Compare commits
47 Commits
master
...
dist/eole/
Author | SHA1 | Date | |
---|---|---|---|
476803ad5a | |||
85d1c09aff | |||
9d752e400c | |||
eb80e522f7 | |||
a14baa049e | |||
765b0c9102 | |||
0ab65611b0 | |||
33a7cf66c6 | |||
52eadb6bf1 | |||
144375c761 | |||
fc706a56e7 | |||
b3b39fc4a4 | |||
d34670a998 | |||
2f5f17adc4 | |||
38404340d4 | |||
bbc87b8656 | |||
b4cccc5e12 | |||
68eaa03db2 | |||
5c7bbbde79 | |||
ed910e72ee | |||
142d73afad | |||
08d7ed927c | |||
f375a121ae | |||
4709c28223 | |||
98bfcc1416 | |||
ae696769ed | |||
534e04671a | |||
61383bb17a | |||
5aa0262331 | |||
b550833a25 | |||
517625cf66 | |||
7a9855f234 | |||
764ae6320c | |||
d9425736c6 | |||
cbb1319e48 | |||
be88b407b4 | |||
c87a989b22 | |||
d1e813aaa8 | |||
eb6854d313 | |||
c723edd095 | |||
37e5cbb3b2 | |||
4d00207271 | |||
5e98dafab2 | |||
1fb5fd21b8 | |||
8cf9168763 | |||
0dfdb70080 | |||
6d4b75c679 |
1
debian/compat
vendored
Normal file
1
debian/compat
vendored
Normal file
@ -0,0 +1 @@
|
||||
9
|
18
debian/control
vendored
Normal file
18
debian/control
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
Source: eole-mariadb
|
||||
Section: web
|
||||
Priority: optional
|
||||
Maintainer: Cadoles <eole@ac-dijon.fr>
|
||||
Build-Depends: debhelper (>= 9)
|
||||
Standards-Version: 3.9.3
|
||||
Homepage: https://forge.cadoles.com/Cadoles/eole-mariadb
|
||||
Vcs-Git: https://forge.cadoles.com/Cadoles/eole-mariadb.git
|
||||
Vcs-Browser: https://forge.cadoles.com/Cadoles/eole-mariadb
|
||||
|
||||
Package: eole-mariadb
|
||||
Architecture: all
|
||||
Depends: ${misc:Depends}, mariadb-server, mariadb-backup
|
||||
Conflicts: eole-mysql
|
||||
Provides: eole-mysql
|
||||
Description: Dictionnaires et templates pour la configuration d'un serveur MariaDB, testée uniquement avec eolebase
|
||||
.
|
||||
Pour toute information complémentaire, veuillez vous rendre sur la forge Cadoles.
|
44
debian/copyright
vendored
Normal file
44
debian/copyright
vendored
Normal file
@ -0,0 +1,44 @@
|
||||
Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Upstream-Name: {PROJECT}
|
||||
Source: {URL}
|
||||
|
||||
Files: *
|
||||
Copyright: YEAR {UPSTREAM} {AUTHOR} <{MAIL}>
|
||||
License: {UPSTREAM LICENSE}
|
||||
|
||||
Files: debian/*
|
||||
Copyright: 2012 Équipe EOLE <eole@ac-dijon.fr>
|
||||
License: CeCILL-2
|
||||
|
||||
License: {UPSTREAM LICENSE}
|
||||
{TEXT OF THE LICENSE}
|
||||
|
||||
License: CeCILL-2
|
||||
This software is governed by the CeCILL-2 license under French law and
|
||||
abiding by the rules of distribution of free software. You can use,
|
||||
modify and or redistribute the software under the terms of the CeCILL-2
|
||||
license as circulated by CEA, CNRS and INRIA at the following URL
|
||||
"http://www.cecill.info";.
|
||||
.
|
||||
As a counterpart to the access to the source code and rights to copy,
|
||||
modify and redistribute granted by the license, users are provided only
|
||||
with a limited warranty and the software's author, the holder of the
|
||||
economic rights, and the successive licensors have only limited
|
||||
liability.
|
||||
.
|
||||
In this respect, the user's attention is drawn to the risks associated
|
||||
with loading, using, modifying and/or developing or reproducing the
|
||||
software by the user in light of its specific status of free software,
|
||||
that may mean that it is complicated to manipulate, and that also
|
||||
therefore means that it is reserved for developers and experienced
|
||||
professionals having in-depth computer knowledge. Users are therefore
|
||||
encouraged to load and test the software's suitability as regards their
|
||||
requirements in conditions enabling the security of their systems and/or
|
||||
data to be ensured and, more generally, to use and operate it in the
|
||||
same conditions as regards security.
|
||||
.
|
||||
The fact that you are presently reading this means that you have had
|
||||
knowledge of the CeCILL-2 license and that you accept its terms.
|
||||
.
|
||||
On Eole systems, the complete text of the CeCILL-2 License can be found
|
||||
in '/usr/share/common-licenses/CeCILL-2-en'.
|
3
debian/gbp.conf
vendored
Normal file
3
debian/gbp.conf
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
# Set per distribution debian tag
|
||||
[DEFAULT]
|
||||
debian-tag = debian/eole/%(version)s
|
8
debian/rules
vendored
Executable file
8
debian/rules
vendored
Executable file
@ -0,0 +1,8 @@
|
||||
#!/usr/bin/make -f
|
||||
# -*- makefile -*-
|
||||
|
||||
# Uncomment this to turn on verbose mode.
|
||||
#export DH_VERBOSE=1
|
||||
|
||||
%:
|
||||
dh $@
|
BIN
debian/source/.format.un~
vendored
Normal file
BIN
debian/source/.format.un~
vendored
Normal file
Binary file not shown.
1
debian/source/format
vendored
Normal file
1
debian/source/format
vendored
Normal file
@ -0,0 +1 @@
|
||||
3.0 (native)
|
20
schedule/extra/01_extract_hydra.xml
Normal file
20
schedule/extra/01_extract_hydra.xml
Normal file
@ -0,0 +1,20 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
|
||||
<creole>
|
||||
<variables>
|
||||
<family name="extract_hydra" description="Extraction des logs utiles d'Hydra">
|
||||
<variable name="description" type="string" hidden="True"><value>Extraction des logs utiles de la base Hydra</value></variable>
|
||||
<variable name="day" type="schedule" description="Périodicité d'exécution"><value>daily</value></variable>
|
||||
<variable name="mode" type="schedulemod" hidden="True"><value>post</value></variable>
|
||||
</family>
|
||||
</variables>
|
||||
<constraints>
|
||||
<!-- Désactive les extractions si on est pas sur la machine qui fait les backups -->
|
||||
<fill name='calc_multi_condition' target='schedule.extract_hydra.day'>
|
||||
<param>non</param>
|
||||
<param type='eole' name='condition_1'>dbEnableBackup</param>
|
||||
<param name='match'>none</param>
|
||||
<param name='mismatch'>daily</param>
|
||||
</fill>
|
||||
</constraints>
|
||||
</creole>
|
69
schedule/scripts/extract_hydra
Normal file
69
schedule/scripts/extract_hydra
Normal file
@ -0,0 +1,69 @@
|
||||
#!/bin/bash
|
||||
|
||||
DESC="Extraction des logs de connexion de la base Hydra"
|
||||
|
||||
. /usr/share/eole/schedule/config.sh
|
||||
|
||||
file_date=$(date '+%Y%m%d' -d@$(($(date +%s) -3600*24))) # Date pour le format des noms de fichier
|
||||
today=$(date '+%Y-%m-%d') # Date de fin de requête
|
||||
yesterday=$(date '+%Y-%m-%d' -d@$(($(date +%s) -3600*24))) # Date de début de requête
|
||||
exit_status=0
|
||||
|
||||
echo "Begin date: $(date)"
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
select concat ('requested_at: ', requested_at),
|
||||
concat ('request_id: ', request_id),
|
||||
concat ('client_id: ', client_id),
|
||||
concat ('subject: ', subject)
|
||||
into outfile 'access-${file_date}' character set utf8 fields terminated by '|'
|
||||
from hydra_oauth2_access
|
||||
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||
order by requested_at ;
|
||||
EOF
|
||||
(( exit_status = exit_status || $? ))
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
select concat ('requested_at: ', requested_at),
|
||||
concat ('challenge: ', challenge),
|
||||
concat ('error: ', error),
|
||||
concat ('session_access_token: ', session_access_token),
|
||||
concat ('session_id_token: ', session_id_token),
|
||||
concat ('handled at: ', handled_at)
|
||||
into outfile 'consent-request-handled-${file_date}' character set utf8 fields terminated by '|'
|
||||
from hydra_oauth2_consent_request_handled
|
||||
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||
order by requested_at ;
|
||||
EOF
|
||||
(( exit_status = exit_status || $? ))
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
select concat ('requested_at: ', requested_at),
|
||||
concat ('challenge: ', challenge),
|
||||
concat ('request_url: ', request_url),
|
||||
concat ('client_id: ', client_id),
|
||||
concat ('login_session_id: ', login_session_id)
|
||||
into outfile 'authentication-request-${file_date}' character set utf8 fields terminated by '|'
|
||||
from hydra_oauth2_authentication_request
|
||||
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||
order by requested_at ;
|
||||
EOF
|
||||
(( exit_status = exit_status || $? ))
|
||||
|
||||
# Tags must be 32 char long max (otherwise, default fwd template truncates it)
|
||||
logger -f /var/lib/mysql/hydra/access-${file_date} -t mariadb_hydra-access-${file_date}
|
||||
logger -f /var/lib/mysql/hydra/consent-request-handled-${file_date} -t mariadb_hydra-consreq-h-${file_date}
|
||||
logger -f /var/lib/mysql/hydra/authentication-request-${file_date} -t mariadb_hydra-authreq-${file_date}
|
||||
|
||||
# Remove log files older than 7 days (already saved on the NAS)
|
||||
find /var/lib/mysql/hydra/ -name 'access-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/lib/mysql/hydra/ -name 'consent-request-handled-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/lib/mysql/hydra/ -name 'authentication-request-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
|
||||
find /var/log/rsyslog/local/mariadb_hydra/ -name 'access-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/log/rsyslog/local/mariadb_hydra/ -name 'consreq-h-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/log/rsyslog/local/mariadb_hydra/ -name 'authreq-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
|
||||
echo "End date: $(date)"
|
||||
|
||||
exit $exit_status
|
@ -9,9 +9,11 @@ DESC="Exportation des bases MariaDB"
|
||||
MYSQLSAVDIR=$SAVDIR/sql
|
||||
OPTION="--lock-tables"
|
||||
|
||||
rm -f $MYSQLSAVDIR/*.sql || true
|
||||
mkdir -p $MYSQLSAVDIR
|
||||
if [[ -d ${MYSQLSAVDIR} ]]
|
||||
then
|
||||
rm -rf ${MYSQLSAVDIR}
|
||||
mkdir -p ${MYSQLSAVDIR}
|
||||
fi
|
||||
|
||||
mariabackup --defaults-file=/etc/mysql/debian.cnf --backup --target-dir=$MYSQLSAVDIR
|
||||
|
||||
exit 0
|
||||
exit $?
|
||||
|
25
scripts/get_hydra_table_sizes
Executable file
25
scripts/get_hydra_table_sizes
Executable file
@ -0,0 +1,25 @@
|
||||
#!/bin/bash
|
||||
|
||||
(
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
SELECT
|
||||
TABLE_NAME AS \`Table\`,
|
||||
ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024) AS \`Size\`
|
||||
FROM
|
||||
information_schema.TABLES
|
||||
WHERE
|
||||
TABLE_SCHEMA = "hydra"
|
||||
ORDER BY
|
||||
(DATA_LENGTH + INDEX_LENGTH)
|
||||
DESC;
|
||||
EOF
|
||||
) | while read table size; do
|
||||
if [ "${table}" != Table ]; then
|
||||
real_size=$(ls -lh /var/lib/mysql/hydra/${table}.ibd | cut -d' ' -f 5)
|
||||
else
|
||||
real_size="Taille réelle"
|
||||
fi
|
||||
echo -e ${table}\\t${size}M\\t${real_size}
|
||||
done
|
||||
|
||||
echo $a
|
49
scripts/optimize_hydra
Executable file
49
scripts/optimize_hydra
Executable file
@ -0,0 +1,49 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Optimize sur les tables d'Hydra
|
||||
|
||||
echo "Begin date: $(date)"
|
||||
|
||||
part=$1
|
||||
|
||||
if [ -z "$part" ]; then
|
||||
echo 'Bad empty part. Please give a number between 1 and 7'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case $part in
|
||||
1)
|
||||
tables='hydra_oauth2_access'
|
||||
;;
|
||||
2)
|
||||
tables='hydra_oauth2_oidc'
|
||||
;;
|
||||
3)
|
||||
tables='hydra_oauth2_code'
|
||||
;;
|
||||
4)
|
||||
tables='hydra_oauth2_authentication_request'
|
||||
;;
|
||||
5)
|
||||
tables='hydra_oauth2_consent_request'
|
||||
;;
|
||||
6)
|
||||
tables='hydra_oauth2_logout_request, hydra_oauth2_consent_request_handled'
|
||||
;;
|
||||
7)
|
||||
tables='hydra_oauth2_authentication_session, hydra_oauth2_authentication_request_handled, hydra_oauth2_pkce'
|
||||
;;
|
||||
*)
|
||||
echo "Unexpected error. Part: $part"
|
||||
exit 1
|
||||
esac
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
OPTIMIZE TABLE $tables;
|
||||
EOF
|
||||
|
||||
exit_val=$?
|
||||
|
||||
echo "End date: $(date)"
|
||||
|
||||
exit $exit_val
|
Loading…
Reference in New Issue
Block a user