Slide 1

Slide 1 text

PROFILE KAZUYA UEOKA iOS engineer in Timers inc. Twitter: @fromkk Github: fromkk Qiita: fromkk 1 — (C) fromkk. 2016

Slide 2

Slide 2 text

I INTERESTED IN REALM MOBILE PLATFORM 2 — (C) fromkk. 2016

Slide 3

Slide 3 text

> http://techblog.timers-inc.com/entry/ realmmobileplatform > https://speakerdeck.com/fromkk/try-realm-mobile- platform 3 — (C) fromkk. 2016

Slide 4

Slide 4 text

BUT 4 — (C) fromkk. 2016

Slide 5

Slide 5 text

REALMSWIFT SAMPLE CODE 5 — (C) fromkk. 2016

Slide 6

Slide 6 text

6 — (C) fromkk. 2016

Slide 7

Slide 7 text

ATS https://developer.apple.com/videos/ play/wwdc2016/706/ 7 — (C) fromkk. 2016

Slide 8

Slide 8 text

! 8 — (C) fromkk. 2016

Slide 9

Slide 9 text

SSL CONNECTION WITH REALM OBJECT SERVER REALM MEETUP ๨೥ձ 2016 9 — (C) fromkk. 2016

Slide 10

Slide 10 text

PLATFOTM > Sakura VPS > CentOS 7 > Nginx(proxy) > Let's Encrypt > Realm Object Server 10 — (C) fromkk. 2016

Slide 11

Slide 11 text

FIREWALL firewall-cmd --add-service=http --zone=public --permanent firewall-cmd --add-service=https --zone=public --permanent firewall-cmd --permanent --add-port=9080/tcp --permanent firewall-cmd --reload 11 — (C) fromkk. 2016

Slide 12

Slide 12 text

INSTALL REALM OBJECT SERVER # Setup Realm's PackageCloud repository curl -s https://packagecloud.io/install/repositories/realm/realm/script.rpm.sh | sudo bash # Install the Realm Object Server sudo yum -y install realm-object-server-de # Enable and start the service sudo systemctl enable realm-object-server sudo systemctl start realm-object-server 12 — (C) fromkk. 2016

Slide 13

Slide 13 text

http://yourdomain.com:9080/ 13 — (C) fromkk. 2016

Slide 14

Slide 14 text

INSTALL NGINX rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm yum -y update nginx-release-centos yum -y --enablerepo=nginx install nginx 14 — (C) fromkk. 2016

Slide 15

Slide 15 text

TRY PROXY /etc/nginx/conf.d/default.conf server { listen 80; server_name _; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:9080; } } 15 — (C) fromkk. 2016

Slide 16

Slide 16 text

http://yourdomain.com/ 16 — (C) fromkk. 2016

Slide 17

Slide 17 text

LET'S ENCRYPT 17 — (C) fromkk. 2016

Slide 18

Slide 18 text

INSTALL LET'S ENCRYPT cd /opt git clone https://github.com/certbot/certbot cd ./certbot ./certbot-auto certonly --standalone -d yourdomain.com 18 — (C) fromkk. 2016

Slide 19

Slide 19 text

19 — (C) fromkk. 2016

Slide 20

Slide 20 text

IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/yourdomain.com/fullchain.pem. Your cert will expire on 2017-03-03. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again. To non-interactively renew *all* of your certificates, run "certbot-auto renew" - If you lose your account credentials, you can recover through e-mails sent to [email protected]. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le 20 — (C) fromkk. 2016

Slide 21

Slide 21 text

/etc/nginx/conf.d/default.conf server { listen 443 ssl; server_name yourdomain.com; ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; ssl_trusted_certificate /etc/letsencrypt/live/yourdomain.com/chain.pem; ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE+RSAGCM:ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!aNULL!eNull:!EXPORT:!DES:!3DES:!MD5:!DSS; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:9080; } } 21 — (C) fromkk. 2016

Slide 22

Slide 22 text

https://yourdomain.com/ 22 — (C) fromkk. 2016

Slide 23

Slide 23 text

23 — (C) fromkk. 2016

Slide 24

Slide 24 text

! 24 — (C) fromkk. 2016

Slide 25

Slide 25 text

SAMPLE SWIFT CODE WITH REALM import Realm import RealmSwift let credential: SyncCredentials = SyncCredentials.usernamePassword(username: "YOUR USER NAME", password: "YOUR PASSWORD") SyncUser.logIn(with: credential, server: URL(string: "https://yourdomain.com/")!, onCompletion: { [weak self] (user, error) in if let user = user { let configuration = Realm.Configuration(syncConfiguration: SyncConfiguration(user: user, realmURL: URL(string: "realm://yourdomain.com:9080/~/realm")!)) Realm.Configuration.defaultConfiguration = configuration //write your code! } else if let error = error { print("login failed \(error)") } }) 25 — (C) fromkk. 2016

Slide 26

Slide 26 text

REMOVE ATS SETTING FROM Info.plist - NSAppTransportSecurity - - NSAllowsArbitraryLoads - - 26 — (C) fromkk. 2016

Slide 27

Slide 27 text

SUMMARY > Your can use Realm Object Server with SSL on Nginx proxy. > SSL certification for Free with Let's encrypt. > Ready for 2017 with Realm Mobile Platform! 27 — (C) fromkk. 2016

Slide 28

Slide 28 text

THANK YOU FOR LISTENING! 28 — (C) fromkk. 2016