Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
dienste:bytecluster0002:mariadb [28.09.2020 17:58] – angelegt mape2k | dienste:bytecluster0002:mariadb [05.08.2023 22:08] (aktuell) – Debian Testing wird nicht mehr benötigt mape2k | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
====== Container ' | ====== Container ' | ||
+ | |||
+ | ===== Ressourcen ===== | ||
+ | |||
+ | * 1 GB RAM | ||
+ | * 2 Cores | ||
+ | * 8 GB HDD (root-fs) | ||
===== System ===== | ===== System ===== | ||
Zeile 10: | Zeile 16: | ||
* MariaDB 10 | * MariaDB 10 | ||
+ | |||
+ | ===== Datenbanken ===== | ||
+ | |||
+ | ^ Datenbank | ||
+ | | cloud | cloud | [[cloud]] | ||
+ | | etherpadlite | ||
+ | | nextcloud | ||
+ | | paste | paste | [[paste]] | ||
+ | | wordpress | ||
+ | | wordpress_technikkultur | ||
+ | | wordpress_freifunk_erfurt | ||
+ | |||
+ | ===== Betrieb ===== | ||
+ | ==== Datenbank und Benutzer anlegen ==== | ||
+ | |||
+ | - Zur Datenbank verbinden | ||
+ | * **sudo mysql** | ||
+ | - Datenbank anlegen und Benutzer mit Passwort zuweisen< | ||
+ | CREATE DATABASE databasename; | ||
+ | GRANT ALL PRIVILEGES ON databasename.* TO ' | ||
+ | FLUSH PRIVILEGES; | ||
+ | </ | ||
+ | |||
+ | ==== Passwort für Benutzer ändern ==== | ||
+ | |||
+ | - Zur Datenbank verbinden | ||
+ | * **sudo mysql** | ||
+ | - Benutzer neues Passwort zuweisen< | ||
+ | ALTER USER ' | ||
+ | FLUSH PRIVILEGES; | ||
+ | </ | ||
+ | |||
+ | ===== Installation ===== | ||
+ | |||
+ | * Standard-Template mit Benutzern | ||
+ | |||
+ | ==== MariaDB ==== | ||
+ | |||
+ | - MariaDB-Server installieren | ||
+ | * **apt-get install mariadb-server** | ||
+ | - MariaDB - Erstkonfiguration | ||
+ | * **mysql_secure_installation** | ||
+ | * Set root password? [Y/n]: **Y** | ||
+ | * New password: **PASSWORT** | ||
+ | * Re-enter new password: **PASSWORT** | ||
+ | * Remove anonymous users? [Y/n]: **Y** | ||
+ | * Disallow root login remotely? [Y/n]: **Y** | ||
+ | * Remove test database and access to it? [Y/n]: **Y** | ||
+ | * Reload privilege tables now? [Y/n]: **Y** | ||
+ | - Benutzerdefinierte Konfiguration anlegen< | ||
+ | [mysqld] | ||
+ | # An lokale IP binden | ||
+ | bind-address | ||
+ | |||
+ | # Binlog deaktivieren | ||
+ | skip-log-bin | ||
+ | |||
+ | # InnoDB verwenden | ||
+ | default_storage_engine | ||
+ | |||
+ | # InnoDB-Optimierungen | ||
+ | innodb_buffer_pool_size | ||
+ | innodb_log_buffer_size | ||
+ | innodb_log_file_size | ||
+ | |||
+ | innodb_log_files_in_group | ||
+ | innodb_flush_log_at_trx_commit | ||
+ | innodb_flush_method | ||
+ | innodb_file_per_table | ||
+ | </ | ||
+ | - MariaDB neustarten | ||
+ | * **systemctl restart mariadb.service** | ||
+ | |||
+ | ==== Backup mit Borgmatic ==== | ||
+ | |||
+ | - Borgmatic installieren | ||
+ | * **sudo apt-get update** | ||
+ | * **sudo apt-get install borgmatic** | ||
+ | - pwgen installieren | ||
+ | * **sudo apt-get install pwgen** | ||
+ | - Borgmatic-Konfiguration in der Datei / | ||
+ | * **sudo generate-borgmatic-config** | ||
+ | - SSH-Key erzeugen | ||
+ | * **sudo ssh-keygen -a100 -t ed25519 -f / | ||
+ | - SSH-Key bei Backupserver hinterlegen | ||
+ | - Zufälliges Passwort in Konfiguration erzeugen< | ||
+ | sudo sed -i -e " | ||
+ | sudo sed -i " | ||
+ | - Konfiguration anpassen (USERNAME, SERVERNAME, SSH-PORT ersetzen)< | ||
+ | location: | ||
+ | ... | ||
+ | source_directories: | ||
+ | - /etc | ||
+ | - /home | ||
+ | - /root | ||
+ | - /usr/local | ||
+ | - /var/log | ||
+ | ... | ||
+ | repositories: | ||
+ | - USERNAME@SERVERNAME: | ||
+ | ... | ||
+ | one_file_system: | ||
+ | ... | ||
+ | exclude_caches: | ||
+ | ... | ||
+ | storage: | ||
+ | ... | ||
+ | encryption_passphrase: | ||
+ | ... | ||
+ | compression: | ||
+ | ... | ||
+ | ssh_command: | ||
+ | ... | ||
+ | retention: | ||
+ | ... | ||
+ | keep_daily: 7 | ||
+ | ... | ||
+ | keep_weekly: | ||
+ | ... | ||
+ | keep_monthly: | ||
+ | ... | ||
+ | keep_yearly: | ||
+ | ... | ||
+ | consistency: | ||
+ | ... | ||
+ | checks: | ||
+ | - repository | ||
+ | - archives | ||
+ | ... | ||
+ | hooks: | ||
+ | before_backup: | ||
+ | - dpkg-query -f ' | ||
+ | ... | ||
+ | mysql_databases: | ||
+ | - name: all | ||
+ | ... | ||
+ | </ | ||
+ | - Borg-Repository initialisieren | ||
+ | * **< | ||
+ | - Verschlüsselungsinformationen sicher verwahren | ||
+ | - Verschlüsselungs-Passwort ermitteln | ||
+ | * **< | ||
+ | - Verschlüsselungs-Schlüssel ermitteln | ||
+ | * **sudo cat / | ||
+ | - Erstes Backup initialisieren | ||
+ | * **< | ||
+ | ------------------------------------------------------------------------------ | ||
+ | Archive name: mariadb-2020-12-05T17: | ||
+ | Archive fingerprint: | ||
+ | Time (start): Sat, 2020-12-05 17:36:49 | ||
+ | Time (end): | ||
+ | Duration: 6.57 seconds | ||
+ | Number of files: 472 | ||
+ | Utilization of max. archive size: 0% | ||
+ | ------------------------------------------------------------------------------ | ||
+ | | ||
+ | This archive: | ||
+ | All archives: | ||
+ | |||
+ | | ||
+ | Chunk index: | ||
+ | ------------------------------------------------------------------------------ | ||
+ | </ | ||
+ | - Backupinhalt nochmal prüfen | ||
+ | * **< | ||
+ | USERNAME@SERVERNAME: | ||
+ | drwxr-xr-x root | ||
+ | -rw-r--r-- root | ||
+ | ... | ||
+ | </ | ||
+ | - Cronjob einrichten | ||
+ | * **< |