We use cookies to ensure you get the best experience on our website
Accueil Explorer Aide
S'inscrire Connexion
0ct0pu5
/
desec-stack
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

feat(db): add replication for pdnsmaster database

Peter Thomassen il y a 8 ans
Parent
93d0d9163f
commit
150028873c
13 fichiers modifiés avec 32 ajouts et 3 suppressions
Vue séparée Afficher les stats Diff
  1. 11 0
      db/51-server.cnf
  2. 5 1
      db/Dockerfile
  3. 12 2
      db/initdb.d/00-init.sql
  4. 0 0
      db/initdb.d/10-pdns-lord.sql
  5. 0 0
      db/initdb.d/10-pdns-master.sql
  6. 0 0
      db/initdb.d/11-pdns-lord-REFERENCES.sql
  7. 0 0
      db/initdb.d/11-pdns-master-REFERENCES.sql
  8. 0 0
      db/initdb.d/11-pdns-master-supermasters.sql
  9. 0 0
      db/initdb.d/99-1-poweradmin-mysql-db-structure.sql
  10. 0 0
      db/initdb.d/99-2-poweradmin-mysql-update-to-2.1.5.sql.disabled
  11. 0 0
      db/initdb.d/99-3-poweradmin-mysql-update-to-2.1.6.sql
  12. 0 0
      db/initdb.d/99-4-poweradmin-mysql-update-to-2.1.7.sql.disabled
  13. 4 0
      docker-compose.yml

+ 11 - 0
db/51-server.cnf
Voir le fichier 

@@ -0,0 +1,11 @@
 
+[mysqld]
 
+ssl-ca   = /etc/ssl/private/sca.server2.crt
 
+ssl-cert = /etc/ssl/private/WILDCARD.dev.desec.io.crt
 
+ssl-key  = /etc/ssl/private/WILDCARD.dev.desec.io.key
 
+
 
+server-id               = 1
 
+log_bin                 = /var/log/mysql/mysql-bin.log
 
+binlog_format=ROW
 
+log-basename=nsmaster
 
+binlog-do-db=pdnsmaster
 
+expire_logs_days        = 10

+ 5 - 1
db/Dockerfile
Voir le fichier 

@@ -1,4 +1,8 @@
 
 FROM mariadb
 
 
-COPY *.sql /docker-entrypoint-initdb.d/
 
+# mountable ssl certificate and key directory
 
+# (we don't want any keys in this repository)
 
+VOLUME /etc/ssl/private/
 
 
+COPY initdb.d/*.sql /docker-entrypoint-initdb.d/
 
+COPY ./51-server.cnf /etc/mysql/conf.d/51-server.cnf

+ 12 - 2
db/00-init.sql → db/initdb.d/00-init.sql
Voir le fichier 

@@ -1,14 +1,24 @@
 
+-- deSEC user and domain database
 
 CREATE DATABASE desec;
 
 CREATE USER desec IDENTIFIED BY 'test123';
 
 GRANT SELECT, INSERT, UPDATE, DELETE, REFERENCES, INDEX, CREATE, ALTER, DROP ON desec.* TO desec;
 
 
+-- nslord database, including devadmin access
 
 CREATE DATABASE pdnslord;
 
 CREATE USER pdnslord IDENTIFIED BY '123test';
 
 GRANT SELECT, INSERT, UPDATE, DELETE ON pdnslord.* TO pdnslord;
 
 
+CREATE USER poweradmin IDENTIFIED BY '123passphrase';
 
+GRANT SELECT, INSERT, UPDATE, DELETE ON pdnslord.* TO poweradmin;
 
+
 
+-- nsmaster database
 
 CREATE DATABASE pdnsmaster;
 
 CREATE USER pdnsmaster IDENTIFIED BY '456test';
 
 GRANT SELECT, INSERT, UPDATE, DELETE ON pdnsmaster.* TO pdnsmaster;
 
 
-CREATE USER poweradmin IDENTIFIED BY '123passphrase';
 
-GRANT SELECT, INSERT, UPDATE, DELETE ON pdnslord.* TO poweradmin;
 
+-- replication
 
+CREATE USER ns1@'%' IDENTIFIED BY "test234";
 
+GRANT REPLICATION SLAVE ON *.* TO ns1@'%' REQUIRE SUBJECT '/CN=ns1.desec.io' AND ISSUER "/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3";
 
+
 
+CREATE USER ns2@'%' IDENTIFIED BY "test345";
 
+GRANT REPLICATION SLAVE ON *.* TO ns2@'%' REQUIRE SUBJECT '/CN=ns2.desec.io' AND ISSUER "/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3";

+ 0 - 0
db/10-pdns-lord.sql → db/initdb.d/10-pdns-lord.sql
Voir le fichier


+ 0 - 0
db/10-pdns-master.sql → db/initdb.d/10-pdns-master.sql
Voir le fichier


+ 0 - 0
db/11-pdns-lord-REFERENCES.sql → db/initdb.d/11-pdns-lord-REFERENCES.sql
Voir le fichier


+ 0 - 0
db/11-pdns-master-REFERENCES.sql → db/initdb.d/11-pdns-master-REFERENCES.sql
Voir le fichier


+ 0 - 0
db/11-pdns-master-supermasters.sql → db/initdb.d/11-pdns-master-supermasters.sql
Voir le fichier


+ 0 - 0
db/99-1-poweradmin-mysql-db-structure.sql → db/initdb.d/99-1-poweradmin-mysql-db-structure.sql
Voir le fichier


+ 0 - 0
db/99-2-poweradmin-mysql-update-to-2.1.5.sql.disabled → db/initdb.d/99-2-poweradmin-mysql-update-to-2.1.5.sql.disabled
Voir le fichier


+ 0 - 0
db/99-3-poweradmin-mysql-update-to-2.1.6.sql → db/initdb.d/99-3-poweradmin-mysql-update-to-2.1.6.sql
Voir le fichier


+ 0 - 0
db/99-4-poweradmin-mysql-update-to-2.1.7.sql.disabled → db/initdb.d/99-4-poweradmin-mysql-update-to-2.1.7.sql.disabled
Voir le fichier


+ 4 - 0
docker-compose.yml
Voir le fichier 

@@ -22,6 +22,10 @@ services:
 
 
   db:
 
     build: db
 
+    ports:
 
+    - "3306:3306"
 
+    volumes:
 
+    - ./desec-certs/dev.desec.io:/etc/ssl/private
 
     environment:
 
     - MYSQL_ROOT_PASSWORD=test123
 
     networks:

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5