security of CKAN.

First, we have to apply for an SSL certificate. For freelancers, we can request the SSL certificate from Let’s Encrypt. The method of applying such certificate has been introduced in the official site of Let’s Encrypt. Interested readers can refers to its documents.

After getting an SSL certificate, please following the instructions in the post: Setting up CKAN with SSL.


  1. CKAN, “Installing CKAN from Package,” CKAN. [Online]. Available:
  2. CKAN, “Installing CKAN from Source,” CKAN. [Online]. Available:
  3. Koen Vlasinkel, “How to Install Solr 5.2.1 on Ubuntu 14.04,” Digital Ocean Community. [Online]. Available:
  4. Hvwaldow, “How to Upgrade to SOLR 5.3.1 on Debian Jessie for Use with CKAN,” CKAN. [Online]. Available:
  5. CKAN2 安裝教學. URL:
  6. CKAN, “Setting up CKAN with SSL,”. [Online]. Available:
Posted in CKAN, Security | Leave a comment

[WordPress] A Method for combining both of plain and custom URLs

In WordPress, we usually set the custom URLs for the purpose of SEO.
For the old plain URLs which are previously published to other sites, we should maintain them by redirecting to the new custom URLs.

The htaccess setting can simply do the redirection to a static page, such as response 404 not found or see other new site. Sometimes, we don’t know how many old plain urls are published. It cannot fulfill our needs for mapping the old plain URLs to the corresponding new URLs. For example, we want to create the following rules of redirections:

redirect to

redirect to

There may be more old URLs we don’t be aware of are published. A general soluton is to keep both of the plain and custom URLs.

In this case, we use add_filter function provided by WordPress.
Navigate your directory of currently used theme and find functions.php and put a piece of codes as follows:

function compatible_link( $postlink, $redirect) {

$id = get_query_var('p', -1);
if($id !== -1 && is_numeric($id)) {
return get_permalink($id);
return $postlink;

add_filter('post_type_link', 'compatible_link', 10, 2);

Done! Enjoy your website.


  1. Rewriting URLs in WordPress: Tips and Plugins. URL:
  2. WordPress的Hook機制與原理. URL:
  3. Custom post type with post_id in permalink structure. URL:
  4. Custom Login Url with plain permalink format. URL:
  5. Function Reference/get query var. URL:
Posted in PHP, Web Design, wordpress, 程式設計, 網頁撰寫 | Leave a comment

HTML Specification Standard
The version of HTML specification description is greater than W3C’s. Smile

Posted in HTML, Web Design | 1 Comment

How to install SSL on CKAN

Please refer to the configuration files:

Related references:

  1. (Chinese) Let’s Encrypt 的 SSL 憑證安裝
  2. How To Secure Nginx with Let’s Encrypt on Ubuntu 14.04
Posted in CKAN, Software | 13 Comments

[Software] Pencil Project

Web developers can try the Pencil Project. It offers not only a GUI to design the webpages, but also exports all of the webpages to a single web page. These features help you a lot to present your designed pages for customers.
Official Site:

Posted in Software, Web Design | 870 Comments

[eID] The short survey of electronic ID cards.


  1. 為什麼我們政府要遵循國際民航組織ICAO(International Civil Aviation Organization)的標準呢?
  2. 為什麼機讀碼這麼像中國政府的台胞證形式呢?

我在此做了一些關於電子身分證(electronic ID, eID)的研究:

ICAO的策略目標強烈地與United Nations Sustainable Development Goals (SDGs)做連結,滿足17項中的13項。包含了確保健康的生命、達到性別平等、建立彈性的基礎設施、確保可承受的消耗與產製樣式、降低國與國之間的不平等性等等。[2]
為了達到這些目標,其中的一個解決方案是推動可機讀旅行文件,稱為ICAO Doc 9303.[3]

為什麼ICAO Doc 9303這麼重要?因為它可讓機器容易讀取你的個人資訊,包含姓名、出生日期、出生地與其他欄位。為了保護這些隱私資料,一系列的安全措施也被採用 (請見[3] 的Part 11與Part 12)。

為了建立eID,德國的新版身分證也採用ICAO Doc 9303 [4]。(事實上,它採用其他方案 ISO/IEC standard 14443 [5],但也使用ICAO Doc 9303的部分標準[6])


可機讀護照(Machine Readable Passport, MRP)採用可機讀區域(Machine Readable Zone)來讓機器輕易讀取[7][8],這樣的措施也被德國、義大利等國的身分證採用,新式身分證也採用類似的編碼方式。這就是為何新版台胞證有類似的機讀碼。


According to the news of electronic ID card for Taiwanese [1], most of people wonder the problems of this measure. Some problems arises:

  • Why does our government follow the standard of ICAO(International Civil Aviation Organization)?
  • Why is the machine readable code very similar to that of Taiwanese citizen card which China provided?

I make a short survey on the specification of electronic ID card (abbreviate eID).

ICAO’s strategic objective strongly linked to 13 of the 17 United Nations Sustainable Development Goals (SDGs) proposed. Those include ensuring healthy lives, achieving gender equality, building resilient infrastructure, ensuring sustainable consumption and production patterns, reducing inequality among countries and so on.[2]
For achieving these goals, one of the solution is to promote Machine Readable Travel Documents, called ICAO Doc 9303.[3]

Why is the ICAO Doc 9303 important? Because it can let machines easily read your personal information including name, birthday, born town and other fields. For protecting the private data, a series of security measures are adopted. (See Parts 11 and 12 in [3].)

For creating eID cards, ICAO Doc 9303 is one of the solution for German new ID card [4]. (Actually, it adopts another solution called ISO/IEC standard 14443 [5] but also uses part of the specification of ICAO Doc 9303 [6]).

That’s why our government say that the new ID card can be compatible with international specification – ICAO.

The other question: “Why is the machine readable code very similar to Taiwanese citizen card which China provided?”

The machine readable passport (MRP) should use a machine readable zone (MRZ) to let machine easily read the information [7][8] which is also adopted by multiple eID cards like German, Italian and so on. The Taiwanese citizen card provided by China use the similar encoding method. That’s why the new Taiwanese use the MRZ for machines.
As aforementioned, the security is also ensured.
For further trend of eID, please refer to the post of TechNews.[9]


  1. 仝澤蓉, “新版身分證樣式曝光 將採中英對照,”  聯合財經網 [Online]. Available:
  2. ICAO, “ICAO and the United Nations Sustainable Development Goals,” ICAO [Online]. Available:
  3. ICAO, “Machine Readable Travel Documents,” ICAO [Online] Available:
  4. Moritz Horsch, Johannes Braun and Alex Wiesmaier, “Mobile eID application for the German identity card,” Technische Universität Darmstadt, Technical Report [Online]. Available: 
  5. “ISO/IEC 14443,” Wikipedia [Online]. Available:
  6. “National identity cards in the European Economic Area,” Wikipedia [Online]. Available:
  7. “Machine-readable passport,” Wikipedia [Online] Available: 
  8. “可機讀護照,” Wikiwand [Online] Available:
  9. Sanada Yukimura, “台灣新版晶片身分證 2017 年上路? 看全球 eID 趨勢,” 科技新報 [Online] Available: 
Posted in eID, ICAO, Security, 科技, 軟體(Software) | 3 Comments

[Docear4Word] The beta version for fixing bugs on displaying reference list.

Today, I downloaded the source code of Docear4Word with version 1.23 in order to fix the bug I reported in my previous post.
After struggling a while, the improvement is done.
Please visit my created repository here. (URL: )

Posted in Docear, Docear4Word | 6 Comments

[Docear4Word] Fix the bug from Docear4Word that doesn’t display URL in IEEE-with-URL style.

Docear is the one of academic literature suites I love. It provides  not only a comprehensive mind map tool but also a reference management tool inherited by JabRef. By using the JabRef’s managed reference results, the extension, Docear4Word , can help us easily add citations and display them with many styles. However, the provided IEEE-with-URL style has a bug on displaying URL.
No matter how URLs  you add, the generated reference list never shows URLs.
That’s because the included ieee-w-url.csl doesn’t add the macro for generating URLs when you use the entry types except webpage. The webpage entry type is not set as default entry types in Docear. That’s why you add any entry types that Docear provided, then the URLs are never displayed!
One  solution is to replace the old ieee-w-url.csl with newer one.
According to Prof. Dr. Artur Lugmayr’s post [1], we just follow these steps:

  1. Open the directory named “C:ProgramDataDocear4WordStyles
  2. Getting the administrator permission, open the file called “ieee-w-url.csl” in the directory.
  3. Replace the whole content with the newer one I put in Github. (mirrored from the git [2] of citation-style-languages) The newer content of this csl is on Then save it!

Docear是我喜愛的學術文獻整理套件之一。它提供了全面性的心智圖以及基於JabRef的參考文獻整理工具。其外掛 Docear4Word 藉著使用JabRef的整理文獻結果,幫助我們輕易地加入文獻參考與展現不同風格的參考文獻。然而,提供的IEEE-with-URL風格在輸出URL時,存在著一個臭蟲。
無論您如何加入URL,產生的文獻列表卻從不顯示這些URL。這是因為內建的ieee-w-url.csl 除了webpage這個entry type以外,並無產生URL的巨集。而webpage這個entry type卻沒有成為Docear的內建entry type。這就是無論你怎麼在Docear提供的entry type加入URL,這些URL卻從未顯示。
解決之道是替換掉舊的ieee-w-url.csl。根據Prof. Dr. Artur Lugmayr的貼文[1],我們只要遵循以下步驟即可:

  1. 開啟 C:ProgramDataDocear4WordStyles 目錄。
  2. 在此目錄中,以管理者權限開啟ieee-w-url.csl檔案。
  3. 到本人提供的Gibhub 取得該新版的內容格式,替換掉舊的(該內容格式是由Citation-Style-Languages的Github [2]鏡射而來。)

    [1] Prof. Dr. Artur Lugmayr, “Professional and free referencing software,” [Online] Available:
    [2], “Official repository for Citation Style Language (CSL) citation styles,” [Online] Available:

    Posted in Docear, 學術研究 | Leave a comment