From fdf02bd6ecd4a7970efdc57b687fc543b5a9c093 Mon Sep 17 00:00:00 2001 From: dingjiahuichina Date: Fri, 17 Oct 2025 16:29:17 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E4=BC=98=E5=8C=96dev-store=E5=AE=89?= =?UTF-8?q?=E8=A3=85=E4=B8=8E=E5=88=9D=E5=A7=8B=E5=8C=96=E8=84=9A=E6=9C=AC?= =?UTF-8?q?=EF=BC=8C=E7=94=A8sqlite=E6=9B=BF=E6=8D=A2Mariadb?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/artifacts/utils.py | 5 +- backend/configs/mariadb/init_mariadb.conf | 5 - backend/configs/mariadb/mariadb.conf | 9 - .../mariadb/mariadb_ciphertext_data.json | 7 - backend/constants/configs/mariadb_config.py | 71 --- .../configs/sqlite_config.py} | 41 +- backend/constants/paths.py | 9 +- backend/dev-store-start.sh | 2 +- backend/dev_store/settings.py | 4 +- backend/services/encrypt_mariadb_passwd.py | 35 -- backend/services/init_mariadb.sh | 415 ------------------ build/dev-store.service | 5 +- build/dev-store.spec | 18 +- 13 files changed, 50 insertions(+), 576 deletions(-) delete mode 100644 backend/configs/mariadb/init_mariadb.conf delete mode 100644 backend/configs/mariadb/mariadb.conf delete mode 100644 backend/configs/mariadb/mariadb_ciphertext_data.json delete mode 100644 backend/constants/configs/mariadb_config.py rename backend/{services/modify_mariadb_config.py => constants/configs/sqlite_config.py} (51%) delete mode 100644 backend/services/encrypt_mariadb_passwd.py delete mode 100644 backend/services/init_mariadb.sh diff --git a/backend/artifacts/utils.py b/backend/artifacts/utils.py index c12a1a7..d120eca 100644 --- a/backend/artifacts/utils.py +++ b/backend/artifacts/utils.py @@ -46,7 +46,10 @@ def clear_table(table_name): """清空指定数据库表并重置自增主键""" logger.info(f"Start to clear table '{table_name}'") with connection.cursor() as cursor: - cursor.execute(f"TRUNCATE TABLE {table_name}") + # SQLite不支持TRUNCATE,使用DELETE FROM代替 + cursor.execute(f"DELETE FROM {table_name}") + # 重置SQLite的自增序列 + cursor.execute(f"DELETE FROM sqlite_sequence WHERE name='{table_name}'") def set_plugin_action_status(action_list, action_name, status): diff --git a/backend/configs/mariadb/init_mariadb.conf b/backend/configs/mariadb/init_mariadb.conf deleted file mode 100644 index cdebaa4..0000000 --- a/backend/configs/mariadb/init_mariadb.conf +++ /dev/null @@ -1,5 +0,0 @@ -root_password = -# dev_store 用户的密码至少包含8个字符,大小写字母、数字、特殊符号三种以上 -# The password for dev_store users must contain at least 8 characters, -# including more than three types: upper and lower case letters, numbers, and special symbols -dev_store_password = \ No newline at end of file diff --git a/backend/configs/mariadb/mariadb.conf b/backend/configs/mariadb/mariadb.conf deleted file mode 100644 index a35116e..0000000 --- a/backend/configs/mariadb/mariadb.conf +++ /dev/null @@ -1,9 +0,0 @@ -[mariadb] -# 数据库名称 -name = -# 数据库地址 -host = 0.0.0.0 -# 端口 -port = 3306 -# 数据库用户名 -user = dev_store \ No newline at end of file diff --git a/backend/configs/mariadb/mariadb_ciphertext_data.json b/backend/configs/mariadb/mariadb_ciphertext_data.json deleted file mode 100644 index d1d8ef9..0000000 --- a/backend/configs/mariadb/mariadb_ciphertext_data.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "half_key": "", - "encrypted_work_key": "", - "work_key_iv": "", - "plaintext_iv": "", - "ciphertext": "" -} \ No newline at end of file diff --git a/backend/constants/configs/mariadb_config.py b/backend/constants/configs/mariadb_config.py deleted file mode 100644 index 90444a9..0000000 --- a/backend/constants/configs/mariadb_config.py +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright (c) 2025 Huawei Technologies Co., Ltd. -# oeDeploy is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. -# Create: 2025-07-18 -# ====================================================================================================================== - -import json -from configparser import MissingSectionHeaderError, ParsingError - -from constants.paths import MARIADB_CONFIG_FILE, MARIADB_JSON_FILE -from utils.cipher import CustomCipher -from utils.file_handler.base_handler import FileError -from utils.file_handler.conf_handler import ConfHandler -from utils.logger import init_log - -__all__ = ['MariaDBConfig', 'get_settings_mariadb_config'] -run_logger = init_log("run.log") - - -class MariaDBConfig: - NAME = '' - HOST = '' - PORT = '' - USER = '' - PASSWORD = '' - - -try: - conf_handler = ConfHandler(file_path=MARIADB_CONFIG_FILE, logger=run_logger) -except (FileError, MissingSectionHeaderError, ParsingError): - pass -else: - MariaDBConfig.NAME = conf_handler.get('mariadb', 'name', default='') - MariaDBConfig.HOST = conf_handler.get('mariadb', 'host', default='') - MariaDBConfig.PORT = conf_handler.get('mariadb', 'port', default='') - MariaDBConfig.USER = conf_handler.get('mariadb', 'user', default='') - MariaDBConfig.PASSWORD = conf_handler.get('mariadb', 'password', default='') - - -def get_settings_mariadb_config(): - with open(MARIADB_JSON_FILE, mode='r') as fr_handle: - ciphertext_data = json.load(fr_handle) - custom_cipher = CustomCipher() - plaintext = custom_cipher.decrypt_ciphertext_data(ciphertext_data) - database_config = { - 'NAME': MariaDBConfig.NAME, - 'HOST': MariaDBConfig.HOST, - 'PORT': MariaDBConfig.PORT, - 'USER': MariaDBConfig.USER, - 'PASSWORD': plaintext, - 'ENGINE': 'django.db.backends.mysql', - 'OPTIONS': { - 'init_command': 'SET sql_mode="STRICT_TRANS_TABLES"', - 'charset': 'utf8', - 'autocommit': True - }, - 'TEST': { - 'CHARSET': 'utf8', - 'COLLATION': 'utf8_bin' - } - } - del plaintext - return database_config diff --git a/backend/services/modify_mariadb_config.py b/backend/constants/configs/sqlite_config.py similarity index 51% rename from backend/services/modify_mariadb_config.py rename to backend/constants/configs/sqlite_config.py index 9925325..574e446 100644 --- a/backend/services/modify_mariadb_config.py +++ b/backend/constants/configs/sqlite_config.py @@ -9,24 +9,33 @@ # IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR # PURPOSE. # See the Mulan PSL v2 for more details. -# Create: 2025-07-18 +# Create: 2025-10-21 # ====================================================================================================================== -import sys +import os +from constants.paths import SQLITE_DB_FILE -if "/var/lib/dev-store/src" not in sys.path: - sys.path.append("/var/lib/dev-store/src") +__all__ = ['get_settings_sqlite_config'] -from constants.paths import MARIADB_CONFIG_FILE -from utils.file_handler.conf_handler import ConfHandler - -if __name__ == '__main__': - try: - database_name = sys.argv[1] - conf_handler = ConfHandler(file_path=MARIADB_CONFIG_FILE, should_print=True) - conf_handler.set('mariadb', 'name', database_name) - conf_handler.save() - except Exception as ex: - print(ex) - sys.exit(1) +def get_settings_sqlite_config(): + """ + 获取SQLite数据库配置 + """ + # 确保数据库文件所在目录存在 + db_dir = os.path.dirname(SQLITE_DB_FILE) + if not os.path.exists(db_dir): + os.makedirs(db_dir, mode=0o755, exist_ok=True) + + database_config = { + 'ENGINE': 'django.db.backends.sqlite3', + 'NAME': SQLITE_DB_FILE, + 'OPTIONS': { + 'timeout': 20, + }, + 'TEST': { + 'NAME': ':memory:', + } + } + + return database_config diff --git a/backend/constants/paths.py b/backend/constants/paths.py index 73a57f6..39842a3 100644 --- a/backend/constants/paths.py +++ b/backend/constants/paths.py @@ -17,13 +17,14 @@ import os # 配置文件目录 CONFIG_DIR = '/etc/dev-store' -# /etc/dev-store/mariadb/mariadb.conf MariaDB 配置文件路径 -MARIADB_CONFIG_FILE = os.path.join(CONFIG_DIR, 'mariadb', 'mariadb.conf') -# /etc/dev-store/mariadb/mariadb_ciphertext_data.json MariaDB 密文数据 json 文件 -MARIADB_JSON_FILE = os.path.join(CONFIG_DIR, 'mariadb', 'mariadb_ciphertext_data.json') # /etc/dev-store/task_scheduler.conf 任务调度器配置文件路径 TASK_SCHEDULER_CONFIG_FILE = os.path.join(CONFIG_DIR, 'task_scheduler.conf') +# 数据库文件目录 +DB_DIR = '/var/lib/dev-store/db' +# /var/lib/dev-store/db/dev_store.db SQLite 数据库文件路径 +SQLITE_DB_FILE = os.path.join(DB_DIR, 'dev_store.db') + # 日志目录 LOG_DIR = '/var/log/dev-store' diff --git a/backend/dev-store-start.sh b/backend/dev-store-start.sh index 1cab545..a492707 100644 --- a/backend/dev-store-start.sh +++ b/backend/dev-store-start.sh @@ -5,4 +5,4 @@ set -e cd /var/lib/dev-store/src # 启动服务器 -python3 manage.py runserver 0.0.0.0:28080 +/usr/bin/python3 manage.py runserver 127.0.0.1:28080 diff --git a/backend/dev_store/settings.py b/backend/dev_store/settings.py index 63f04e4..971d49e 100644 --- a/backend/dev_store/settings.py +++ b/backend/dev_store/settings.py @@ -13,7 +13,7 @@ https://docs.djangoproject.com/en/5.2/ref/settings/ from pathlib import Path # Build paths inside the project like this: BASE_DIR / 'subdir'. -from constants.configs.mariadb_config import get_settings_mariadb_config +from constants.configs.sqlite_config import get_settings_sqlite_config from utils.time import get_time_zone BASE_DIR = Path(__file__).resolve().parent.parent @@ -78,7 +78,7 @@ WSGI_APPLICATION = 'dev_store.wsgi.application' # Database # https://docs.djangoproject.com/en/5.2/ref/settings/#databases -config_info = get_settings_mariadb_config() +config_info = get_settings_sqlite_config() DATABASES = { 'default': config_info } diff --git a/backend/services/encrypt_mariadb_passwd.py b/backend/services/encrypt_mariadb_passwd.py deleted file mode 100644 index 6bf2f0d..0000000 --- a/backend/services/encrypt_mariadb_passwd.py +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -# Copyright (c) 2025 Huawei Technologies Co., Ltd. -# oeDeploy is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. -# Create: 2025-07-18 -# ====================================================================================================================== - -import sys - -if "/var/lib/dev-store/src" not in sys.path: - sys.path.append("/var/lib/dev-store/src") - -from constants.paths import MARIADB_JSON_FILE -from utils.cipher import CustomCipher -from utils.file_handler.json_handler import JSONHandler - - -if __name__ == '__main__': - try: - plaintext = sys.argv[1] - custom_cipher = CustomCipher() - ciphertext_data = custom_cipher.encrypt_plaintext(plaintext) - json_handler = JSONHandler(file_path=MARIADB_JSON_FILE, should_print=True) - json_handler.data.update(ciphertext_data) - json_handler.save() - except Exception as ex: - print(ex) - sys.exit(1) diff --git a/backend/services/init_mariadb.sh b/backend/services/init_mariadb.sh deleted file mode 100644 index 49dc7d2..0000000 --- a/backend/services/init_mariadb.sh +++ /dev/null @@ -1,415 +0,0 @@ -#!/bin/bash -# Copyright (c) 2025 Huawei Technologies Co., Ltd. -# oeDeploy is licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. -# Create: 2025-07-18 -# ====================================================================================================================== - -auto=$1 -CONFIG_DIR="/etc/dev-store/mariadb" -INIT_MARIADB_CONFIG_FILE="${CONFIG_DIR}/init_mariadb.conf" -SERVICES_DIR="/var/lib/dev-store/services" - -SCRIPT_DIR=$(dirname $(readlink -f "${BASH_SOURCE[0]}")) -source ${SCRIPT_DIR}/log.sh - -# 读取配置文件 -function read_config_value { - local key="$1" - local allow_empty="$2" # 新增参数,表示是否允许空值 - - # 判断配置文件中 key 是否存在 - local item=$(grep "^${key} =" "${INIT_MARIADB_CONFIG_FILE}") - if [[ -z "${item}" ]]; then - error "The key '${key}' not found in the configuration file ${INIT_MARIADB_CONFIG_FILE}" - exit 1 - fi - - # 判断配置文件中对应 key 的值是否存在 - local value=$(echo "${item}" | awk -F= '{print $2}' | sed 's/[[:space:]]*$//' | xargs) - - if [[ -n "${value}" ]]; then - echo "${value}" - else - # 如果允许空值,则返回空字符串,否则报错退出 - if [[ "${allow_empty}" == "true" ]]; then - echo "" - else - error "The value of key '${key}' is empty in the configuration file ${INIT_MARIADB_CONFIG_FILE}" - exit 1 - fi - fi -} - -# 检查密码复杂度,密码至少包含8个字符,大小写字母、数字、特殊符号三种以上 -# 如果密码为空,则跳过复杂度检查 -function check_password_complexity() -{ - local variable_content=$1 - local complexity=0 - - # 如果密码为空,直接返回成功(跳过复杂度检查) - if [[ -z "${variable_content}" ]]; then - return 0 - fi - - if [[ ${#variable_content} -ge 8 ]]; then - complexity=$((${complexity}+1)) - else - return 1 - fi - - if [[ "${variable_content}" =~ [[:upper:]] ]]; then - complexity=$((${complexity}+1)) - fi - - if [[ "${variable_content}" =~ [[:lower:]] ]]; then - complexity=$((${complexity}+1)) - fi - - if [[ "${variable_content}" =~ [[:digit:]] ]]; then - complexity=$((${complexity}+1)) - fi - - if [[ "${variable_content}" =~ [[:punct:]] ]]; then - complexity=$((${complexity}+1)) - fi - - unset variable_content - if [[ "${complexity}" -ge 4 ]]; then - return 0 - else - return 1 - fi -} - - -# 启动 MariaDB 服务并设置自启动 -function start_mariadb_service() -{ - info "Starting the MariaDB service." - systemctl start mariadb - if [[ $? -ne 0 ]]; then - error "Failed to start the MariaDB service." - exit 1 - fi - - # 检查服务是否启动 - mariadb_status=$(systemctl is-active mariadb) - if [[ "${mariadb_status}" == "active" ]]; then - info "The MariaDB service is active." - else - error "The MariaDB service is inactive." - exit 1 - fi - - # 设置为开机自启动服务 - systemctl enable mariadb - if [[ $? -ne 0 ]]; then - warn "Failed to enable the MariaDB service." - fi -} - -# 配置防火墙,开放 MariaDB 端口 -function configure_firewall_for_mariadb() -{ - info "Start to check firewall." - if systemctl is-active --quiet firewalld; then - port_3306=$(firewall-cmd --query-port=3306/tcp) - if [[ "${port_3306}" == "no" ]]; then - port_3306=$(firewall-cmd --zone=public --add-port=3306/tcp --permanent) - firewall-cmd --reload - fi - port_3306=$(firewall-cmd --query-port=3306/tcp) - if [[ "${port_3306}" != "yes" ]]; then - error "Failed to enable port 3306." - exit 1 - fi - fi - info "Check firewall done." -} - - -# 执行 MariaDB 安全配置 -function execute_mysql_secure_installation() -{ - local auto="$1" - - info "Execute the command [mysql_secure_installation] to perform MariaDB security configuration." - - if [ "${auto}" == "auto" ]; then - local root_password="$(read_config_value 'root_password' 'true')" - local default_root_pw="\n" - local switch_unix_socket="n" - local remove_anonymous_users="y" - local disallow_root_login_remotely="n" - local remove_test_database_and_access_to_it="y" - local reload_privilege_tables="y" - local input_string - - # 根据 root_password 是否为空决定是否设置密码 - if [[ -z "${root_password}" ]]; then - # 密码为空,跳过设置密码 - local set_root_pw="n" - input_string="${default_root_pw}" - input_string+="${switch_unix_socket}\n" - input_string+="${set_root_pw}\n" - input_string+="${remove_anonymous_users}\n" - input_string+="${disallow_root_login_remotely}\n" - input_string+="${remove_test_database_and_access_to_it}\n" - input_string+="${reload_privilege_tables}\n" - else - # 密码不为空,设置密码 - local set_root_pw="y" - input_string="${default_root_pw}" - input_string+="${switch_unix_socket}\n" - input_string+="${set_root_pw}\n" - input_string+="${root_password}\n" - input_string+="${root_password}\n" - input_string+="${remove_anonymous_users}\n" - input_string+="${disallow_root_login_remotely}\n" - input_string+="${remove_test_database_and_access_to_it}\n" - input_string+="${reload_privilege_tables}\n" - fi - - expect -c " -set timeout 10 -spawn mysql_secure_installation -expect \"Enter current password for root (enter for none):\" -send \"${input_string}\" -expect { - \"*Thanks for using MariaDB!*\" { - exit 0 - } - default { - exit 1 - } -} -" - local return_code=$? - if [[ "${return_code}" == "1" ]]; then - echo "" - error "Automatically configuring the mariadb fails, please try to configure manually." - exit 1 - fi - else - mysql_secure_installation - fi - - info "Perform MariaDB security configuration successfully." -} - -# 检查 MariaDB 是否已配置 -function is_mariadb_configured() -{ - local auto="$1" - local Y_N - - # 交互式执行会询问 MariaDB 是否已被配置过,自动执行默认 MariaDB 没有被配置过 - if [ "${auto}" == "auto" ]; then - Y_N="n" - else - read -p "Whether MariaDB is configured? [Y/n] (default: n) " Y_N - fi - - # 判断 MariaDB 是否已被配置过 - if [[ "${Y_N}" == "y" || "${Y_N}" == "Y" ]]; then - return 0 # 已配置 - elif [[ ! -n "${Y_N}" || "${Y_N}" == "N" || "${Y_N}" == "n" ]]; then - return 1 # 未配置 - else - error "The input is invalid. Please input again." - exit 1 - fi -} - -# 配置MariaDB服务(重构后的主函数) -function configure_mariadb() -{ - local auto=$1 - - # 检查 MariaDB 是否已被配置过 - if is_mariadb_configured "${auto}"; then - return - fi - - # 启动 MariaDB 服务 - start_mariadb_service - - # 配置防火墙 - configure_firewall_for_mariadb - - # 执行安全配置 - execute_mysql_secure_installation "${auto}" -} - - -# 检查自定义数据库名字复杂度,自定义数据库名字至少包含2个字符,大小写字母、下划线、数字两种以上 -function check_database_name() -{ - local variable_content=$1 - local complexity=0 - - if [[ "${variable_content}" =~ [[:upper:]] ]]; then - complexity=$((${complexity}+1)) - fi - - if [[ "${variable_content}" =~ [[:lower:]] ]]; then - complexity=$((${complexity}+1)) - fi - - if [[ "${variable_content}" =~ [[:digit:]] ]]; then - complexity=$((${complexity}+1)) - fi - - if [[ "${variable_content}" =~ "_" ]]; then - complexity=$((${complexity}+1)) - fi - # 包含 a-zA-Z0-9_ 之外的字符都不符合要求 - if [[ "${variable_content}" =~ [^a-zA-Z0-9_] ]]; then - complexity=0 - fi - - unset variable_content - if [[ ${complexity} -ge 2 ]]; then - return 0 - else - return 1 - fi -} - -info "Start to configure MariaDB for dev-store." -configure_mariadb "${auto}" -unset Y_N - -# 输入或获取 dev_store 密码,并检查其复杂度是否符合要求 -if [ "${auto}" == "auto" ]; then - dev_store_passwd=$(read_config_value "dev_store_password" "true") - check_password_complexity ${dev_store_passwd} - if [[ $? -ne 0 ]]; then - error "The password must contain at least eight characters, including uppercase lowercase digits and special characters." - error "The password of the dev_store user for MariaDB is invalid. Please change the value of dev_store_password in the ${INIT_MARIADB_CONFIG_FILE}." - exit 1 - fi -else - stty -echo - while true - do - should_break=false - for i in {1..5}; do - read -p "Enter the password of dev_store user for MariaDB: " dev_store_passwd_01 - echo "" - read -p "Confirm: " dev_store_passwd_02 - echo "" - if [[ "${dev_store_passwd_01}" == "${dev_store_passwd_02}" ]]; then - should_break=true - break - fi - error "The provided passwords do not match. Please re-enter them for verification." - done - if [ ! ${should_break} ]; then - stty echo - exit 1 - fi - dev_store_passwd=${dev_store_passwd_01} - check_password_complexity ${dev_store_passwd} - if [[ $? -ne 0 ]]; then - error "The password must contain at least eight characters, including uppercase lowercase digits and special characters." - error "The password of the dev_store user for MariaDB is invalid. Please input again." - else - break - fi - done - stty echo -fi - -# 获取自定义数据库名 -while true -do - warn "If the database name already exists, it will be overwritten." - if [ "${auto}" == "auto" ]; then - Y_N="Y" - else - read -p "Use default dev_store_db database? [Y/n] (default: Y) " Y_N - fi - # 使用默认 - if [[ ! -n "${Y_N}" || "${Y_N}" == "y" || "${Y_N}" == "Y" ]]; then - mariadb_name=dev_store_db - break - elif [[ "${Y_N}" == "N" || "${Y_N}" == "n" ]]; then - # 用户自定义数据库 - read -p "Please input the name of the database to be created: " mariadb_name - check_database_name ${mariadb_name} - if [[ $? -ne 0 ]]; then - error "The database name must contain at least two types of characters, including uppercase lowercase underscores and digits." - error "The input database name entered is invalid. Please input again." - else - break - fi - else - error "The input is invalid. Please input again." - fi -done -unset Y_N - -# 创建用户 dev_store 以及自定义名称的数据库 -if [ "${auto}" == "auto" ]; then - root_password=$(read_config_value "root_password" "true") -else - stty -echo - read -p "Enter the password of the root user of the MariaDB again: " root_password - echo "" - stty echo -fi -info "Start to create user dev_store and database ${mariadb_name}." -# 准备 SQL 语句 -sql_commands=" -DROP DATABASE IF EXISTS ${mariadb_name}; -CREATE DATABASE IF NOT EXISTS ${mariadb_name} CHARACTER SET utf8 COLLATE utf8_bin; - -DELETE FROM mysql.user WHERE User='dev_store'; -DELETE FROM mysql.db WHERE User='dev_store'; -flush privileges; -# dev_store 用户权限仅限操作自定义新创建的数据库 -CREATE USER 'dev_store'@'localhost' IDENTIFIED BY '${dev_store_passwd}'; -GRANT ALL ON ${mariadb_name}.* TO 'dev_store'@'localhost' IDENTIFIED BY '${dev_store_passwd}' WITH GRANT OPTION; -flush privileges; -" - -# 根据 root_password 是否为空决定 MySQL 连接方式 -if [[ -z "${root_password}" ]]; then - echo "${sql_commands}" | mysql -uroot -else - echo "${sql_commands}" | mysql -uroot -p${root_password} -fi -if [[ $? -ne 0 ]]; then - error "Failed to create user dev_store and database ${mariadb_name}." - exit 1 -fi -info "Create user dev_store and database ${mariadb_name} successfully." - -unset root_password - -# 更新 mariadb.conf 和加密 dev_store 用户的密码 -python3 "${SERVICES_DIR}/modify_mariadb_config.py" ${mariadb_name} -if [[ $? -ne 0 ]]; then - error "Failed to update ${CONFIG_DIR}/mariadb.conf." - exit 1 -fi -# 无论密码是否为空都需要进行加密,确保JSON文件存在 -# 这样Django应用才能正常读取配置 -python3 "${SERVICES_DIR}/encrypt_mariadb_passwd.py" "${dev_store_passwd}" -if [[ $? -ne 0 ]]; then - error "Failed to encrypt password of user dev_store." - exit 1 -fi - -unset dev_store_passwd - -info "MariaDB is configured successfully." \ No newline at end of file diff --git a/build/dev-store.service b/build/dev-store.service index 217681d..0ff98fe 100644 --- a/build/dev-store.service +++ b/build/dev-store.service @@ -1,15 +1,13 @@ [Unit] Description=DevStore Development Management System Documentation=https://gitee.com/openeuler/DevStore -After=network.target mariadb.service -Wants=mariadb.service +After=network.target [Service] Type=exec User=root Group=root WorkingDirectory=/var/lib/dev-store/src -ExecStartPre=/bin/sh /var/lib/dev-store/services/init_mariadb.sh auto ExecStartPre=/usr/bin/python3 /var/lib/dev-store/src/manage.py makemigrations ExecStartPre=/usr/bin/python3 /var/lib/dev-store/src/manage.py migrate ExecStart=/usr/bin/dev-store @@ -21,6 +19,7 @@ SyslogIdentifier=dev-store Environment=PYTHONPATH=/var/lib/dev-store/src Environment=DJANGO_SETTINGS_MODULE=dev_store.settings +Environment=PATH=/usr/local/bin:/usr/bin:/bin [Install] WantedBy=multi-user.target diff --git a/build/dev-store.spec b/build/dev-store.spec index 7677ff0..70233ca 100644 --- a/build/dev-store.spec +++ b/build/dev-store.spec @@ -11,19 +11,18 @@ URL: https://gitee.com/openeuler/DevStore Source0: %{name}-%{version}.tar.gz # 依赖包 -Requires: python3-django-rest-framework -Requires: mariadb-server -Requires: expect +Requires: systemd Requires: dnf-plugins-core +Requires: desktop-file-utils +Requires: gtk-update-icon-cache Requires: python3 -Requires: python3-mysqlclient +Requires: python3-django-rest-framework Requires: python3-concurrent-log-handler Requires: python3-cryptography Requires: python3-Django Requires: python3-pyyaml Requires: python3-psutil Requires: python3-zstandard -Requires: systemd # 构建依赖 BuildRequires: rpm-build @@ -111,6 +110,7 @@ cd .. mkdir -p %{buildroot}/opt/dev-store/app mkdir -p %{buildroot}/var/lib/dev-store/src mkdir -p %{buildroot}/var/lib/dev-store/services +mkdir -p %{buildroot}/var/lib/dev-store/db mkdir -p %{buildroot}/etc/dev-store mkdir -p %{buildroot}/var/log/dev-store mkdir -p %{buildroot}/usr/bin @@ -224,6 +224,9 @@ find %{buildroot}/var/lib/dev-store/src -name "*.sh" -exec chmod 755 {} \; # 日志目录 %attr(755,root,root) /var/log/dev-store +# 数据库目录 +%attr(755,root,root) /var/lib/dev-store/db + # 启动脚本 %attr(755,root,root) /usr/bin/dev-store @@ -249,9 +252,10 @@ chown -R root:root /var/log/dev-store chmod 755 /var/log/dev-store # 设置数据库目录权限 -mkdir -p /var/lib/dev-store +mkdir -p /var/lib/dev-store/db chown -R root:root /var/lib/dev-store chmod 755 /var/lib/dev-store +chmod 755 /var/lib/dev-store/db # 更新桌面数据库 if command -v update-desktop-database >/dev/null 2>&1; then @@ -266,7 +270,7 @@ fi # 重新加载systemd配置 systemctl daemon-reload -# Enable and start dev-store service (failure won't affect installation) +# 启动dev-store服务(失败不影响安装) systemctl enable dev-store.service 2>/dev/null || { echo "Warning: Failed to enable dev-store service auto-start. Please run manually: systemctl enable dev-store" } -- Gitee