version bump, maintenance service/timer
This commit is contained in:
parent
04eb618baa
commit
b75ef3aafc
11
Makefile
11
Makefile
|
@ -6,9 +6,12 @@ radius_dict = $(CHROOT)/etc/raddb/dictionary.orig
|
|||
radius_module = $(CHROOT)/etc/raddb/mods-enabled/perl-privacyidea
|
||||
radius_site = $(CHROOT)/etc/raddb/sites-enabled/privacyidea
|
||||
|
||||
systemd-units: appliance/MySQL-Backup.sh appliance/backup.service appliance/backup.timer appliance/cert-renew.service appliance/cert-renew.timer
|
||||
cp appliance/MySQL-Backup.sh $(CHROOT)/usr/local/bin/
|
||||
cp appliance/backup.service appliance/backup.timer appliance/cert-renew.service appliance/cert-renew.timer $(CHROOT)/etc/systemd/system/
|
||||
systemd-units: appliance/pi-maint.service appliance/pi-maint.timer appliance/cert-renew.service appliance/cert-renew.timer
|
||||
cp appliance/pi-maint.service appliance/pi-maint.timer appliance/cert-renew.service appliance/cert-renew.timer $(CHROOT)/etc/systemd/system/
|
||||
|
||||
logrotate: appliance/logrotate-freeradius appliance/logrotate-privacyidea
|
||||
cp appliance/logrotate-freeradius $(CHROOT)/etc/logrotate.d/freeradius
|
||||
cp appliance/logrotate-privacyidea $(CHROOT)/etc/logrotate.d/privacyidea
|
||||
|
||||
$(02firstboot): appliance/02firstboot.start
|
||||
mkdir -p $(CHROOT)/etc/local.d
|
||||
|
@ -83,4 +86,4 @@ $(CHROOT)/var/lib/mysql: mariadb/my.cnf.root
|
|||
|
||||
preinstall:
|
||||
|
||||
postinstall: systemd-units $(apache_conf) $(02firstboot) $(cert-renew.sh) $(pi_log) $(radius_dict) $(radius_module) $(radius_site) $(CHROOT)/var/lib/mysql
|
||||
postinstall: systemd-units logrotate $(apache_conf) $(02firstboot) $(cert-renew.sh) $(pi_log) $(radius_dict) $(radius_module) $(radius_site) $(CHROOT)/var/lib/mysql
|
||||
|
|
|
@ -66,7 +66,7 @@ fi
|
|||
|
||||
|
||||
# Database
|
||||
systemctl stop mariadb
|
||||
systemctl stop mariadb.service
|
||||
if [ ! -d "/$LABEL/var/lib/mysql/pi" ]; then
|
||||
echo 'Initialize MariaDB...'
|
||||
mkdir -p "/$LABEL/var/lib"
|
||||
|
@ -84,7 +84,7 @@ if [ ! -d "/$LABEL/var/lib/mysql/pi" ]; then
|
|||
echo '### ERROR initialize database !!! ###'
|
||||
exit 1
|
||||
fi
|
||||
systemctl start mariadb
|
||||
systemctl start mariadb.service
|
||||
sleep 5
|
||||
|
||||
echo 'Create privacyIDEA database...'
|
||||
|
@ -105,7 +105,7 @@ else
|
|||
rm -f "/var/lib/mysql"
|
||||
fi
|
||||
ln -s "/$LABEL/var/lib/mysql" "/var/lib/mysql"
|
||||
systemctl start mariadb
|
||||
systemctl start mariadb.service
|
||||
fi
|
||||
|
||||
if [ -x "/$LABEL/etc/ssl/cert-renew.sh" ]; then
|
||||
|
@ -138,12 +138,14 @@ ln -sf "/$LABEL/etc/ssl/apache2" "/etc/ssl/apache2"
|
|||
|
||||
/etc/ssl/cert-renew.sh
|
||||
|
||||
systemctl enable mariadb
|
||||
systemctl enable freeradius
|
||||
systemctl enable apache2
|
||||
systemctl enable mariadb.service
|
||||
systemctl enable freeradius.service
|
||||
systemctl enable apache2.service
|
||||
systemctl enable logrotate.timer
|
||||
|
||||
systemctl restart freeradius
|
||||
systemctl restart apache2
|
||||
systemctl restart freeradius.service
|
||||
systemctl restart apache2.service
|
||||
systemctl restart logrotate.timer
|
||||
|
||||
echo
|
||||
echo "Success!"
|
||||
|
|
|
@ -1,32 +0,0 @@
|
|||
#!/bin/bash
|
||||
PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
|
||||
|
||||
DIR="/DATA/Backup/MySQL"
|
||||
|
||||
if [ -z $1 ]; then
|
||||
echo "database name missing! use --all for all db's"
|
||||
exit 1;
|
||||
elif [ $1 = '--all' ]; then
|
||||
echo "full backup"
|
||||
for i in `mysqlshow --defaults-file=/root/.my.cnf | awk '{print $2}' | grep -v Databases`; do
|
||||
if [ "$i" != "information_schema" ] && [ "$i" != "performance_schema" ]; then
|
||||
if test -f ${DIR}/${i}.sql; then
|
||||
echo "Move ${DIR}/${i}.sql to ${DIR}/${i}.sql.1"
|
||||
mv ${DIR}/${i}.sql ${DIR}/${i}.sql.1
|
||||
fi
|
||||
echo "dump ${i} to ${DIR}/${i}.sgl"
|
||||
mysqldump --defaults-file=/root/.my.cnf --single-transaction --events --opt -QF -r${DIR}/${i}.sql $i
|
||||
chmod 600 ${DIR}/${i}.sql
|
||||
fi
|
||||
done;
|
||||
elif [ -n $1 ]; then
|
||||
echo "Starting backup of $1"
|
||||
if test -f $DIR/$1.sql; then
|
||||
echo "Move $DIR/$1.sql to $DIR/$1.sql.1"
|
||||
mv ${DIR}/${1}.sql ${DIR}/${1}.sql.1
|
||||
fi
|
||||
mysqldump --defaults-file=/root/.my.cnf --single-transaction --opt -QF -r${DIR}/${1}.sql $1
|
||||
chmod 600 ${DIR}/${1}.sql
|
||||
fi
|
||||
echo "Done"
|
||||
exit 0;
|
|
@ -1,8 +0,0 @@
|
|||
[Unit]
|
||||
Description=execute backup tasks
|
||||
RefuseManualStart=no
|
||||
RefuseManualStop=yes
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/bin/MySQL-Backup.sh --all
|
|
@ -1,12 +0,0 @@
|
|||
[Unit]
|
||||
Description=execute backup tasks
|
||||
RefuseManualStart=no
|
||||
RefuseManualStop=no
|
||||
|
||||
[Timer]
|
||||
Persistent=false
|
||||
OnCalendar=Sun *-*-* 02:19:00
|
||||
Unit=backup.service
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
|
@ -9,4 +9,4 @@ OnCalendar=Sun *-*-* 04:03:00
|
|||
Unit=cert-renew.service
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
WantedBy=timers.target
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
/var/log/radius/*.log {
|
||||
missingok
|
||||
notifempty
|
||||
sharedscripts
|
||||
postrotate
|
||||
if test -d /run/systemd/system ; then
|
||||
systemctl reload freeradius.service > /dev/null 2>&1 || true
|
||||
else
|
||||
/etc/init.d/freeradius reload > /dev/null 2>&1 || true
|
||||
fi
|
||||
endscript
|
||||
}
|
|
@ -0,0 +1,4 @@
|
|||
/var/log/privacyidea/*.log {
|
||||
missingok
|
||||
notifempty
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
[Unit]
|
||||
Description=execute privacyIDEA maintenance
|
||||
RefuseManualStart=no
|
||||
RefuseManualStop=yes
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -c 'rm /var/lib/privacyidea/backup/privacyidea-backup-*'
|
||||
ExecStart=/usr/bin/pi-manage rotate_audit
|
||||
ExecStart=/usr/bin/pi-manage backup create
|
|
@ -0,0 +1,12 @@
|
|||
[Unit]
|
||||
Description=privacyIDEA maintenance
|
||||
RefuseManualStart=no
|
||||
RefuseManualStop=no
|
||||
|
||||
[Timer]
|
||||
Persistent=false
|
||||
OnCalendar=Sun *-*-* 03:19:00
|
||||
Unit=pi-maint.service
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -10,6 +10,7 @@ dev-python/yubiotp
|
|||
dev-python/pycrypto
|
||||
dev-python/mysql-connector-python
|
||||
dev-python/pytest-cov
|
||||
dev-python/segno
|
||||
dev-python/sphinx
|
||||
dev-python/sphinxcontrib-applehelp
|
||||
dev-python/sphinxcontrib-devhelp
|
||||
|
@ -23,9 +24,5 @@ dev-python/grpcio-tools
|
|||
# grunt, wird nur zur privacyIDEA-Translation benötigt
|
||||
dev-nodejs/*
|
||||
|
||||
### stable kann kein python3
|
||||
##net-fs/samba
|
||||
##sys-libs/ldb
|
||||
##sys-libs/talloc
|
||||
##sys-libs/tdb
|
||||
##sys-libs/tevent
|
||||
# Compile error with stable 2.6.4
|
||||
net-nds/openldap
|
||||
|
|
|
@ -9,6 +9,7 @@ sci-libs/hdf5 -cxx -fortran -hl
|
|||
|
||||
# RADIUS (ohne Samba kein rlm_mschap.so)
|
||||
net-dialup/freeradius kerberos ldap mysql python samba
|
||||
net-dns/bind gssapi
|
||||
net-dns/bind-tools gssapi
|
||||
net-fs/samba ads gnutls ldap python winbind
|
||||
sys-libs/ldb ldap python
|
||||
|
|
Loading…
Reference in New Issue