European-Airports
/
master
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added database container

master
Florian Meissner 2023-07-14 18:08:47 +02:00
parent 3cd72c0396
commit 80c6851cb3
22 changed files with 868 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@ -31,3 +31,5 @@ COMPOSE_PROJECT_NAME=european-airports
# Set Image versions # Set Image versions
NGINX_VERSION=1.23-alpine NGINX_VERSION=1.23-alpine
PHP_VERSION=8.2-fpm-alpine PHP_VERSION=8.2-fpm-alpine
MARIADB_VERSION=10.11

2
.gitignore vendored
View File

@ -30,7 +30,7 @@
config.php config.php
# Docker Secrets # Docker Secrets
**/secrets/ **/secrets/*_pw.txt
# Include all README files # Include all README files
!**/README.md !**/README.md

2
database

@ -1 +1 @@
Subproject commit 98b09ea1738f3acae35048ae70db30c1fc069e65 Subproject commit a0e8c932c36b0f6fa3144e626d162fbd42285c4c

61
docker-compose.yml
View File

@ -59,6 +59,8 @@ services:
PHP_VERSION: ${PHP_VERSION} PHP_VERSION: ${PHP_VERSION}
image: european-airports/api-php-fpm image: european-airports/api-php-fpm
restart: always restart: always
depends_on:
- database
env_file: env_file:
- ./php-fpm/php.env - ./php-fpm/php.env
- ./backend/php.env - ./backend/php.env
@ -66,9 +68,10 @@ services:
- ./backend/src/:/var/www/html - ./backend/src/:/var/www/html
networks: networks:
- backend - backend
# secrets: secrets:
# - - eaBackendUser
- eaBackendPw
frontend-nginx: frontend-nginx:
container_name: european-airports_www-nginx container_name: european-airports_www-nginx
build: build:
@ -104,9 +107,35 @@ services:
- ./frontend/src/:/var/www/html - ./frontend/src/:/var/www/html
networks: networks:
- web - web
# secrets:
# - database:
container_name: european-airports_mariadb
build:
context: ./mariadb
args:
MARIADB_VERSION: ${MARIADB_VERSION}
image: european-airports/mariadb
restart: "no" # always
env_file:
- ./mariadb/mariadb.env
- ./database/mariadb.env
volumes:
- ./database/data:/var/lib/mysql
- ./database/init:/docker-entrypoint-initdb.d:ro
secrets:
- rootUser
- rootPw
- eaBackendUser
- eaBackendPw
- eaBackendGrantTable
- checkmkUser
- checkmkPw
- checkmkPrivs
networks:
- backend
labels:
- "traefik.enable=false"
networks: networks:
backend: backend:
driver: bridge driver: bridge
@ -116,6 +145,20 @@ networks:
driver: bridge driver: bridge
name: "european-airports/web" name: "european-airports/web"
# secrets: secrets:
# vereinsflieger: checkmkUser:
# file: ./secrets/vereinsflieger.txt file: ./secrets/checkmk_name.txt
checkmkPw:
file: ./secrets/checkmk_pw.txt
checkmkPrivs:
file: ./secrets/checkmk_privileges.txt
eaBackendUser:
file: ./secrets/eaBackend_name.txt
eaBackendPw:
file: ./secrets/eaBackend_pw.txt
eaBackendGrantTable:
file: ./secrets/eaBackend_grantTable.txt
rootUser:
file: ./secrets/root_name.txt
rootPw:
file: ./secrets/root_pw.txt

31
mariadb/.dockerignore Normal file
View File

@ -0,0 +1,31 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# List files to exclude from the docker context here. Syntax is the same as for .gitignore.
data/

74
mariadb/Dockerfile Normal file
View File

@ -0,0 +1,74 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
ARG MARIADB_VERSION
FROM mariadb:${MARIADB_VERSION}
# Set timezone
RUN echo "Etc/UTC" > /etc/timezone && \
dpkg-reconfigure -f noninteractive tzdata
# Copy config files
COPY etc/ /etc/
# Copy update script
COPY tools/osupdate /sbin/osupdate
COPY tools/dbInit.sh /dbInit.sh
COPY tools/dbDump.sh /dbDump.sh
# Copy CheckMk files
#COPY checkmk/check-mk-agent_2.1.0p18-1_all.deb /tmp/checkmk_agent.deb
#COPY checkmk/plugins /usr/lib/check_mk_agent/plugins
#COPY checkmk/config /etc/check_mk
#COPY checkmk/mk-job /usr/local/bin
# Install dependencies
RUN apt-get update && \
apt-get upgrade -y && \
apt-get install -y cron logrotate && \
# apt-get install -y /tmp/checkmk_agent.deb && \
apt-get autoremove -y && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
rm -rf /etc/logrotate.d/mysql-server
# rm /tmp/checkmk_agent.deb
# Configure cron
COPY tools/crontab /tmp/crontab
RUN service cron start && \
crontab /tmp/crontab && \
rm /tmp/crontab
# Define healthcheck
HEALTHCHECK --interval=60s --timeout=30s --start-period=5s --retries=3 \
CMD [ "/usr/local/bin/healthcheck.sh", "--connect" ]
# Set entrypoint script
COPY entrypoint.sh /entrypoint.sh
ENTRYPOINT [ "/entrypoint.sh" ]

52
mariadb/entrypoint.sh Executable file
View File

@ -0,0 +1,52 @@
#!/bin/bash
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# Entry script to start the Docker container. This script performs preparatory actions before
# invoking the entrypoint script from the base image.
# The upstream entrypoint script can be found here:
# https://github.com/MariaDB/mariadb-docker/blob/56ef6d9f842e1ddf50e4359625a6e5cef1748c38/10.11/docker-entrypoint.sh
# Set database password for CheckMk from secret
pw=`cat /run/secrets/checkmkPw`
sed -i "s/password=\"\"/password=\"$pw\"/g" /etc/check_mk/mysql.cfg
# Run custom DB init script. This will superceed the upstream one.
/dbInit.sh
# Invoke upstream entrypoint. This must be the last entry!
# The call might seem a bit awkward since the original entrypoint script uses functons and skips
# them when called. So the initial function call must be replicated here. Also the original script
# cannot simply be ommitted since it does a lot of importent work without the MariaDB server would
# not start. Also MariaDB insists be be run as PID1 which is the entrypoint script selected in the
# Dockerfile.
source /usr/local/bin/docker-entrypoint.sh
_main mariadbd "$@"

9
mariadb/etc/README.md Normal file
View File

@ -0,0 +1,9 @@
# Container Config Files
All files in this folder are config files of some sort for services that run inside the container.
The contents of this folder will be copied to `/etc/` during the build of the Docker image.
For further informations regarding the configuration of specific services, check out the commentary
inside the config files and/or the service's manuals.
Florian Meissner, DL1MRV

86
mariadb/etc/logrotate.d/mariadb Normal file
View File

@ -0,0 +1,86 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# This is the MariaDB configuration for the logrotate utility
#
# Note that on most Linux systems logs are written to journald, which has its
# own rotation scheme.
#
# Read https://mariadb.com/kb/en/error-log/ to learn more about logging and
# https://mariadb.com/kb/en/rotating-logs-on-unix-and-linux/ about rotating logs.
/var/log/mysql/*.log {
# If any of the files listed above is missing, skip them silently without
# emitting any errors
missingok
# If file exists but is empty, don't rotate it
notifempty
# Run daily
daily
# Keep 14 days of logs
rotate 14
# Compress logs, as they are text and compression will save a lot of disk space
compress
# Don't compress the log immediately to avoid errors about "file size changed while zipping"
delaycompress
# Don't run the postrotate script for each file configured in this file, but
# run it only once if one or more files were rotated
sharedscripts
# Immediately create new logfile
create 640 mysql adm
# After each rotation, run this custom script to flush the logs. Note that
# this assumes that the mariadb-admin command has database access, which it
# has thanks to the default use of Unix socket authentication for the 'root'
# account used everywhere since MariaDB 10.4.
postrotate
if test -r /run/secrets/root_name
then
user=`/usr/bin/cat /run/secrets/root_name`
user="-u $user"
fi
if test -r /run/secrets/root_pw
then
pw=`/usr/bin/cat /run/secrets/root_pw`
pw="-p$pw"
fi
if test -x /usr/bin/mariadb-admin
then
/usr/bin/mariadb-admin --local $user $pw flush-logs
fi
endscript
}

52
mariadb/etc/mysql/conf.d/01-logging.cnf Normal file
View File

@ -0,0 +1,52 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# Project specific config file for MariaDB server.
# Place all setting overriding the default values in here.
# This file is linked to the container as a volume
[mariadb]
# Take logging away from Docker so that it can be used by CheckMk
log_output=FILE
log_error=/var/log/mysql/error.log
log_warnings=3
# ONLY ENABLE general_log IN DEVELOPMENT ENVIRONTMENTS!!!
# This file will store every query and will grow rather quickly. It may also store confidential data!
general_log=1
general_log_file=/var/log/mysql/access.log
# Log slow queries
slow_query_log=1
slow_query_log_file=/var/log/mysql/slow.log
long_query_time=10 # sec
log_queries_not_using_indexes=ON
min_examined_row_limit=10000
log_slow_admin_statements=ON
log_slow_verbosity=query_plan,explain

87
mariadb/mariadb.env Normal file
View File

@ -0,0 +1,87 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# Docker-Compose environment file for the MariaDB serice
# Comment in the needed variables.
# For further information check:
# https://github.com/docker-library/docs/blob/master/mariadb/README.md#environment-variables
# This specifies the password that will be set for the MariaDB root superuser account.
MARIADB_ROOT_PASSWORD_FILE=/run/secrets/rootPw
#Set to a non-empty value, like yes, to allow the container to be started with a blank password for
# the root user.
# NOTE: Setting this variable to yes is not recommended unless you really know what you are doing,
# since this will leave your MariaDB instance completely unprotected, allowing anyone to gain
# complete superuser access.
#MARIADB_ALLOW_EMPTY_ROOT_PASSWORD=yes
# Set to a non-empty value, like yes, to generate a random initial password for the root user. The
# generated root password will be printed to stdout (GENERATED ROOT PASSWORD: .....).
#MARIADB_RANDOM_ROOT_PASSWORD=yes
# This is the hostname part of the root user created. By default this is %, however it can be set
# to any default MariaDB allowed hostname component. Setting this to localhost will prevent any
# root user being accessible except via the unix socket.
#MARIADB_ROOT_HOST=
# Set MARIADB_MYSQL_LOCALHOST_USER to a non-empty value to create the mysql@locahost database user.
# This user is especially useful for a variety of health checks and backup scripts.
# The mysql@localhost user gets USAGE privileges by default. If more access is required, additional
# global privileges in the form of a comma separated list can be provided. If you are sharing a
# volume containing MariaDB's unix socket (/var/run/mysqld by default), privileges beyond USAGE can
# result in confidentiality, integrity and availability risks, so use a minimal set. See the example
# below on using Mariabackup. The healthcheck.sh script also documents the required privileges for
# each health check test.
#MARIADB_MYSQL_LOCALHOST_USER=
# This variable allows you to specify the name of a database to be created on image startup.
MARIADB_DATABASE=eaMain
# These are used in conjunction to create a new user and to set that user's password. Both user and
# password variables are required for a user to be created. This user will be granted all access
# (corresponding to GRANT ALL) to the MARIADB_DATABASE database.
# Do note that there is no need to use this mechanism to create the root superuser, that user gets
# created by default with the password specified by the MARIADB_ROOT_PASSWORD variable.
MARIADB_USER_FILE=/run/secrets/eaBackendUser
MARIADB_PASSWORD_FILE=/run/secrets/eaBackendPw
# By default, the entrypoint script automatically loads the timezone data needed for the
# CONVERT_TZ() function. If it is not needed, any non-empty value disables timezone loading.
#MARIADB_INITDB_SKIP_TZINFO=yes
# Set MARIADB_AUTO_UPGRADE to a non-empty value to have the entrypoint check whether
# mysql_upgrade/mariadb-upgrade needs to run, and if so, run the upgrade before starting the
# MariaDB server.
# Before the upgrade, a backup of the system database is created in the top of the datadir with the
# name system_mysql_backup_*.sql.zst. This backup process can be disabled with by setting
# MARIADB_DISABLE_UPGRADE_BACKUP to a non-empty value.
#MARIADB_AUTO_UPGRADE=yes
#MARIADB_DISABLE_UPGRADE_BACKUP=yes

56
mariadb/tools/crontab Normal file
View File

@ -0,0 +1,56 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# *************************************************
# * ___ _ *
# * / (_) | | *
# * | ,_ __ _ _ _|_ __, | | *
# * | / | / \_/ |/ | | / | |/ \_ *
# * \___/ |_/\__/ | |_/|_/\_/|_/\_/ *
# * *
# *************************************************
# This is the crontab file for user root. It will be loaded and installed during the build process
# of the Docker image.
# In order for CheckMk to monitor the jobs, the sytax is enhenced a little bit. After the time
# information the script `mk-job` is placed with a CHeckMk description of the Job as first argument.
# The actual job's script or command is then followd as the second argument. For further
# informations see `mk-job` in the `checkmk` folder.
# Remember that this file must end with a new line!
# How to install a cronjob in Docker:
# https://github.com/edwardsamuel/Docker-Cron-Job-Sample/blob/master/README.md
# Florian Meissner, DL1MRV
# m h dom mon dow `mk-job` desc command [args]
#* * * * * mkjob "Test-Job" echo "Hello world" `date` >> /var/log/cron.log 2>&1
0 */4 * * * mk-job "DB Dump" /dbDump.sh
15 */4 * * * mk-job "Borg Backup" /borg.sh

90
mariadb/tools/dbDump.sh Executable file
View File

@ -0,0 +1,90 @@
#!/bin/bash
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# ****************************************************************************************
# * ,__ __ ____ , __ ____ *
# * /| | | o (| \/|/ \ (| \ *
# * | | | __, ,_ __, | || __/ | | _ _ _ _ *
# * | | | / | / | | / | _| || \ _| || | / |/ |/ | |/ \_ *
# * | | |_/\_/|_/ |_/|_/\_/|_/(/\___/ |(__/ (/\___/ \_/|_/ | | |_/|__/ *
# * /| *
# * \| *
# ****************************************************************************************
# Dump database contents to be later backed up. The dump will not contain any DROP or CREATE
# statements in order not to damage any existing data. This way `dbImport.sh` can use these files
# and run them over an eventually existing DB during the Docker entryint script.
DUMP_DIR="/tmp/mariadb-dump"
DB_USER=`cat /run/secrets/rootUser`
DB_PW=`cat /run/secrets/rootPw`
DB_NAMES=(
#"example-db"
"eaMain"
)
ERROR_LOG="/var/log/mysql/dump.log"
# Set excluded database tables here. Use an index for each database and separate tables by spaces.
declare -A EXCLUDED_TABLES=(
#[example-db]="table1 table2 table3"
#[toplist]="cty"
)
###################################################################################################
mkdir -p $DUMP_DIR
for db in ${DB_NAMES[@]}; do
# Assemble base command
read -r -d '' cmd << EOF
mariadb-dump
--single-transaction
--no-create-db
--insert-ignore
--user=$DB_USER
--password=$DB_PW
--databases $db
--dump-date
--log-error=$ERROR_LOG
--skip-add-drop-table
--skip-extended-insert
--no-create-info
EOF
# Append excluded tables
for tbl in ${EXCLUDED_TABLES[$db]}; do
cmd="${cmd} --ignore-table=${db}.${tbl}"
done
$cmd > $DUMP_DIR/$db.sql
done

55
mariadb/tools/dbImport.sh Executable file
View File

@ -0,0 +1,55 @@
#!/bin/bash
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# ********************************************************************************************
# * ,__ __ ____ , __ _ *
# * /| | | o (| \/|/ \ | | *
# * | | | __, ,_ __, | || __/ | | _ _ _ _ __ ,_ _|_ *
# * | | | / | / | | / | _| || \ _ |/ / |/ |/ | |/ \_/ \_/ | | *
# * | | |_/\_/|_/ |_/|_/\_/|_/(/\___/ |(__/ \_/\/ | | |_/|__/ \__/ |_/|_/ *
# * /| *
# * \| *
# ********************************************************************************************
# Import an existing dump back into the database. It is designed to used dump files created with
# `dbDump.sh` and flush them over an existing DB. For that to work, `initDb.sh` should be run first
# if no database exists.
DUMP_DIR="/tmp/mariadb-dump"
DB_USER=`cat /run/secrets/rootUser`
DB_PW=`cat /run/secrets/rootPw`
for file in $DUMP_DIR/*.sql; do
mariadb \
--user=$DB_USER \
--password=$DB_PW \
< $file
done

115
mariadb/tools/dbInit.sh Executable file
View File

@ -0,0 +1,115 @@
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# Initialize the database
# =======================
# This script will process all *.sh, *.sql, *.sql.gz, *sql.xz and *.sql.zst found in in the init
# directory recursively. They are processed in alphabetical order.
# CONFIG
LOG_FILE="/var/log/mysql/init.log"
INIT_DIR="/docker-entrypoint-initdb.d"
# Logging functions
# Inspired by MariaDB's upstream docker-entrypoint.sh
mysql_log() {
local type="$1";
shift
printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*" &>> $LOG_FILE
}
mysql_note() {
mysql_log Note "$@"
}
mysql_warn() {
mysql_log Warn "$@" >&2
}
mysql_error() {
mysql_log ERROR "$@" >&2
exit 1
}
docker_process_sql() {
user=`cat /run/secrets/rootUser`
pw=`cat /run/secrets/rootPw`
# echo "$user $pw"
# echo "$@"
mariadb \
--user="${user}" \
--password="${pw}" \
"$@"
}
# check to see if this file is being run or sourced from another script
_is_sourced() {
# https://unix.stackexchange.com/a/215279
local _top_of_stack=$(( ${#FUNCNAME[@]} - 1 ))
[ "${#FUNCNAME[@]}" -ge 2 ] \
&& [ "${FUNCNAME[0]}" = '_is_sourced' ] \
&& [ "${FUNCNAME[${_top_of_stack}]}" = 'source' ]
}
# Main program start
_main() {
for f in $(find ${INIT_DIR} -name "*.sql*" -or -name "*.sh" | sort ); do
case "$f" in
*.sh)
# https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
# https://github.com/docker-library/postgres/pull/452
if [ -x "$f" ]; then
mysql_note "$0: running $f"
"$f"
else
mysql_note "$0: sourcing $f"
# ShellCheck can't follow non-constant source. Use a directive to specify location.
# shellcheck disable=SC1090
. "$f"
fi
;;
*.sql) mysql_note "$0: running $f"; docker_process_sql < "$f"; echo ;;
*.sql.gz) mysql_note "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;;
*.sql.xz) mysql_note "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;;
*.sql.zst) mysql_note "$0: running $f"; zstd -dc "$f" | docker_process_sql; echo ;;
*) mysql_warn "$0: ignoring $f" ;;
esac
done
}
if ! _is_sourced
then
_main
fi

42
mariadb/tools/osupdate Executable file
View File

@ -0,0 +1,42 @@
#!/bin/bash
# ****************************************************************************************************
# * ______ _ _ *
# * | ____| /\ (_) | | *
# * | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
# * | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
# * | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
# * |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
# * | | | | *
# * |_| |_| *
# * *
# ****************************************************************************************************
# This file is part of the European Airports Project, a free, collaborative platform of airport data
# extending beyond the official AIPs.
# Copyright (C) 2023
# Florian Meissner <florianmeissner@gmx.de>
# This program is free software: you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software Foundation, either
# version 3 of the License, or (at your option) any later version. This program is distributed in the
# hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details. You should have received a copy of the GNU General Public License along with this program.
# (license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# Update script for Ubuntu based OS's.
# Florian Meissner, DL1MRV
# 03/2023
apt -y -qq update
echo "Hostname: ${HOSTNAME_HR}"
apt list --upgradable
read
apt -y -qq upgrade
apt -y -qq autoremove
apt-get clean
rm -rf /var/lib/apt/lists/*

58
secrets/README.md Normal file
View File

@ -0,0 +1,58 @@
****************************************************************************************************
* ______ _ _ *
* | ____| /\ (_) | | *
* | |__ _ _ _ __ ___ _ __ ___ __ _ _ __ / \ _ _ __ _ __ ___ _ __| |_ ___ *
* | __|| | | | '__/ _ \| '_ \ / _ \/ _` | '_ \ / /\ \ | | '__| '_ \ / _ \| '__| __/ __| *
* | |___| |_| | | | (_) | |_) | __/ (_| | | | | / ____ \| | | | |_) | (_) | | | |_\__ \ *
* |______\__,_|_| \___/| .__/ \___|\__,_|_| |_| /_/ \_\_|_| | .__/ \___/|_| \__|___/ *
* | | | | *
* |_| |_| *
* *
****************************************************************************************************
This file is part of the European Airports Project, a free, collaborative platform of airport data
extending beyond the official AIPs.
Copyright (C) 2023
Florian Meissner <florianmeissner@gmx.de>
This program is free software: you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software Foundation, either
version 3 of the License, or (at your option) any later version. This program is distributed in the
hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
details. You should have received a copy of the GNU General Public License along with this program.
(license.md in the root folder of this project) If not, see <http://www.gnu.org/licenses/>.
# MariaDB Secrets folder
This folder contains the secrets files with the user credentials for the MariaDB server.
You can rename the *.txt.example files into just *.txt and place your user name or password directly
into them. Each file must only hold one data entry and nothing else! The hole content of the file
will be interpreted as user name / password.
## What files are there?
For each user there are up to four files in this folder. Each file starts with a common base string,
followed by an underscore and the kind of value it holds. All files with the same base are assumed
to belonging to the same user.
The following file must/might exist:
- `*_name.txt` The user name (required)
- `*_pw.txt` The user's password (required)
- `*_grantTable.txt` The tables on which privileges should be granted. If missing or empty, it
defaults to `*.*`. (Optional)
- `*_privileges.txt` The privileges that should be granted on the table. If missing or empty, it
defaults to `ALL PRIVILEGES`. (Optional)
## Additonal steps
For each user, remember to mount the secrets in the `docker-compose.yml` and at a line to the bottom
of `init/01-mysql_user.sql`. See that file for details.

1
secrets/checkmk_name.txt Normal file
View File

@ -0,0 +1 @@
checkmk

1
secrets/checkmk_privileges.txt Normal file
View File

@ -0,0 +1 @@
SELECT, SHOW DATABASES

1
secrets/eaBackend_grantTable.txt Normal file
View File

@ -0,0 +1 @@
eaMain

1
secrets/eaBackend_name.txt Normal file
View File

@ -0,0 +1 @@
eaBackend

1
secrets/root_name.txt Normal file
View File

@ -0,0 +1 @@
root