108 lines
6.7 KiB
Plaintext
108 lines
6.7 KiB
Plaintext
{"login": "manager","password": "l3tm3in"}
|
|
|
|
{"login": "OpsAdminLimited","password": "OpsAdminLimited"}
|
|
|
|
|
|
|
|
TODO: post to server and test
|
|
|
|
|
|
Backup testing on linux:
|
|
|
|
Result of the backup now button:
|
|
2020-06-06 18:06:22.4172|ERROR|CoreJobBackup|RunProgram error running command:pg_dump --dbname=postgresql://postgres:letmein@postgresserver:5432/AyaNova -Fc > /var/lib/ayanova/files/backup/manual-db-20200606180622413.backup=>System.ComponentModel.Win32Exception (2): No such file or directory
|
|
at System.Diagnostics.Process.ForkAndExecProcess(String filename, String[] argv, String[] envp, String cwd, Boolean redirectStdin, Boolean redirectStdout, Boolean redirectStderr, Boolean setCredentials, UInt32 userId, UInt32 groupId, UInt32[] groups, Int32& stdinFd, Int32& stdoutFd, Int32& stderrFd, Boolean usesTerminal, Boolean throwOnNoExec)
|
|
at System.Diagnostics.Process.StartCore(ProcessStartInfo startInfo)
|
|
at System.Diagnostics.Process.Start()
|
|
at AyaNova.Util.RunProgram.RunLinuxBash(String cmd, String arguments, Int32 waitForExitTimeOut) in C:\data\code\raven\server\AyaNova\util\RunProgram.cs:line 96
|
|
at AyaNova.Util.RunProgram.Run(String cmd, String arguments, ILogger log, Int32 waitForExitTimeOut) in C:\data\code\raven\server\AyaNova\util\RunProgram.cs:line 28
|
|
2020-06-06 18:06:22.4365|ERROR|CoreJobBackup|Backup failed=>System.ComponentModel.Win32Exception (2): No such file or directory
|
|
at AyaNova.Util.RunProgram.Run(String cmd, String arguments, ILogger log, Int32 waitForExitTimeOut) in C:\data\code\raven\server\AyaNova\util\RunProgram.cs:line 37
|
|
at AyaNova.Biz.CoreJobBackup.DoWorkAsync(Boolean OnDemand) in C:\data\code\raven\server\AyaNova\generator\CoreJobBackup.cs:line 112
|
|
2020-06-06 18:06:22.4399|ERROR|JobsBiz|ProcessJobs::Exclusive -> job Backup (on demand) failed with exception=>System.ComponentModel.Win32Exception (2): No such file or directory
|
|
at AyaNova.Biz.CoreJobBackup.DoWorkAsync(Boolean OnDemand) in C:\data\code\raven\server\AyaNova\generator\CoreJobBackup.cs:line 112
|
|
at AyaNova.Biz.CoreJobBackup.DoWorkAsync(Boolean OnDemand) in C:\data\code\raven\server\AyaNova\generator\CoreJobBackup.cs:line 112
|
|
at AyaNova.Biz.JobsBiz.ProcessJobAsync(OpsJob job) in C:\data\code\raven\server\AyaNova\biz\JobsBiz.cs:line 268
|
|
at AyaNova.Biz.JobsBiz.ProcessJobsAsync() in C:\data\code\raven\server\AyaNova\biz\JobsBiz.cs:line 173
|
|
|
|
todo: backup
|
|
Change pg_dump stuff to just generic command to call for backup
|
|
add switch somewhere to "automatic backup" so can turn off in event of externally done backup
|
|
this will take backup processing out of the generator loop
|
|
but keep the backup ui so even if external, can download the backup files
|
|
|
|
Include pg_dump into AyaNova container so it can call it directly?
|
|
https://docs.docker.com/engine/examples/postgresql_service/
|
|
https://docs.docker.com/engine/examples/dotnetcore/
|
|
sudo apt install postgresql-client
|
|
Alpine linux install postgres client:
|
|
apk add postgresql-client
|
|
Alpine linux enter container and run shell from docker:
|
|
docker run -it [container_id] /bin/ash
|
|
Manual backup command as it's run by AyaNova:
|
|
pg_dump --dbname=postgresql://postgres:letmein@postgresserver:5432/AyaNova -Fc > /var/lib/ayanova/files/backup/manual-db-20200606184524472.backup
|
|
|
|
|
|
todo: make docker cheat sheet
|
|
|
|
todo: add backup master time out setting
|
|
environment variable
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TODO: restrict server so randos can't login since the client now has all the logins helpfully pre-loaded on it
|
|
not sure how to do that and still support phone via cellular network or other people's wifi from logging in
|
|
Firewall settings I guess of some kind or maybe require a manual edit to the password, like add a 1 to the end of all of them or something?
|
|
|
|
todo: it would be very handy to say the least to be able to run raven locally in linux for testing here
|
|
maybe virtual box, but I sure don't want to fuck up things, maybe need another computer, some cheap shitbox can test on?
|
|
is it slowing down development is really the only question I guess
|
|
|
|
todo: notification?
|
|
|
|
todo: OPS notification created for failed jobs
|
|
also maybe direct immediate email bypassing generator?
|
|
Add backup fail to this will stub out for now
|
|
|
|
todo: (BREAK THIS OUT INTO LATER/NOW/CASES) there are several outstanding AUTHENTICATION related cases in rockfish for RAVEN
|
|
e.g. https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1924
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1835
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1998 <---this is an important case for consideration
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3367 <--time limited accounts for support or temporary access?
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/2059 <--- time restricted accounts so user can only login during business hours (still to be considered)
|
|
2fa stuff, some logging and lockout stuff
|
|
Go through the auth related cases and notes in client side and implement or close
|
|
todo: 2fa? (if not in first release, is there something needed to support it in future dbwise?)
|
|
todo: Auth Backdoor reset password feature
|
|
how to code it here, pretty easy to do:
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3250
|
|
todo: Look into 2fa
|
|
https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/3395
|
|
todo: look into how to use an SSL certificate with the RAVEN server directly when not behind nginx
|
|
https://docs.microsoft.com/en-us/aspnet/core/fundamentals/servers/kestrel?view=aspnetcore-3.1
|
|
- this should be supported by default out of the box working with Let's encrypt ideally
|
|
- is it now considered ok to host .net core web api directly internet facing?
|
|
todo: onboarding and default manager account password
|
|
- Need to come up with a safety plan for this so people don't leave it at default
|
|
- Maybe the very first thing required of a user is to change the password before any tasks can be performed
|
|
- Server stays in safety lock until they set a password?
|
|
- Or maybe a random password is generated on seeding and somehow provided to user through console or something?
|
|
- Maybe an empty db if no other users can be set password only so no one has made a hidden backdoor user account before ops changes it?
|
|
- maybe tied to license if licensed so they bring some info they have from rockfish / their license purchase or something?
|
|
- don't want it to be onerous too much and have some very inexperienced users so...
|
|
- see what other programs do, like our forum software
|
|
todo: API docs, make separate page for datalists and remove from api-response-format.md doc but put a reference link to it there.
|
|
|
|
DEPLOY AND TEST
|
|
|
|
todo: Test backup on Linux
|
|
- going to need to run in vm I think maybe
|
|
|
|
|
|
MAYBE
|
|
todo: tag refcount
|
|
Move this into a procedure, it's apparently quite slow now that I can see the metrics
|