Fix database recovery
This commit is contained in:
parent
e2223cde9b
commit
b8627554d3
257
beaglebone.txt
257
beaglebone.txt
|
@ -3302,171 +3302,196 @@ Now visit your blog and follow the setup instructions, which are quite minimal.
|
||||||
|
|
||||||
IRC is not an especially secure system. For instance, even with the best encryption it's easily possible to imagine IRC-specific cribs which could be used by cryptanalytic systems. However, we'll try to implement it in a manner which will at least give the surveillance aparatus something to ponder over.
|
IRC is not an especially secure system. For instance, even with the best encryption it's easily possible to imagine IRC-specific cribs which could be used by cryptanalytic systems. However, we'll try to implement it in a manner which will at least give the surveillance aparatus something to ponder over.
|
||||||
|
|
||||||
First install some dependencies.
|
Because hybrid doesn't support OpenSSL by default, you have to do a manual patch to get it working.
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
|
cd ~/build
|
||||||
|
mkdir hybrid
|
||||||
|
cd hybrid
|
||||||
apt-get update
|
apt-get update
|
||||||
apt-get install build-essential openssl libssl-dev debhelper dpatch docbook-to-man flex bison libpcre3-dev screen
|
apt-get install build-essential openssl libssl-dev debhelper dpatch docbook-to-man flex bison libpcre3-dev screen
|
||||||
|
apt-get source ircd-hybrid
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Then get the source code for ircd-hybrid.
|
To enable SSL
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
mkdir ~/build
|
editor ircd-hybrid-*/debian/rules
|
||||||
cd ~/build
|
|
||||||
wget http://freedombone.uk.to/ircd-hybrid-8.1.17.tgz
|
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
verify it.
|
At the top add:
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
sha256sum ircd-hybrid-8.1.17.tgz
|
USE_OPENSSL = 1
|
||||||
440c9d86ba6bc930efef9cdaaec547b425c35cad3f08bed8df69e55788c1268a
|
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Install it.
|
So the file should looks like:
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
tar -xzvf ircd-hybrid-8.1.17.tgz
|
1# ...
|
||||||
cd ircd-hybrid-8.1.17
|
2# Some useful stuff to edit here.
|
||||||
./configure --prefix=/usr/local/ircd --enable-openssl
|
3# Beware: TOPICLEN may not exceed 390.
|
||||||
make
|
4NICKLEN = 15
|
||||||
make install
|
5TOPICLEN = 350
|
||||||
|
6MAXCLIENTS = 200
|
||||||
|
7USE_OPENSSL = 1
|
||||||
|
8# ...
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Customise the configuration to your system, giving it a name and description. In this example 192.168.1.60 is the static IP address on the BBB on the local network, so change that if necessary.
|
Save and exit, then rebuild the deb-file and install it:
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
chown -R irc:irc /usr/local/ircd
|
cd ircd-hybrid-*
|
||||||
cp /usr/local/ircd/etc/reference.conf /usr/local/ircd/etc/ircd.conf
|
dpkg-buildpackage -rfakeroot -uc -b
|
||||||
editor /usr/local/ircd/etc/ircd.conf
|
cd ..
|
||||||
|
dpkg -i ircd-hybrid_*.deb
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Set *name* to the domain name of your server, and set a description.
|
Edit connect, listen and operator settings:
|
||||||
|
|
||||||
Set a *network_name* and *network_desc*. The network name should not contain any spaces.
|
#+BEGIN_SRC: bash
|
||||||
|
editor /etc/ircd-hybrid/ircd.conf
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
Set max_clients to 20, or however many you expect that you'll typically need.
|
Edit the connect section. Set *name* to the name of your server, and set a description.
|
||||||
|
|
||||||
|
#+BEGIN_SRC: c
|
||||||
|
connect {
|
||||||
|
/* name: the name of the server */
|
||||||
|
name = "myircdomainname.com";
|
||||||
|
Set a *network_name* and *network_desc*.
|
||||||
|
/* host: the host or IP to connect to. If a hostname is used it
|
||||||
|
* must match the reverse dns of the server.
|
||||||
|
*/
|
||||||
|
host = "127.0.0.1";
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
|
Set max_clients to 20.
|
||||||
|
|
||||||
|
#+BEGIN_SRC: c
|
||||||
|
/* passwords: the passwords we send (OLD C:) and accept (OLD N:).
|
||||||
|
* The remote server will have these passwords reversed.
|
||||||
|
*/
|
||||||
|
send_password = "password";
|
||||||
|
accept_password = "password";
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
Within the admin section set your *name* and *email*.
|
Within the admin section set your *name* and *email*.
|
||||||
|
|
||||||
Within the *listen* section set host to your fixed IP address (in the earlier
|
Enable compression.
|
||||||
sections it was 192.168.1.60).
|
|
||||||
|
|
||||||
Within the *auth* section set user = "*@192.168.1.60" - or whatever the fixed IP address of the BBB is on your network - and password to the desired password for the IRC server. If you don't wish to use a password then remove need_password from the flags.
|
#+BEGIN_SRC: c
|
||||||
|
/* compressed: controls whether traffic is compressed via ziplinks.
|
||||||
Within the *connect* section set *host* and *vhost* to your fixed IP address (in the earlier
|
* By default this is disabled
|
||||||
sections it was 192.168.1.60) and *name* to your domain name. Also set the *send/accept passwords* to your IRC login password.
|
*/
|
||||||
|
compressed = yes;
|
||||||
Within the *operator* section change *name* to the username/nick which you will user to irc@192.168.1.60
|
};
|
||||||
|
|
||||||
Change *ssl_connection_required* to *yes*.
|
|
||||||
|
|
||||||
Save and exit, then restart the IRC server. Open port 6697 on your internet router and forward it to the BBB. Note that although ports 6665 to 6669 are active within the configuration file in practice we will only use the encrypted port.
|
|
||||||
|
|
||||||
Ensure that the configuration is only readable by the root user.
|
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
|
||||||
chmod 600 /usr/local/ircd/etc/ircd.conf
|
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Now create an init script.
|
Within the *listen* section set host to your fixed IP address (in the earlier sections it was 192.168.1.60).
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: c
|
||||||
adduser irc
|
/* listen {}: contain information about the ports ircd listens on (OLD P:) */
|
||||||
|
listen {
|
||||||
|
/* port: the specific port to listen on. if no host is specified
|
||||||
|
* before, it will listen on all available IPs.
|
||||||
|
*
|
||||||
|
* ports are seperated via a comma, a range may be specified using ".."
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* port: listen on all available IPs, ports 6665 to 6669 */
|
||||||
|
host = "127.0.0.1";
|
||||||
|
port = 6665 .. 6669;
|
||||||
|
|
||||||
|
/* sslport: ports to accept ONLY ssl connections on */
|
||||||
|
flags = ssl;
|
||||||
|
port = 6697
|
||||||
|
};
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Make the password some long random string.
|
Generate a password for the IRC operator using mkpasswd tool.
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
editor /usr/bin/runircd
|
mkpasswd -Hmd5
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Add the following:
|
Search for operator block and change it to look like this, including the password which you just generated:
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: c
|
||||||
#!/bin/sh
|
# ...
|
||||||
USERNAME=irc
|
operator {
|
||||||
COMMAND="cd /usr/local/ircd/bin; ircd > /usr/local/ircd/ircd.log"
|
/* name: the name of the oper */
|
||||||
su -l $USERNAME -c '$COMMAND'
|
name = "root";
|
||||||
|
|
||||||
|
/* user: the user@host required for this operator. CIDR is not
|
||||||
|
* supported. multiple user="" lines are supported.
|
||||||
|
*/
|
||||||
|
user = "*@*";
|
||||||
|
|
||||||
|
/* password: the password required to oper. By default this will
|
||||||
|
* need to be encrypted using '/usr/bin/mkpasswd'.
|
||||||
|
* WARNING: Please do not mix up the 'mkpasswd' program from
|
||||||
|
* /usr/sbin with this one. If you are root, typing 'mkpasswd'
|
||||||
|
* will run that one instead and you will receive a strange error.
|
||||||
|
*
|
||||||
|
* MD5 is supported. If you want to use it, use mkpasswd -Hmd5.
|
||||||
|
*/
|
||||||
|
password = "#MD5 PASSWORD HERE#";
|
||||||
|
# ...
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
|
Within the *auth* section set user = "*@192.168.1.60" - or whatever the fixed IP address of the BBB is on your network.
|
||||||
|
|
||||||
Save and exit.
|
Save and exit.
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: c
|
||||||
chmod +x /usr/bin/runircd
|
service ircd-hybrid restart
|
||||||
editor /etc/init.d/ircd-hybrid
|
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Add the following:
|
Now open ports 6665 to 6669 on your internet router/firewall.
|
||||||
|
|
||||||
|
After connecting to IRC server you should see something like this:
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
#!/bin/bash
|
23:50 -!- - hybrid7.debian.local Message of the Day -
|
||||||
# /etc/init.d/ircd-hybrid
|
23:50 -!- - _,met$$$$$gg. ircd-hybrid 7.2.2
|
||||||
|
23:50 -!- - ,g$$$$$$$$$$$$$$$P. -----------------
|
||||||
### BEGIN INIT INFO
|
23:50 -!- - ,g$$P"" """Y$$.".
|
||||||
# Provides: ircd-hybrid
|
23:50 -!- - ,$$P' `$$$. If you are seeing this, you have
|
||||||
# Required-Start: $remote_fs $syslog
|
23:50 -!- - ',$$P ,ggs. `$$b: installed the ircd-hybrid package and
|
||||||
# Required-Stop: $remote_fs $syslog
|
23:50 -!- - `d$$' ,$P"' . $$$ you are now connected to your new IRC
|
||||||
# Default-Start: 2 3 4 5
|
23:50 -!- - $$P d$' , $$P server -- congratulations.
|
||||||
# Default-Stop: 0 1 6
|
23:50 -!- - $$: $$. - ,d$$'
|
||||||
# Short-Description: starts irc server
|
23:50 -!- - $$; Y$b._ _,d$P' Since you have just installed the
|
||||||
# Description: starts irc server
|
23:50 -!- - Y$$. `.`"Y$$$$P"' package, there are some things you
|
||||||
### END INIT INFO
|
23:50 -!- - `$$b "-.__ should do before going any further:
|
||||||
|
23:50 -!- - `Y$$b
|
||||||
# Author: Bob Mottram <bob@robotics.uk.to>
|
23:50 -!- - `Y$$. 1. Edit /etc/ircd-hybrid/ircd.conf to
|
||||||
|
23:50 -!- - `$$b. suit your needs. Beware some options have
|
||||||
#Settings
|
23:50 -!- - `Y$$b. been removed or moved into other blocks in
|
||||||
SERVICE='ircd-hybrid'
|
23:50 -!- - `"Y$b._ the configuration file since
|
||||||
COMMAND="runircd"
|
23:50 -!- - `"""" ircd-hybrid 7.0.3.
|
||||||
USER='irc'
|
23:50 -!- -
|
||||||
NICELEVEL=19 # from 0-19 the bigger the number, the less the impact on system resources
|
23:50 -!- - 2. Edit /etc/ircd-hybrid/ircd.motd (this
|
||||||
HISTORY=1024
|
23:50 -!- - MOTD) to suit your needs. You are free
|
||||||
INVOCATION="nice -n ${NICELEVEL} ${COMMAND}"
|
23:50 -!- - to use this Debian swirl under the
|
||||||
PATH='/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/core_perl:/sbin:/usr/sbin:/bin'
|
23:50 -!- - Debian Open Use Logo License. :)
|
||||||
|
23:50 -!- -
|
||||||
|
23:50 -!- - 3. Restart the server using invoke-rc.d
|
||||||
|
23:50 -!- - ircd-hybrid restart.
|
||||||
|
23:50 -!- -
|
||||||
irc_start() {
|
23:50 -!- End of /MOTD command.
|
||||||
echo "Starting $SERVICE..."
|
|
||||||
su --command "screen -h ${HISTORY} -dmS ${SERVICE} ${INVOCATION}" $USER
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
irc_stop() {
|
|
||||||
echo "Stopping $SERVICE"
|
|
||||||
pkill ${COMMAND}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
#Start-Stop here
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
irc_start
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
irc_stop
|
|
||||||
;;
|
|
||||||
restart)
|
|
||||||
irc_stop
|
|
||||||
sleep 10s
|
|
||||||
irc_start
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: $0 {start|stop|restart}"
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
exit 0
|
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
Save and exit, then start the daemon.
|
If necessary you can change the message of the day with:
|
||||||
|
|
||||||
|
#+BEGIN_SRC: bash
|
||||||
|
editor /etc/ircd-hybrid/ircd.motd
|
||||||
|
#+END_SRC
|
||||||
|
|
||||||
|
The restart the irc server.
|
||||||
|
|
||||||
#+BEGIN_SRC: bash
|
#+BEGIN_SRC: bash
|
||||||
chmod +x /etc/init.d/ircd-hybrid
|
|
||||||
update-rc.d ircd-hybrid defaults
|
|
||||||
service ircd-hybrid start
|
service ircd-hybrid start
|
||||||
#+END_SRC
|
#+END_SRC
|
||||||
|
|
||||||
|
@ -7169,7 +7194,7 @@ mysqlcheck -c -u root --password=$MYSQL_ROOT_PASSWORD $DATABASE > $TEMPFILE
|
||||||
|
|
||||||
# If it still contains errors then restore from backup
|
# If it still contains errors then restore from backup
|
||||||
if grep -q "Error" "$TEMPFILE"; then
|
if grep -q "Error" "$TEMPFILE"; then
|
||||||
mysql -u root --password=$MYSQL_ROOT_PASSWORD $DATABASE -o < /var/backups/$DATABASE_daily.sql
|
mysql -u root --password=$MYSQL_ROOT_PASSWORD $DATABASE -o < /var/backups/${DATABASE}_daily.sql
|
||||||
|
|
||||||
# Send a warning email
|
# Send a warning email
|
||||||
echo "$DATABASE database corruption could not be repaired. Restored from backup." | mail -s "Freedombone database maintenance" $EMAIL
|
echo "$DATABASE database corruption could not be repaired. Restored from backup." | mail -s "Freedombone database maintenance" $EMAIL
|
||||||
|
|
Loading…
Reference in New Issue