From 96c78ee43524a7e36d292fbc47cd1c3523f79ac7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sat, 19 Mar 2016 16:40:55 +0100 Subject: README.md comment --- nms/README.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'nms') diff --git a/nms/README.md b/nms/README.md index 4d310cb..68d9ab9 100644 --- a/nms/README.md +++ b/nms/README.md @@ -2,11 +2,13 @@ ## Installation - fetch data from tg server: `scp ${USER}@wat.gathering.org:/root/nms-2015.sql.gz .` +- Rename the nms dump so we can use it later: `mv nms-2015.sql.gz nms-dump.sql.gz` - Do the Debian install(or whatever OS you're on.): https://docs.docker.com/engine/installation/linux/debian/ And make sure that your user is in the docker group, so that you can run docker without sudo. - Clone repository: `git clone git@github.com:tech-server/tgmanage.git` + - run `./makedockerfiles.sh`, which creates the docker image files, and builds them. -- cgit v1.2.3 From 767374fb31f8d993cc75e2e8c79e9eb3c57ee555 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sat, 19 Mar 2016 16:50:28 +0100 Subject: Spelling mistake in Readme. --- nms/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nms') diff --git a/nms/README.md b/nms/README.md index 68d9ab9..107b630 100644 --- a/nms/README.md +++ b/nms/README.md @@ -14,7 +14,7 @@ - Start database node: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=db nms-db` - Start front end node: ` docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=front --link=db:db nms-front ` -- Find IP's: `docker inspect front`, `docker instpect db` +- Find IP's: `docker inspect front`, `docker inspect db` - Start a shell in a container: `docker exec front /bin/bash` - Open localhost:PORT in browser to start testing. -- cgit v1.2.3 From 06c9106b396d02d45ce5dd954507d010063ded59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sun, 20 Mar 2016 13:59:46 +0100 Subject: Added basic .bashrc file for simplifed development in container. --- nms/.bashrc | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 nms/.bashrc (limited to 'nms') diff --git a/nms/.bashrc b/nms/.bashrc new file mode 100644 index 0000000..c1fd16f --- /dev/null +++ b/nms/.bashrc @@ -0,0 +1,8 @@ +NAME='NMS Docker' + +# Aliases +alias h="history" +alias l="ls -lAhoF --color --show-control-chars" +alias ll="ls -lash --color --show-control-chars" +alias cd..="cd .." + -- cgit v1.2.3 From 25c603b32eaf35f07bea0dfd9541afd196cb1343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sun, 20 Mar 2016 14:00:33 +0100 Subject: Updated config to nms-dev-db --- nms/config.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nms') diff --git a/nms/config.pm b/nms/config.pm index faaeaa1..db9775f 100755 --- a/nms/config.pm +++ b/nms/config.pm @@ -6,9 +6,9 @@ package nms::config; # DB our $db_name = "nms"; -our $db_host = "db"; +our $db_host = "nms-dev-db.gathering.org"; our $db_username = "nms"; -our $db_password = "foobar"; +our $db_password = "nms-lol"; # NMS hash used for public NMS obfuscation of interface names our $nms_hash = ""; -- cgit v1.2.3 From 47788e2d2c95ecf4174dbb9ab8d5dafcfd552c67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sun, 20 Mar 2016 14:01:13 +0100 Subject: Updated Readme with new docker run commands. --- nms/README.md | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) (limited to 'nms') diff --git a/nms/README.md b/nms/README.md index 107b630..739fc5b 100644 --- a/nms/README.md +++ b/nms/README.md @@ -4,21 +4,28 @@ - fetch data from tg server: `scp ${USER}@wat.gathering.org:/root/nms-2015.sql.gz .` - Rename the nms dump so we can use it later: `mv nms-2015.sql.gz nms-dump.sql.gz` -- Do the Debian install(or whatever OS you're on.): https://docs.docker.com/engine/installation/linux/debian/ And make sure that your user is in the docker group, so that you can run docker without sudo. +- Do the Debian install(or whatever OS you're on.): +https://docs.docker.com/engine/installation/linux/debian/ +And make sure that your user is in the docker group, so that you can run docker without sudo. - Clone repository: `git clone git@github.com:tech-server/tgmanage.git` - - run `./makedockerfiles.sh`, which creates the docker image files, and builds them. -- Start database node: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=db nms-db` -- Start front end node: ` docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=front --link=db:db nms-front ` -- Find IP's: `docker inspect front`, `docker inspect db` -- Start a shell in a container: `docker exec front /bin/bash` -- Open localhost:PORT in browser to start testing. +- Start database node: +`docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=db nms-db` + +- Start front end node: +-- with cgroup: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=front --link=db:db nms-front` + +-- getting to prompt(without cgroup): +`docker run -v "/home/kiro/repos/tgmanage:/srv/tgmanage" -v "/home/kiro/repos/tgmanage/nms/.bashrc:/root/.bashrc" -w "/srv/tgmanage/web/nms.gathering.org" \ +-it --privileged nms-front /bin/bash` +- Find IP's: +`docker inspect nms-db | grep "IPAddress\":"` +`docker inspect nms-front | grep "IPAddress\":"` +- Open the nms-front ip in the web browser. -## TODO -- finish the installation guide above. -- cgit v1.2.3 From 0ff7168d629c33a76ee117767a279afaabbca85c Mon Sep 17 00:00:00 2001 From: Kristian Lyngstol Date: Sun, 20 Mar 2016 14:09:25 +0000 Subject: NMS: Update schema with recent dhcp-changes --- nms/nms-dump.sql | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) (limited to 'nms') diff --git a/nms/nms-dump.sql b/nms/nms-dump.sql index bbe141d..335a3b0 100644 --- a/nms/nms-dump.sql +++ b/nms/nms-dump.sql @@ -44,17 +44,18 @@ SET default_tablespace = ''; SET default_with_oids = false; -- --- Name: dhcp; Type: TABLE; Schema: public; Owner: postgres; Tablespace: +-- Name: dhcp; Type: TABLE; Schema: public; Owner: nms; Tablespace: -- CREATE TABLE dhcp ( switch integer, "time" timestamp without time zone, - mac macaddr + mac macaddr, + ip inet ); -ALTER TABLE dhcp OWNER TO postgres; +ALTER TABLE dhcp OWNER TO nms; -- -- Name: linknet_ping; Type: TABLE; Schema: public; Owner: nms; Tablespace: @@ -162,7 +163,7 @@ CREATE TABLE seen_mac ( ALTER TABLE seen_mac OWNER TO nms; -- --- Name: snmp; Type: TABLE; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp; Type: TABLE; Schema: public; Owner: nms; Tablespace: -- CREATE TABLE snmp ( @@ -176,7 +177,7 @@ CREATE TABLE snmp ( ALTER TABLE snmp OWNER TO nms; -- --- Name: snmp_id_seq; Type: SEQUENCE; Schema: public; Owner: postgres +-- Name: snmp_id_seq; Type: SEQUENCE; Schema: public; Owner: nms -- CREATE SEQUENCE snmp_id_seq @@ -190,7 +191,7 @@ CREATE SEQUENCE snmp_id_seq ALTER TABLE snmp_id_seq OWNER TO nms; -- --- Name: snmp_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: postgres +-- Name: snmp_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: nms -- ALTER SEQUENCE snmp_id_seq OWNED BY snmp.id; @@ -292,7 +293,7 @@ ALTER TABLE ONLY linknets ALTER COLUMN linknet SET DEFAULT nextval('linknets_lin -- --- Name: id; Type: DEFAULT; Schema: public; Owner: postgres +-- Name: id; Type: DEFAULT; Schema: public; Owner: nms -- ALTER TABLE ONLY snmp ALTER COLUMN id SET DEFAULT nextval('snmp_id_seq'::regclass); @@ -354,14 +355,14 @@ ALTER TABLE ONLY switches -- --- Name: dhcp_switch; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: dhcp_switch; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX dhcp_switch ON dhcp USING btree (switch); -- --- Name: dhcp_time; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: dhcp_time; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX dhcp_time ON dhcp USING btree ("time"); @@ -417,21 +418,21 @@ CREATE INDEX seen_mac_seen ON seen_mac USING btree (seen); -- --- Name: snmp_time; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp_time; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX snmp_time ON snmp USING btree ("time"); -- --- Name: snmp_time15; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp_time15; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX snmp_time15 ON snmp USING btree (id, switch); -- --- Name: snmp_time6; Type: INDEX; Schema: public; Owner: postgres; Tablespace: +-- Name: snmp_time6; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- CREATE INDEX snmp_time6 ON snmp USING btree ("time" DESC, switch); @@ -466,7 +467,7 @@ CREATE INDEX updated_index3 ON ping_secondary_ip USING btree ("time"); -- --- Name: dhcp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: postgres +-- Name: dhcp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: nms -- ALTER TABLE ONLY dhcp @@ -474,7 +475,7 @@ ALTER TABLE ONLY dhcp -- --- Name: snmp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: postgres +-- Name: snmp_switch_fkey; Type: FK CONSTRAINT; Schema: public; Owner: nms -- ALTER TABLE ONLY snmp @@ -525,23 +526,23 @@ GRANT ALL ON TABLE seen_mac TO nms; -- --- Name: snmp; Type: ACL; Schema: public; Owner: postgres +-- Name: snmp; Type: ACL; Schema: public; Owner: nms -- REVOKE ALL ON TABLE snmp FROM PUBLIC; -REVOKE ALL ON TABLE snmp FROM postgres; -GRANT ALL ON TABLE snmp TO postgres; +REVOKE ALL ON TABLE snmp FROM nms; GRANT ALL ON TABLE snmp TO nms; +GRANT ALL ON TABLE snmp TO postgres; -- --- Name: snmp_id_seq; Type: ACL; Schema: public; Owner: postgres +-- Name: snmp_id_seq; Type: ACL; Schema: public; Owner: nms -- REVOKE ALL ON SEQUENCE snmp_id_seq FROM PUBLIC; -REVOKE ALL ON SEQUENCE snmp_id_seq FROM postgres; -GRANT ALL ON SEQUENCE snmp_id_seq TO postgres; +REVOKE ALL ON SEQUENCE snmp_id_seq FROM nms; GRANT ALL ON SEQUENCE snmp_id_seq TO nms; +GRANT ALL ON SEQUENCE snmp_id_seq TO postgres; -- -- cgit v1.2.3 From 699d843a141f3bc8a835c38cce039737f3dfd5ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sun, 20 Mar 2016 17:37:56 +0100 Subject: Readme: updated docker cms + added link location to working dev site. --- nms/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'nms') diff --git a/nms/README.md b/nms/README.md index 739fc5b..7be3f14 100644 --- a/nms/README.md +++ b/nms/README.md @@ -21,11 +21,12 @@ And make sure that your user is in the docker group, so that you can run docker -- getting to prompt(without cgroup): `docker run -v "/home/kiro/repos/tgmanage:/srv/tgmanage" -v "/home/kiro/repos/tgmanage/nms/.bashrc:/root/.bashrc" -w "/srv/tgmanage/web/nms.gathering.org" \ --it --privileged nms-front /bin/bash` +-rm=true -ti --name=front --privileged nms-front /bin/bash` - Find IP's: `docker inspect nms-db | grep "IPAddress\":"` `docker inspect nms-front | grep "IPAddress\":"` - Open the nms-front ip in the web browser. +http://172.17.0.2:8080/ -- cgit v1.2.3 From fe68ba984f7f1c1e586fc02219b80adedb64c555 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20Kir=C3=B8?= Date: Sun, 20 Mar 2016 18:03:36 +0100 Subject: bash rc stuffs for dev docker container. --- nms/.bashrc | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'nms') diff --git a/nms/.bashrc b/nms/.bashrc index c1fd16f..06072e3 100644 --- a/nms/.bashrc +++ b/nms/.bashrc @@ -1,5 +1,13 @@ NAME='NMS Docker' + +ln -s /srv/tgmanage/web/etc/apache2/nms.tg16.gathering.org.conf /etc/apache2/sites-enabled/ +ln -s /srv/tgmanage/nms/config.pm /srv/tgmanage/include/ +echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/.htpasswd + +/etc/init.d/apache2 restart +echo "go here to look at nms: http://172.17.0.2:8080/" + # Aliases alias h="history" alias l="ls -lAhoF --color --show-control-chars" -- cgit v1.2.3 From 3a6b6c97c3aa7a0824c524dae538e28fa0fac782 Mon Sep 17 00:00:00 2001 From: Nicolai Tellefsen Date: Tue, 22 Mar 2016 14:00:10 +0100 Subject: NMS: Add new demo htpasswd-files to Dockerfile.in --- nms/Dockerfile.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'nms') diff --git a/nms/Dockerfile.in b/nms/Dockerfile.in index b65168d..9f0dfd6 100644 --- a/nms/Dockerfile.in +++ b/nms/Dockerfile.in @@ -93,7 +93,8 @@ RUN a2enmod cgi RUN sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf RUN ln -s /srv/tgmanage/web/etc/apache2/nms.tg16.gathering.org.conf /etc/apache2/sites-enabled/ #(no, not for production, it's just demo:demo during development) -RUN echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/.htpasswd +RUN echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/htpasswd-read +RUN echo 'demo:$apr1$IKrQYF6x$0zmRciLR7Clc2tEEosyHV.' > /srv/tgmanage/web/htpasswd-write RUN systemctl enable apache2 # Varnish shait -- cgit v1.2.3 From c0d369658bbafc88266689375633a2e30369d860 Mon Sep 17 00:00:00 2001 From: Kristian Lyngstol Date: Sat, 26 Mar 2016 03:59:19 +0100 Subject: Postgres: Update hw config --- nms/postgresql.conf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'nms') diff --git a/nms/postgresql.conf b/nms/postgresql.conf index 23241a7..dee1129 100644 --- a/nms/postgresql.conf +++ b/nms/postgresql.conf @@ -113,19 +113,19 @@ ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' # (change requires rest # - Memory - -shared_buffers = 2048MB # min 128kB +shared_buffers = 76GB # min 128kB # (change requires restart) #huge_pages = try # on, off, or try # (change requires restart) -#temp_buffers = 8MB # min 800kB +temp_buffers = 32MB # min 800kB #max_prepared_transactions = 0 # zero disables the feature # (change requires restart) # Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory # per transaction slot, plus lock space (see max_locks_per_transaction). # It is not advisable to set max_prepared_transactions nonzero unless you # actively intend to use prepared transactions. -#work_mem = 4MB # min 64kB -#maintenance_work_mem = 64MB # min 1MB +work_mem = 16MB # min 64kB +maintenance_work_mem = 256MB # min 1MB #autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem #max_stack_depth = 2MB # min 100kB dynamic_shared_memory_type = posix # the default is the first option @@ -173,7 +173,7 @@ dynamic_shared_memory_type = posix # the default is the first option # - Settings - -#wal_level = minimal # minimal, archive, hot_standby, or logical +wal_level = archive # minimal, archive, hot_standby, or logical # (change requires restart) #fsync = on # turns forced synchronization on or off #synchronous_commit = on # synchronization level; -- cgit v1.2.3 From 10493f224f11bcf1dac3b509c3e440cf63fe39fc Mon Sep 17 00:00:00 2001 From: Kristian Lyngstol Date: Sat, 26 Mar 2016 03:59:37 +0100 Subject: NMS: Dump updated schema It needs cleaning, obviously, but at least it's there. --- nms/nms-dump.sql | 149 ++++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 142 insertions(+), 7 deletions(-) (limited to 'nms') diff --git a/nms/nms-dump.sql b/nms/nms-dump.sql index 335a3b0..25ba3ac 100644 --- a/nms/nms-dump.sql +++ b/nms/nms-dump.sql @@ -49,7 +49,7 @@ SET default_with_oids = false; CREATE TABLE dhcp ( switch integer, - "time" timestamp without time zone, + "time" timestamp with time zone, mac macaddr, ip inet ); @@ -78,9 +78,11 @@ ALTER TABLE linknet_ping OWNER TO nms; CREATE TABLE linknets ( linknet integer NOT NULL, switch1 integer NOT NULL, - addr1 inet NOT NULL, + addr1 inet, switch2 integer NOT NULL, - addr2 inet NOT NULL + addr2 inet, + port1 character varying(10), + port2 character varying(10) ); @@ -253,19 +255,26 @@ ALTER TABLE switch_temp OWNER TO nms; CREATE TABLE switches ( switch integer DEFAULT nextval(('"switches_switch_seq"'::text)::regclass) NOT NULL, - ip inet, + mgmt_v4_addr inet, sysname character varying NOT NULL, switchtype character varying DEFAULT 'ex2200'::character varying NOT NULL, last_updated timestamp with time zone, locked boolean DEFAULT false NOT NULL, poll_frequency interval DEFAULT '00:01:00'::interval NOT NULL, - community character varying DEFAULT 'public'::character varying NOT NULL, + community character varying DEFAULT 'FullPuppTilNMS'::character varying NOT NULL, lldp_chassis_id character varying, - secondary_ip inet, + mgmt_v6_addr inet, placement box, subnet4 cidr, subnet6 cidr, - distro character varying + distro_name character varying, + distro_phy_port character varying(100), + mgmt_v6_gw inet, + mgmt_v4_gw inet, + mgmt_vlan integer DEFAULT 666, + traffic_vlan integer, + last_config_fetch timestamp with time zone, + current_mac macaddr ); @@ -285,6 +294,17 @@ CREATE SEQUENCE switches_switch_seq ALTER TABLE switches_switch_seq OWNER TO nms; +-- +-- Name: test_table; Type: TABLE; Schema: public; Owner: nms; Tablespace: +-- + +CREATE TABLE test_table ( + test timestamp with time zone +); + + +ALTER TABLE test_table OWNER TO nms; + -- -- Name: linknet; Type: DEFAULT; Schema: public; Owner: nms -- @@ -354,6 +374,20 @@ ALTER TABLE ONLY switches ADD CONSTRAINT switches_sysname_key1 UNIQUE (sysname); +-- +-- Name: dhcp_ip; Type: INDEX; Schema: public; Owner: nms; Tablespace: +-- + +CREATE INDEX dhcp_ip ON dhcp USING btree (ip); + + +-- +-- Name: dhcp_mac; Type: INDEX; Schema: public; Owner: nms; Tablespace: +-- + +CREATE INDEX dhcp_mac ON dhcp USING btree (mac); + + -- -- Name: dhcp_switch; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- @@ -375,6 +409,13 @@ CREATE INDEX dhcp_time ON dhcp USING btree ("time"); CREATE INDEX ping_index ON ping USING btree ("time"); +-- +-- Name: ping_secondary_index; Type: INDEX; Schema: public; Owner: nms; Tablespace: +-- + +CREATE INDEX ping_secondary_index ON ping_secondary_ip USING btree ("time"); + + -- -- Name: polls_ifname; Type: INDEX; Schema: public; Owner: nms; Tablespace: -- @@ -514,6 +555,67 @@ REVOKE ALL ON SCHEMA public FROM PUBLIC; REVOKE ALL ON SCHEMA public FROM postgres; GRANT ALL ON SCHEMA public TO postgres; GRANT ALL ON SCHEMA public TO PUBLIC; +GRANT ALL ON SCHEMA public TO fap; + + +-- +-- Name: dhcp; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE dhcp FROM PUBLIC; +REVOKE ALL ON TABLE dhcp FROM nms; +GRANT ALL ON TABLE dhcp TO nms; +GRANT ALL ON TABLE dhcp TO fap; + + +-- +-- Name: linknet_ping; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE linknet_ping FROM PUBLIC; +REVOKE ALL ON TABLE linknet_ping FROM nms; +GRANT ALL ON TABLE linknet_ping TO nms; +GRANT ALL ON TABLE linknet_ping TO fap; + + +-- +-- Name: linknets; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE linknets FROM PUBLIC; +REVOKE ALL ON TABLE linknets FROM nms; +GRANT ALL ON TABLE linknets TO nms; +GRANT ALL ON TABLE linknets TO fap; + + +-- +-- Name: ping; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE ping FROM PUBLIC; +REVOKE ALL ON TABLE ping FROM nms; +GRANT ALL ON TABLE ping TO nms; +GRANT ALL ON TABLE ping TO fap; + + +-- +-- Name: ping_secondary_ip; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE ping_secondary_ip FROM PUBLIC; +REVOKE ALL ON TABLE ping_secondary_ip FROM nms; +GRANT ALL ON TABLE ping_secondary_ip TO nms; +GRANT ALL ON TABLE ping_secondary_ip TO fap; + + +-- +-- Name: polls; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE polls FROM PUBLIC; +REVOKE ALL ON TABLE polls FROM nms; +GRANT ALL ON TABLE polls TO nms; +GRANT ALL ON TABLE polls TO fap; -- @@ -523,6 +625,7 @@ GRANT ALL ON SCHEMA public TO PUBLIC; REVOKE ALL ON TABLE seen_mac FROM PUBLIC; REVOKE ALL ON TABLE seen_mac FROM nms; GRANT ALL ON TABLE seen_mac TO nms; +GRANT ALL ON TABLE seen_mac TO fap; -- @@ -533,6 +636,7 @@ REVOKE ALL ON TABLE snmp FROM PUBLIC; REVOKE ALL ON TABLE snmp FROM nms; GRANT ALL ON TABLE snmp TO nms; GRANT ALL ON TABLE snmp TO postgres; +GRANT ALL ON TABLE snmp TO fap; -- @@ -545,6 +649,26 @@ GRANT ALL ON SEQUENCE snmp_id_seq TO nms; GRANT ALL ON SEQUENCE snmp_id_seq TO postgres; +-- +-- Name: switch_comments; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE switch_comments FROM PUBLIC; +REVOKE ALL ON TABLE switch_comments FROM nms; +GRANT ALL ON TABLE switch_comments TO nms; +GRANT ALL ON TABLE switch_comments TO fap; + + +-- +-- Name: switch_temp; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE switch_temp FROM PUBLIC; +REVOKE ALL ON TABLE switch_temp FROM nms; +GRANT ALL ON TABLE switch_temp TO nms; +GRANT ALL ON TABLE switch_temp TO fap; + + -- -- Name: switches; Type: ACL; Schema: public; Owner: nms -- @@ -552,6 +676,17 @@ GRANT ALL ON SEQUENCE snmp_id_seq TO postgres; REVOKE ALL ON TABLE switches FROM PUBLIC; REVOKE ALL ON TABLE switches FROM nms; GRANT ALL ON TABLE switches TO nms; +GRANT ALL ON TABLE switches TO fap; + + +-- +-- Name: test_table; Type: ACL; Schema: public; Owner: nms +-- + +REVOKE ALL ON TABLE test_table FROM PUBLIC; +REVOKE ALL ON TABLE test_table FROM nms; +GRANT ALL ON TABLE test_table TO nms; +GRANT ALL ON TABLE test_table TO fap; -- -- cgit v1.2.3 From 5b50f16d2e80e2fbff06a02866ade044781315c0 Mon Sep 17 00:00:00 2001 From: Joachim Tingvold Date: Sat, 26 Mar 2016 14:38:17 +0100 Subject: Cleaning. --- nms/README.md | 2 +- nms/note | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) delete mode 100644 nms/note (limited to 'nms') diff --git a/nms/README.md b/nms/README.md index 7be3f14..9a23e8d 100644 --- a/nms/README.md +++ b/nms/README.md @@ -18,7 +18,6 @@ And make sure that your user is in the docker group, so that you can run docker - Start front end node: -- with cgroup: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --privileged --rm -ti --name=front --link=db:db nms-front` - -- getting to prompt(without cgroup): `docker run -v "/home/kiro/repos/tgmanage:/srv/tgmanage" -v "/home/kiro/repos/tgmanage/nms/.bashrc:/root/.bashrc" -w "/srv/tgmanage/web/nms.gathering.org" \ -rm=true -ti --name=front --privileged nms-front /bin/bash` @@ -30,3 +29,4 @@ And make sure that your user is in the docker group, so that you can run docker - Open the nms-front ip in the web browser. http://172.17.0.2:8080/ +- Note: `docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --rm -ti` diff --git a/nms/note b/nms/note deleted file mode 100644 index 58adfa6..0000000 --- a/nms/note +++ /dev/null @@ -1 +0,0 @@ -# docker run -v /sys/fs/cgroup:/sys/fs/cgroup:ro --rm -ti -- cgit v1.2.3 From b8f28a570e9d37c9b5e445c85a50640022184fe9 Mon Sep 17 00:00:00 2001 From: Joachim Tingvold Date: Sat, 26 Mar 2016 14:39:22 +0100 Subject: ACL on das database. --- nms/pg_hba.conf | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'nms') diff --git a/nms/pg_hba.conf b/nms/pg_hba.conf index d026e1a..9b23a31 100644 --- a/nms/pg_hba.conf +++ b/nms/pg_hba.conf @@ -95,6 +95,22 @@ host all all ::1/128 md5 host nms nms 172.17.0.0/16 md5 +# NOC-nett +host nms nms 185.110.150.0/25 md5 +host nms nms 2a06:5841:150a::0/64 md5 + +host nms fap 185.110.150.0/25 md5 +host nms fap 2a06:5841:150a::0/64 md5 + +# Server-nett +host nms nms 185.110.148.0/26 md5 +host nms nms 2a06:5841:1337::0/64 md5 + +host nms fap 185.110.148.0/26 md5 +host nms fap 2a06:5841:1337::0/64 md5 +# r2-d2 med mer +host nms nms 185.110.149.0/26 md5 + # Allow replication connections from localhost, by a user with the # replication privilege. #local replication postgres peer -- cgit v1.2.3