Commit a57c9f96 authored by pasden's avatar pasden
Browse files

Initial commit

parents
# IT Invent
IT Invent in Docker on Synology
## Скрипты для разворачивания, настройки и обслуживания БД IT Invent
1. Запуск БД MS SQL Server в Docker контейнере Linux
- `mkdir -p /volume1/docker/itinvent`
- `start_container.sh` - запуск контейнера
- `update_container.sh` - обновление контейнера
- `start_container_mirror.sh` - если базу предполагается в дальнейшем зеркалировать на другой сервер
- `update_container_mirror.sh`
- `stop_container.sh` - остановка контейнера
- `purge_container_files.sh` - удаление файлов контейнера
2. Настройка шифрования соединений с MS SQL на Linux
- Использование самоподписанного сертификата:
`enable_encrypt_self-sign.sh`
- Использование сертификата полученного от центра сертификации Let’s Encrypt с помощью Synology:
`enable_encrypt_syno.sh`
3. Резервное копирование
4. Восстановление из резервной копии
5. Зеркальное отображение БД
## Дистрибутив
- ITInvent [скачать](distr/ITInvent.zip "ITInvent.zip")
- ITInventWMIScanner [скачать](distr/ITInventWMIScanner.zip "ITInventWMIScanner.zip")
## Документация
- [IT Invent. Учет компьютеров, оборудования и IT инфраструктуры](http://it-invent.ru/)
- [IT Invent. Форум](http://forum.it-invent.ru/)
- [САМОПОДПИСАННЫЙ SSL СЕРТИФИКАТ - ПРЕИМУЩЕСТВА И НЕДОСТАТКИ](https://www.emaro-ssl.ru/blog/self-signed-certificate/)
- [Использование самозаверенных сертификатов](https://tlgrm.ru/docs/bots/self-signed)
- [Microsoft. Шифрование соединений с SQL Server на Linux](https://docs.microsoft.com/ru-ru/sql/linux/sql-server-linux-encrypted-connections?view=sql-server-ver15)
- [Microsoft. Настройка группы доступности Always On SQL Server для обеспечения высокой доступности в Linux](https://docs.microsoft.com/ru-ru/sql/linux/sql-server-linux-availability-group-configure-ha?view=sql-server-ver15)
- [Microsoft. Зеркальное отображение базы данных (SQL Server)](https://docs.microsoft.com/ru-ru/sql/database-engine/database-mirroring/database-mirroring-sql-server?view=sql-server-ver15)
- [Fixing SQL Server Database Mirroring Expired Certificates](https://www.mssqltips.com/sqlservertip/4796/fixing-sql-server-database-mirroring-expired-certificates/)
- [Official images for Microsoft SQL Server on Linux for Docker Engine](https://hub.docker.com/_/microsoft-mssql-server)
#!/bin/sh
container_name="itinvent"
host_name="yourHost"
docker exec -it $container_name /bin/sh -c "\
cd /var/opt/mssql/data/; \
openssl req -x509 -nodes -newkey rsa:2048 -subj '/CN=${host_name}' \
-keyout mssql.key \
-out cert.pem \
-days 365; \
chmod 600 ./mssql.pem ./mssql.key; \
chown root:root ./mssql.pem ./mssql.key; \
/opt/mssql/bin/mssql-conf set network.tlscert /var/opt/mssql/data/cert.pem; \
/opt/mssql/bin/mssql-conf set network.tlskey /var/opt/mssql/data/mssql.key; \
/opt/mssql/bin/mssql-conf set network.tlsprotocols 1.2; \
/opt/mssql/bin/mssql-conf set network.forceencryption 1; \
"
#!/bin/sh
container_name="itinvent"
syno_certs_path="/usr/syno/etc/certificate/_archive/DmsD54"
docker cp $syno_certs_path/cert.pem $container_name:/var/opt/mssql/data/cert.pem
docker cp $syno_certs_path/privkey.pem $container_name:/var/opt/mssql/data/privkey.pem
# https://ask-ubuntu.ru/questions/41943/letsencrypt-dlya-sql-server-v-linux
docker exec -it $container_name /bin/sh -c "\
cd /var/opt/mssql/data/; \
openssl rsa -in ./privkey.pem -out ./mssql.key; \
chown root:root ./cert.pem ./mssql.key; \
chmod 600 ./cert.pem ./mssql.key; \
/opt/mssql/bin/mssql-conf set network.tlscert /var/opt/mssql/data/cert.pem; \
/opt/mssql/bin/mssql-conf set network.tlskey /var/opt/mssql/data/mssql.key; \
/opt/mssql/bin/mssql-conf set network.tlsprotocols 1.2; \
/opt/mssql/bin/mssql-conf set network.forceencryption 1; \
"
docker restart $container_name
docker logs -f $container_name
#!/bin/sh
container_name="itinvent"
docker_path="/volume1/docker"
container_data_path="${docker_path}/${container_name}/"
docker stop $container_name
docker rm $container_name
rm -rf $container_data_path
mkdir -p $container_data_path
#!/bin/sh
container_name="itinvent"
host_name="yourHost"
docker_path="/volume1/docker"
container_data_path="${docker_path}/${container_name}/"
docker run --name $container_name \
--hostname $host_name \
--restart always \
-u 0:0 \
-v $container_data_path:/var/opt/mssql \
-e 'ACCEPT_EULA=Y' \
-e 'SA_PASSWORD=yourStrong(!)Password' \
-e 'MSSQL_PID=Developer' \
-e "MSSQL_MEMORY_LIMIT_MB=2048" \
-e 'TZ=Europe/Moscow' \
-p 1434:1433 \
-d mcr.microsoft.com/mssql/server:2019-latest
#-d mcr.microsoft.com/mssql/server:2019-CU9-ubuntu-16.04
docker logs -f $container_name
#!/bin/sh
container_name="itinvent"
host_name="yourHost"
docker_path="/volume1/docker"
container_data_path="${docker_path}/${container_name}/"
docker run --name $container_name \
--hostname $host_name \
--restart always \
-u 0:0 \
-v $container_data_path:/var/opt/mssql \
-e 'ACCEPT_EULA=Y' \
-e 'SA_PASSWORD=yourStrong(!)Password' \
-e 'MSSQL_PID=Enterprise' \
-e 'MSSQL_ENABLE_HADR=1' \
-e 'MSSQL_AGENT_ENABLED=true' \
-e "MSSQL_MEMORY_LIMIT_MB=2048" \
-e 'TZ=Europe/Moscow' \
-p 1434:1433 \
-p 5023:5022 \
-d mcr.microsoft.com/mssql/server:2019-latest
docker logs -f $container_name
#!/bin/sh
container_name="itinvent"
docker stop $container_name && docker rm $container_name
#!/bin/sh
container_name="itinvent"
host_name="yourHost"
docker_path="/volume1/docker"
container_data_path="${docker_path}/${container_name}/"
docker stop $container_name
docker rm $container_name
docker pull mcr.microsoft.com/mssql/server:2019-latest
docker run --name $container_name \
--hostname $host_name \
--restart always \
-u 0:0 \
-v $container_data_path:/var/opt/mssql \
-e 'ACCEPT_EULA=Y' \
-e 'SA_PASSWORD=yourStrong(!)Password' \
-e 'MSSQL_PID=Developer' \
-e "MSSQL_MEMORY_LIMIT_MB=2048" \
-e 'TZ=Europe/Moscow' \
-p 1434:1433 \
-d mcr.microsoft.com/mssql/server:2019-latest
docker logs -f $container_name
#!/bin/sh
container_name="itinvent"
host_name="yourHost"
docker_path="/volume1/docker"
container_data_path="${docker_path}/${container_name}/"
docker stop $container_name
docker rm $container_name
docker pull mcr.microsoft.com/mssql/server:2019-latest
docker run --name $container_name \
--hostname $host_name \
--restart always \
-u 0:0 \
-v $container_data_path:/var/opt/mssql \
-e 'ACCEPT_EULA=Y' \
-e 'SA_PASSWORD=yourStrong(!)Password' \
-e 'MSSQL_PID=Enterprise' \
-e 'MSSQL_ENABLE_HADR=1' \
-e 'MSSQL_AGENT_ENABLED=true' \
-e "MSSQL_MEMORY_LIMIT_MB=2048" \
-e 'TZ=Europe/Moscow' \
-p 1434:1433 \
-p 5023:5022 \
-d mcr.microsoft.com/mssql/server:2019-latest
docker logs -f $container_name
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment