Merge branch '2.7.0/staging' into dist/eole/2.7.0/staging
This commit is contained in:
commit
53a9eddfcd
20
schedule/extra/01_extract_hydra.xml
Normal file
20
schedule/extra/01_extract_hydra.xml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
|
||||||
|
<creole>
|
||||||
|
<variables>
|
||||||
|
<family name="extract_hydra" description="Optimize sur les tables d'Hydra">
|
||||||
|
<variable name="description" type="string" hidden="True"><value>Extraction des logs utils de la base Hydra</value></variable>
|
||||||
|
<variable name="day" type="schedule" description="Périodicité d'exécution"><value>daily</value></variable>
|
||||||
|
<variable name="mode" type="schedulemod" hidden="True"><value>post</value></variable>
|
||||||
|
</family>
|
||||||
|
</variables>
|
||||||
|
<constraints>
|
||||||
|
<!-- Désactive les extractions si on est pas sur la machine qui fait les backups -->
|
||||||
|
<fill name='calc_multi_condition' target='schedule.extract_hydra.day'>
|
||||||
|
<param>non</param>
|
||||||
|
<param type='eole' name='condition_1'>dbEnableBackup</param>
|
||||||
|
<param name='match'>none</param>
|
||||||
|
<param name='mismatch'>daily</param>
|
||||||
|
</fill>
|
||||||
|
</constraints>
|
||||||
|
</creole>
|
69
schedule/scripts/extract_hydra_logs
Normal file
69
schedule/scripts/extract_hydra_logs
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
DESC="Extraction des logs de connexion de la base Hydra"
|
||||||
|
|
||||||
|
. /usr/share/eole/schedule/config.sh
|
||||||
|
|
||||||
|
file_date=$(date '+%Y%m%d' -d@$(($(date +%s) -3600*24))) # Date pour le format des noms de fichier
|
||||||
|
today=$(date '+%Y-%m-%d') # Date de fin de requête
|
||||||
|
yesterday=$(date '+%Y-%m-%d' -d@$(($(date +%s) -3600*24))) # Date de début de requête
|
||||||
|
exit_status=0
|
||||||
|
|
||||||
|
echo "Begin date: $(date)"
|
||||||
|
|
||||||
|
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||||
|
select concat ('requested_at: ', requested_at),
|
||||||
|
concat ('request_id: ', request_id),
|
||||||
|
concat ('client_id: ', client_id),
|
||||||
|
concat ('subject: ', subject)
|
||||||
|
into outfile 'access-${file_date}' character set utf8 fields terminated by '|'
|
||||||
|
from hydra_oauth2_access
|
||||||
|
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||||
|
order by requested_at ;
|
||||||
|
EOF
|
||||||
|
(( exit_status = exit_status || $? ))
|
||||||
|
|
||||||
|
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||||
|
select concat ('requested_at: ', requested_at),
|
||||||
|
concat ('challenge: ', challenge),
|
||||||
|
concat ('error: ', error),
|
||||||
|
concat ('session_access_token: ', session_access_token),
|
||||||
|
concat ('session_id_token: ', session_id_token),
|
||||||
|
concat ('handled at: ', handled_at)
|
||||||
|
into outfile 'consent-request-handled-${file_date}' character set utf8 fields terminated by '|'
|
||||||
|
from hydra_oauth2_consent_request_handled
|
||||||
|
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||||
|
order by requested_at ;
|
||||||
|
EOF
|
||||||
|
(( exit_status = exit_status || $? ))
|
||||||
|
|
||||||
|
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||||
|
select concat ('requested_at: ', requested_at),
|
||||||
|
concat ('challenge: ', challenge),
|
||||||
|
concat ('request_url: ', request_url),
|
||||||
|
concat ('client_id: ', client_id),
|
||||||
|
concat ('login_session_id: ', login_session_id)
|
||||||
|
into outfile 'authentication-request-${file_date}' character set utf8 fields terminated by '|'
|
||||||
|
from hydra_oauth2_authentication_request
|
||||||
|
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||||
|
order by requested_at ;
|
||||||
|
EOF
|
||||||
|
(( exit_status = exit_status || $? ))
|
||||||
|
|
||||||
|
# Tags must be 32 char long max (otherwise, default fwd template truncates it)
|
||||||
|
logger -f /var/lib/mysql/hydra/access-${file_date} -t mariadb_hydra-access-${file_date}
|
||||||
|
logger -f /var/lib/mysql/hydra/consent-request-handled-${file_date} -t mariadb_hydra-consreq-h-${file_date}
|
||||||
|
logger -f /var/lib/mysql/hydra/authentication-request-${file_date} -t mariadb_hydra-authreq-${file_date}
|
||||||
|
|
||||||
|
# Remove log files older than 7 days (already saved on the NAS)
|
||||||
|
find /var/lib/mysql/hydra/ -name 'access-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||||
|
find /var/lib/mysql/hydra/ -name 'consent-request-handled-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||||
|
find /var/lib/mysql/hydra/ -name 'authentication-request-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||||
|
|
||||||
|
find /var/log/rsyslog/local/mariadb_hydra/ -name 'access-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||||
|
find /var/log/rsyslog/local/mariadb_hydra/ -name 'consreq-h-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||||
|
find /var/log/rsyslog/local/mariadb_hydra/ -name 'authreq-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||||
|
|
||||||
|
echo "End date: $(date)"
|
||||||
|
|
||||||
|
exit $exit_status
|
@ -9,19 +9,11 @@ DESC="Exportation des bases MariaDB"
|
|||||||
MYSQLSAVDIR=$SAVDIR/sql
|
MYSQLSAVDIR=$SAVDIR/sql
|
||||||
OPTION="--lock-tables"
|
OPTION="--lock-tables"
|
||||||
|
|
||||||
rm -f $MYSQLSAVDIR/*.sql || true
|
if [[ -d ${MYSQLSAVDIR} ]]
|
||||||
mkdir -p $MYSQLSAVDIR
|
then
|
||||||
|
rm -rf ${MYSQLSAVDIR}
|
||||||
|
mkdir -p ${MYSQLSAVDIR}
|
||||||
|
fi
|
||||||
|
|
||||||
DATABASES=$(mysql --defaults-file=/etc/mysql/debian.cnf -e 'show databases' | grep -v '^Database$')
|
mariabackup --defaults-file=/etc/mysql/debian.cnf --backup --target-dir=$MYSQLSAVDIR
|
||||||
for databasename in $DATABASES; do
|
exit $?
|
||||||
case "$databasename" in
|
|
||||||
information_schema|performance_schema|bareos)
|
|
||||||
continue
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
mysqldump --defaults-file=/etc/mysql/debian.cnf --databases $databasename --flush-privileges --create-options -Q -c $OPTION > $MYSQLSAVDIR/$databasename.sql
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
exit 0
|
|
||||||
|
25
scripts/get_hydra_table_sizes
Executable file
25
scripts/get_hydra_table_sizes
Executable file
@ -0,0 +1,25 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
(
|
||||||
|
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||||
|
SELECT
|
||||||
|
TABLE_NAME AS \`Table\`,
|
||||||
|
ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024) AS \`Size\`
|
||||||
|
FROM
|
||||||
|
information_schema.TABLES
|
||||||
|
WHERE
|
||||||
|
TABLE_SCHEMA = "hydra"
|
||||||
|
ORDER BY
|
||||||
|
(DATA_LENGTH + INDEX_LENGTH)
|
||||||
|
DESC;
|
||||||
|
EOF
|
||||||
|
) | while read table size; do
|
||||||
|
if [ "${table}" != Table ]; then
|
||||||
|
real_size=$(ls -lh /var/lib/mysql/hydra/${table}.ibd | cut -d' ' -f 5)
|
||||||
|
else
|
||||||
|
real_size="Taille réelle"
|
||||||
|
fi
|
||||||
|
echo -e ${table}\\t${size}M\\t${real_size}
|
||||||
|
done
|
||||||
|
|
||||||
|
echo $a
|
49
scripts/optimize_hydra
Executable file
49
scripts/optimize_hydra
Executable file
@ -0,0 +1,49 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Optimize sur les tables d'Hydra
|
||||||
|
|
||||||
|
echo "Begin date: $(date)"
|
||||||
|
|
||||||
|
part=$1
|
||||||
|
|
||||||
|
if [ -z "$part" ]; then
|
||||||
|
echo 'Bad empty part. Please give a number between 1 and 7'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
case $part in
|
||||||
|
1)
|
||||||
|
tables='hydra_oauth2_access'
|
||||||
|
;;
|
||||||
|
2)
|
||||||
|
tables='hydra_oauth2_oidc'
|
||||||
|
;;
|
||||||
|
3)
|
||||||
|
tables='hydra_oauth2_code'
|
||||||
|
;;
|
||||||
|
4)
|
||||||
|
tables='hydra_oauth2_authentication_request'
|
||||||
|
;;
|
||||||
|
5)
|
||||||
|
tables='hydra_oauth2_consent_request'
|
||||||
|
;;
|
||||||
|
6)
|
||||||
|
tables='hydra_oauth2_logout_request, hydra_oauth2_consent_request_handled'
|
||||||
|
;;
|
||||||
|
7)
|
||||||
|
tables='hydra_oauth2_authentication_session, hydra_oauth2_authentication_request_handled, hydra_oauth2_pkce'
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Unexpected error. Part: $part"
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
|
||||||
|
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||||
|
OPTIMIZE TABLE $tables;
|
||||||
|
EOF
|
||||||
|
|
||||||
|
exit_val=$?
|
||||||
|
|
||||||
|
echo "End date: $(date)"
|
||||||
|
|
||||||
|
exit $exit_val
|
Loading…
Reference in New Issue
Block a user