Compare commits
7 Commits
master
...
2.7.0/stag
Author | SHA1 | Date | |
---|---|---|---|
834ee16f02 | |||
85d1c09aff | |||
eb80e522f7 | |||
a14baa049e | |||
765b0c9102 | |||
0ab65611b0 | |||
52eadb6bf1 |
4
Makefile
4
Makefile
@ -4,8 +4,8 @@
|
||||
|
||||
SOURCE=eole-mariadb
|
||||
VERSION=0.0.1
|
||||
EOLE_VERSION=2.7
|
||||
EOLE_RELEASE=2.7.1
|
||||
EOLE_VERSION=2.6
|
||||
EOLE_RELEASE=2.6.2
|
||||
PKGAPPS=non
|
||||
#FLASK_MODULE=<APPLICATION>
|
||||
|
||||
|
26
README.md
26
README.md
@ -1,31 +1,5 @@
|
||||
# eole-mariadb
|
||||
|
||||
Paquet porté pour la 2.7.1. Les tests n'ont été réalisé que sur un Eolebase.
|
||||
|
||||
La version utilisé est mariadb 10.3
|
||||
|
||||
Ajout de ce paquet sur une 2.7.1 :
|
||||
|
||||
## Add the Cadoles repository on all the nodes and the Leader
|
||||
|
||||
GenConfig [Mode Expert] -> Dépôts Tiers
|
||||
|
||||
* Libellé du dépôt : Cadoles dev
|
||||
* Déclaration du dépôt : deb [ arch=all ] https://vulcain.cadoles.com 2.7.1-dev main
|
||||
* Méthode de récupération de la clé publique du dépôt : URL de la clé
|
||||
* URL de la clé : https://vulcain.cadoles.com/cadoles.gpg
|
||||
|
||||
## Add the MariaDB repository on all the nodes and the Leader
|
||||
|
||||
GenConfig (Mode Expert) -> Dépôt tiers :
|
||||
* Libellé du dépôt : MariaDB
|
||||
* Déclaration du dépôt : deb [ arch=amd64 ] http://mariadb.mirrors.ovh.net/MariaDB/repo/10.3/ubuntu bionic main
|
||||
* Méthode de récupération de la clé publique du dépôt : serveur de clés
|
||||
* URL du serveur de clés : hkp://keyserver.ubuntu.com:80
|
||||
* Empreinte de la clé : 0xF1656F24C74CD1D8
|
||||
|
||||
#######################################################################
|
||||
|
||||
Paquet porté pour la 2.7.0. Les tests n'ont été réalisé que sur un Eolebase.
|
||||
|
||||
La version utilisé est mariadb 10.3
|
||||
|
@ -49,13 +49,7 @@
|
||||
<value>Default</value>
|
||||
</variable>
|
||||
<variable name="accLimitTarget" type="string" description="Restriction d'accès à ces IP/noms d'hôtes (liste séparateur séparateur ',')" />
|
||||
<variable name="create_db" type='oui/non' description="Créer des bases de données">
|
||||
<value>non</value>
|
||||
</variable>
|
||||
</family>
|
||||
<family name="MariaDB Databases">
|
||||
<variable name="db_name" type='string' description='Nom de la base de donnée' multi="True"/>
|
||||
<variable name="db_admin_user" type='string' description="Nom de l'utilisateur gestionnaire de la base de données"/>
|
||||
|
||||
</family>
|
||||
|
||||
<!-- Tunning -->
|
||||
@ -141,11 +135,10 @@
|
||||
</family>
|
||||
<separators>
|
||||
<separator name='dbCreateFixAdmin'>Comptes d'administration supplémentaires</separator>
|
||||
<separator name='create_db'>Ajouter des bases de données</separator>
|
||||
</separators>
|
||||
</variables>
|
||||
<constraints>
|
||||
<check name="valid_ipnetmask" target="maskMariaDBLimit" level="warning">
|
||||
<check name="valid_ipnetmask" target="maskMariaDBLimit" level="warning">
|
||||
<param type='eole'>ipMariaDBLimit</param>
|
||||
</check>
|
||||
|
||||
@ -174,10 +167,6 @@
|
||||
<slave>ifMariaDBLimit</slave>
|
||||
</group>
|
||||
|
||||
<group master='db_name'>
|
||||
<slave>db_admin_user</slave>
|
||||
</group>
|
||||
|
||||
<fill name='calc_multi_condition' target='accLimitTarget'>
|
||||
<param>Default</param>
|
||||
<param type='eole' name='condition_1'>accLimits</param>
|
||||
@ -196,11 +185,6 @@
|
||||
<target type='servicelist'>bdd</target>
|
||||
</condition>
|
||||
|
||||
<condition name='disabled_if_in' source='create_db'>
|
||||
<param>non</param>
|
||||
<target type='family'>MariaDB Databases</target>
|
||||
</condition>
|
||||
|
||||
<condition name='disabled_if_in' source="dbCreateFixAdmin">
|
||||
<param>non</param>
|
||||
<target type='variable'>accName</target>
|
||||
|
69
scripts/extract_hydra
Normal file
69
scripts/extract_hydra
Normal file
@ -0,0 +1,69 @@
|
||||
#!/bin/bash
|
||||
|
||||
DESC="Extraction des logs de connexion de la base Hydra"
|
||||
|
||||
. /usr/share/eole/schedule/config.sh
|
||||
|
||||
file_date=$(date '+%Y%m%d' -d@$(($(date +%s) -3600*24))) # Date pour le format des noms de fichier
|
||||
today=$(date '+%Y-%m-%d') # Date de fin de requête
|
||||
yesterday=$(date '+%Y-%m-%d' -d@$(($(date +%s) -3600*24))) # Date de début de requête
|
||||
exit_status=0
|
||||
|
||||
echo "Begin date: $(date)"
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
select concat ('requested_at: ', requested_at),
|
||||
concat ('request_id: ', request_id),
|
||||
concat ('client_id: ', client_id),
|
||||
concat ('subject: ', subject)
|
||||
into outfile 'access-${file_date}' character set utf8 fields terminated by '|'
|
||||
from hydra_oauth2_access
|
||||
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||
order by requested_at ;
|
||||
EOF
|
||||
(( exit_status = exit_status || $? ))
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
select concat ('requested_at: ', requested_at),
|
||||
concat ('challenge: ', challenge),
|
||||
concat ('error: ', error),
|
||||
concat ('session_access_token: ', session_access_token),
|
||||
concat ('session_id_token: ', session_id_token),
|
||||
concat ('handled at: ', handled_at)
|
||||
into outfile 'consent-request-handled-${file_date}' character set utf8 fields terminated by '|'
|
||||
from hydra_oauth2_consent_request_handled
|
||||
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||
order by requested_at ;
|
||||
EOF
|
||||
(( exit_status = exit_status || $? ))
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
select concat ('requested_at: ', requested_at),
|
||||
concat ('challenge: ', challenge),
|
||||
concat ('request_url: ', request_url),
|
||||
concat ('client_id: ', client_id),
|
||||
concat ('login_session_id: ', login_session_id)
|
||||
into outfile 'authentication-request-${file_date}' character set utf8 fields terminated by '|'
|
||||
from hydra_oauth2_authentication_request
|
||||
where requested_at >= '${yesterday} 00:00:00' and requested_at < '${today} 00:00:00'
|
||||
order by requested_at ;
|
||||
EOF
|
||||
(( exit_status = exit_status || $? ))
|
||||
|
||||
# Tags must be 32 char long max (otherwise, default fwd template truncates it)
|
||||
logger -f /var/lib/mysql/hydra/access-${file_date} -t mariadb_hydra-access-${file_date}
|
||||
logger -f /var/lib/mysql/hydra/consent-request-handled-${file_date} -t mariadb_hydra-consreq-h-${file_date}
|
||||
logger -f /var/lib/mysql/hydra/authentication-request-${file_date} -t mariadb_hydra-authreq-${file_date}
|
||||
|
||||
# Remove log files older than 7 days (already saved on the NAS)
|
||||
find /var/lib/mysql/hydra/ -name 'access-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/lib/mysql/hydra/ -name 'consent-request-handled-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/lib/mysql/hydra/ -name 'authentication-request-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
|
||||
find /var/log/rsyslog/local/mariadb_hydra/ -name 'access-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/log/rsyslog/local/mariadb_hydra/ -name 'consreq-h-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
find /var/log/rsyslog/local/mariadb_hydra/ -name 'authreq-*' -type f -mtime +7 -exec rm -vf {} \;
|
||||
|
||||
echo "End date: $(date)"
|
||||
|
||||
exit $exit_status
|
25
scripts/get_hydra_table_sizes
Executable file
25
scripts/get_hydra_table_sizes
Executable file
@ -0,0 +1,25 @@
|
||||
#!/bin/bash
|
||||
|
||||
(
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
SELECT
|
||||
TABLE_NAME AS \`Table\`,
|
||||
ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024) AS \`Size\`
|
||||
FROM
|
||||
information_schema.TABLES
|
||||
WHERE
|
||||
TABLE_SCHEMA = "hydra"
|
||||
ORDER BY
|
||||
(DATA_LENGTH + INDEX_LENGTH)
|
||||
DESC;
|
||||
EOF
|
||||
) | while read table size; do
|
||||
if [ "${table}" != Table ]; then
|
||||
real_size=$(ls -lh /var/lib/mysql/hydra/${table}.ibd | cut -d' ' -f 5)
|
||||
else
|
||||
real_size="Taille réelle"
|
||||
fi
|
||||
echo -e ${table}\\t${size}M\\t${real_size}
|
||||
done
|
||||
|
||||
echo $a
|
49
scripts/optimize_hydra
Executable file
49
scripts/optimize_hydra
Executable file
@ -0,0 +1,49 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Optimize sur les tables d'Hydra
|
||||
|
||||
echo "Begin date: $(date)"
|
||||
|
||||
part=$1
|
||||
|
||||
if [ -z "$part" ]; then
|
||||
echo 'Bad empty part. Please give a number between 1 and 7'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
case $part in
|
||||
1)
|
||||
tables='hydra_oauth2_access'
|
||||
;;
|
||||
2)
|
||||
tables='hydra_oauth2_oidc'
|
||||
;;
|
||||
3)
|
||||
tables='hydra_oauth2_code'
|
||||
;;
|
||||
4)
|
||||
tables='hydra_oauth2_authentication_request'
|
||||
;;
|
||||
5)
|
||||
tables='hydra_oauth2_consent_request'
|
||||
;;
|
||||
6)
|
||||
tables='hydra_oauth2_logout_request, hydra_oauth2_consent_request_handled'
|
||||
;;
|
||||
7)
|
||||
tables='hydra_oauth2_authentication_session, hydra_oauth2_authentication_request_handled, hydra_oauth2_pkce'
|
||||
;;
|
||||
*)
|
||||
echo "Unexpected error. Part: $part"
|
||||
exit 1
|
||||
esac
|
||||
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf hydra <<EOF
|
||||
OPTIMIZE TABLE $tables;
|
||||
EOF
|
||||
|
||||
exit_val=$?
|
||||
|
||||
echo "End date: $(date)"
|
||||
|
||||
exit $exit_val
|
Loading…
Reference in New Issue
Block a user