[root@jh-semaphore ~]# wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
--2022-04-22 10:20:47-- https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
Resolving downloads.mariadb.com (downloads.mariadb.com)... 104.18.135.24, 104.17.191.14, 2606:4700::6811:bf0e, ...
Connecting to downloads.mariadb.com (downloads.mariadb.com)|104.18.135.24|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 30081 (29K) [application/octet-stream]
Saving to: ‘mariadb_repo_setup’
100%[===================================================>] 30,081 --.-K/s in 0s
2022-04-22 10:20:50 (174 MB/s) - ‘mariadb_repo_setup’ saved [30081/30081]
[root@jh-semaphore ~]# chmod +x mariadb_repo_setup
[root@jh-semaphore ~]# ll
total 32
-rwxr-xr-x 1 root root 30081 Feb 8 22:17 mariadb_repo_setup
[root@jh-semaphore ~]# ./mariadb_repo_setup
# [info] Checking for script prerequisites.
# [info] MariaDB Server version 10.7 is valid
# [info] Repository file successfully written to /etc/yum.repos.d/mariadb.repo
# [info] Adding trusted package signing keys...
/etc/pki/rpm-gpg ~
~
# [info] Successfully added trusted package signing keys
# [info] Cleaning package cache...
Loaded plugins: fastestmirror, langpacks
Cleaning repos: base endpoint epel extras mariadb-main mariadb-maxscale mariadb-tools updates
Cleaning up everything
Cleaning up list of fastest mirrors
[root@jh-semaphore ~]# yum -y install MariaDB-server
## 버전 확인
[root@jh-semaphore ~]# rpm -qi MariaDB-server
Name : MariaDB-server
Version : 10.7.3
Release : 1.el7.centos
Architecture: x86_64
Install Date: Fri 22 Apr 2022 10:22:41 AM KST
Group : Applications/Databases
Size : 128687451
License : GPLv2
Signature : DSA/SHA1, Sat 12 Feb 2022 12:49:24 PM KST, Key ID cbcb082a1bb943db
Source RPM : MariaDB-server-10.7.3-1.el7.centos.src.rpm
Build Date : Fri 11 Feb 2022 07:01:06 AM KST
Build Host : centos74-amd64
Relocations : (not relocatable)
Vendor : MariaDB Foundation
URL : http://mariadb.org
Summary : MariaDB database server binaries
Description :
MariaDB: a very fast and robust SQL database server
It is GPL v2 licensed, which means you can use the it free of charge under the
conditions of the GNU General Public License Version 2 (http://www.gnu.org/licenses/).
MariaDB documentation can be found at https://mariadb.com/kb
MariaDB bug reports should be submitted through https://jira.mariadb.org
## systemctl 서비스 등록
[root@jh-semaphore ~]# systemctl enable --now mariadb
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
## MariaDB 보안설정
보안설정을 진행하기 위해 "mysql_secure_installation" 스크립트를 수행해줍니다.
[root@jh-semaphore ~]# mariadb-secure-installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.
Enter current password for root (enter for none): => Enter시 root패스워드 설정 전 의미
OK, successfully used password, moving on...
Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.
You already have your root account protected, so you can safely answer 'n'.
Switch to unix_socket authentication [Y/n] n => Type n to disable socket authentication
... skipping.
You already have your root account protected, so you can safely answer 'n'.
Change the root password? [Y/n] Y => Mariadb의 root패스워드 설정
New password: => Mariadb의 설정할 root패스워드 입력
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y => Type Y to remove anonymous users
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y => Type Y to disable root login remotely
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y => Type Y to remove test database
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y => Type Y to reload previllege table
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
## Mariadb 접속 확인
[root@jh-semaphore ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.7.3-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> select @@version;
+----------------+
| @@version |
+----------------+
| 10.7.3-MariaDB |
+----------------+
1 row in set (0.000 sec)
MariaDB [(none)]> select user();
+----------------+
| user() |
+----------------+
| root@localhost |
+----------------+
1 row in set (0.000 sec)
▶Semaphore 설치
## rpm 파일 다운로드
[root@jh-semaphore ~]# wget https://github.com/ansible-semaphore/semaphore/releases/download/v2.8.53/semaphore_2.8.53_linux_amd64.rpm
--2022-04-22 10:32:16-- https://github.com/ansible-semaphore/semaphore/releases/download/v2.8.53/semaphore_2.8.53_linux_amd64.rpm
Resolving github.com (github.com)... 15.164.81.167
Connecting to github.com (github.com)|15.164.81.167|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/23267883/79cc16cd-d92e-435f-841a-2fe083e30039?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220422%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220422T013216Z&X-Amz-Expires=300&X-Amz-Signature=dc922f13945904b72cb364b18415f5bfa70dd4d424c8aeff5349c3ce68eb58c6&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=23267883&response-content-disposition=attachment%3B%20filename%3Dsemaphore_2.8.53_linux_amd64.rpm&response-content-type=application%2Foctet-stream [following]
--2022-04-22 10:32:16-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/23267883/79cc16cd-d92e-435f-841a-2fe083e30039?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220422%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220422T013216Z&X-Amz-Expires=300&X-Amz-Signature=dc922f13945904b72cb364b18415f5bfa70dd4d424c8aeff5349c3ce68eb58c6&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=23267883&response-content-disposition=attachment%3B%20filename%3Dsemaphore_2.8.53_linux_amd64.rpm&response-content-type=application%2Foctet-stream
Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.111.133, 185.199.109.133, 185.199.108.133, ...
Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.111.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9416576 (9.0M) [application/octet-stream]
Saving to: ‘semaphore_2.8.53_linux_amd64.rpm’
100%[===================================================>] 9,416,576 4.04MB/s in 2.2s
2022-04-22 10:32:19 (4.04 MB/s) - ‘semaphore_2.8.53_linux_amd64.rpm’ saved [9416576/9416576]
[root@jh-semaphore ~]# ll
total 9228
-rwxr-xr-x 1 root root 30081 Feb 8 22:17 mariadb_repo_setup
-rw-r--r-- 1 root root 9416576 Feb 17 19:48 semaphore_2.8.53_linux_amd64.rpm
[root@jh-semaphore ~]# yum -y install semaphore_2.8.53_linux_amd64.rpm
▶ Semaphore 설정
[root@jh-semaphore ~]# semaphore setup
Hello! You will now be guided through a setup to:
1. Set up configuration for a MySQL/MariaDB database
2. Set up a path for your playbooks (auto-created)
3. Run database Migrations
4. Set up initial semaphore user & password
What database to use:
1 - MySQL
2 - BoltDB
3 - PostgreSQL
(default 1): 1 => Mtsql 선택
db Hostname (default 127.0.0.1:3306):
db User (default root):
db Password: root => mariadb root 패스워드
db Name (default semaphore):
Playbook path (default /tmp/semaphore): /semaphore/workspace => playbook 경로 입력
Web root URL (optional, see https://github.com/ansible-semaphore/semaphore/wiki/Web-root-URL):
Enable email alerts? (yes/no) (default no): yes => email 얼롯 기능 사용 여부
Mail server host (default localhost):
Mail server port (default 25):
Mail sender address (default semaphore@localhost): jeonghyun.kim@******.com => 송신 email
Enable telegram alerts? (yes/no) (default no): yes => 텔레그램 얼롯 사용 여부
Telegram bot token (you can get it from @BotFather): ******************* => 봇 토큰 입력
Telegram chat ID: ********* => 챗 id입력
Enable LDAP authentication? (yes/no) (default no):
Generated configuration:
{
"mysql": {
"host": "127.0.0.1:3306",
"user": "root",
"pass": "root",
"name": "semaphore",
"options": null
},
"bolt": {
"host": "",
"user": "",
"pass": "",
"name": "",
"options": null
},
"postgres": {
"host": "",
"user": "",
"pass": "",
"name": "",
"options": null
},
"dialect": "mysql",
"port": "",
"interface": "",
"tmp_path": "/semaphore/workspace",
"cookie_hash": "U00ld+9ySkct3poCnnQeOqHru75mfMleoAgQyrRrm5w=",
"cookie_encryption": "LyMRjljIYpi39dYoHsiP94G2iV2pZdhB7UDgnyoNlmQ=",
"access_key_encryption": "cD3bsZMKfMUHCT13lJD4x5XDS6r0I6cfYHsSJqUV6oc=",
"email_sender": "jeonghyun.kim@goodusdata.com",
"email_host": "localhost",
"email_port": "25",
"email_username": "",
"email_password": "",
"web_host": "",
"ldap_binddn": "",
"ldap_bindpassword": "",
"ldap_server": "",
"ldap_searchdn": "",
"ldap_searchfilter": "",
"ldap_mappings": {
"dn": "",
"mail": "",
"uid": "",
"cn": ""
},
"telegram_chat": "********",
"telegram_token": "****************",
"max_parallel_tasks": 0,
"email_alert": true,
"email_secure": false,
"telegram_alert": true,
"ldap_enable": false,
"ldap_needtls": false,
"ssh_config_path": "",
"demo_mode": false
}
Is this correct? (yes/no) (default yes): yes
Config output directory (default /root): /semaphore => semaphore config file 경로
Running: mkdir -p /semaphore..
Configuration written to /semaphore/config.json..
Pinging db..
Running db Migrations..
Executing migration v0.0.0 (at 2022-04-22 10:40:05.456901783 +0900 KST m=+400.028856700)...
Creating migrations table
[12/0]8]
Executing migration v1.0.0 (at 2022-04-22 10:40:05.546621469 +0900 KST m=+400.118576035)...
[4/87]
Executing migration v1.2.0 (at 2022-04-22 10:40:05.588819127 +0900 KST m=+400.160773898)...
[2/0]6]
Executing migration v1.3.0 (at 2022-04-22 10:40:05.596694929 +0900 KST m=+400.168649418)...
[4/0]]
Executing migration v1.4.0 (at 2022-04-22 10:40:05.622727475 +0900 KST m=+400.194682004)...
[5/0]]]
Executing migration v1.5.0 (at 2022-04-22 10:40:05.654110984 +0900 KST m=+400.226065548)...
[4/0]]]
Executing migration v1.6.0 (at 2022-04-22 10:40:05.691042661 +0900 KST m=+400.262997337)...
[5/0]]
Executing migration v1.7.0 (at 2022-04-22 10:40:05.73055093 +0900 KST m=+400.302505851)...
[2/0]]
Executing migration v1.8.0 (at 2022-04-22 10:40:05.73961653 +0900 KST m=+400.311571205)...
[2/0]]
Executing migration v1.9.0 (at 2022-04-22 10:40:05.750046398 +0900 KST m=+400.322001076)...
[2/0]]
Executing migration v2.2.1 (at 2022-04-22 10:40:05.760513368 +0900 KST m=+400.332468176)...
[5/0]]]
Executing migration v2.3.0 (at 2022-04-22 10:40:05.779718162 +0900 KST m=+400.351672839)...
[4/0]]
Executing migration v2.3.1 (at 2022-04-22 10:40:05.804621404 +0900 KST m=+400.376576801)...
[7/0]]]
Executing migration v2.3.2 (at 2022-04-22 10:40:05.843492234 +0900 KST m=+400.415446908)...
[6/0]]]
Executing migration v2.4.0 (at 2022-04-22 10:40:05.862164151 +0900 KST m=+400.434118828)...
[2/0]]
Executing migration v2.5.0 (at 2022-04-22 10:40:05.87254129 +0900 KST m=+400.444495967)...
[2/0]]
Executing migration v2.5.2 (at 2022-04-22 10:40:05.882172896 +0900 KST m=+400.454127615)...
[2/0]]
Executing migration v2.7.1 (at 2022-04-22 10:40:05.890264816 +0900 KST m=+400.462219498)...
[2/0]]
Executing migration v2.7.4 (at 2022-04-22 10:40:05.907326152 +0900 KST m=+400.479280641)...
[2/0]]
Executing migration v2.7.6 (at 2022-04-22 10:40:05.92415328 +0900 KST m=+400.496107961)...
[2/0]6]
Executing migration v2.7.8 (at 2022-04-22 10:40:05.927385139 +0900 KST m=+400.499339927)...
[4/57]
Executing migration v2.7.9 (at 2022-04-22 10:40:05.962525267 +0900 KST m=+400.534479944)...
[2/77]
Executing migration v2.7.10 (at 2022-04-22 10:40:05.982498591 +0900 KST m=+400.554453277)...
[1/43]
Executing migration v2.7.12 (at 2022-04-22 10:40:05.991254688 +0900 KST m=+400.563209367)...
[3/0]]
Executing migration v2.7.13 (at 2022-04-22 10:40:06.029349769 +0900 KST m=+400.601304545)...
[3/0]2]
Executing migration v2.8.0 (at 2022-04-22 10:40:06.044761569 +0900 KST m=+400.616716244)...
[8/0]]
Executing migration v2.8.1 (at 2022-04-22 10:40:06.114671182 +0900 KST m=+400.686625857)...
[1/63]
Executing migration v2.8.7 (at 2022-04-22 10:40:06.135334181 +0900 KST m=+400.707288856)...
[1/43]
Executing migration v2.8.8 (at 2022-04-22 10:40:06.146858772 +0900 KST m=+400.718813451)...
[2/98]]
Executing migration v2.8.20 (at 2022-04-22 10:40:06.180474086 +0900 KST m=+400.752428758)...
[3/0]9]
Executing migration v2.8.25 (at 2022-04-22 10:40:06.197338762 +0900 KST m=+400.769293438)...
[5/0]]]
Executing migration v2.8.26 (at 2022-04-22 10:40:06.244017783 +0900 KST m=+400.815972457)...
[2/0]]
Executing migration v2.8.36 (at 2022-04-22 10:40:06.253419142 +0900 KST m=+400.825374059)...
[4/0]]
Executing migration v2.8.38 (at 2022-04-22 10:40:06.282736237 +0900 KST m=+400.854690912)...
[9/0]]]
Executing migration v2.8.39 (at 2022-04-22 10:40:06.306133804 +0900 KST m=+400.878088477)...
[8/0]]]
Executing migration v2.8.40 (at 2022-04-22 10:40:06.348762646 +0900 KST m=+400.920717330)...
[7/0]]
Executing migration v2.8.42 (at 2022-04-22 10:40:06.421634181 +0900 KST m=+400.993588860)...
[1/26]
Executing migration v2.8.51 (at 2022-04-22 10:40:06.430809576 +0900 KST m=+401.002764253)...
[3/0]]
Migrations Finished
> Username: semaphore => 사용할 유저 이름
> Email: semaphore@example.com
WARN[0512] no rows in result set level=Warn
> Your name: semaphore => web에서 사용할 ID
> Password: semaphore => web에서 사용할 Password
You are all setup semaphore!
Re-launch this program pointing to the configuration file
./semaphore server --config /semaphore/config.json
To run as daemon:
nohup ./semaphore server --config /semaphore/config.json &
You can login with semaphore@example.com or semaphore.
※ 텔레그램 alert 사용시 bot token과 chat id 확인 방법 (선택)
Botfather 검색 후 선택-> start 클릭
1메세지 작성 /newbot 입력
2봇 이름 생성 (임의설정)
1Bot 사용자의 이름을 만듦 (이름 끝에는 bot으로 끝나야한다.) (임의 설정)
2사용자 이름 생성 후 나오게 되는 HTTP API접근하기 위한 토큰 키값이 생성된다. 추후 필요하므로 별도 메모
## Telegram에서는 Bot이 알람 메시지를 보내기 위해서는 채팅 ID 값 정보를 얻어야함.
IDBOT 검색 후 해당 봇 선택 -> Start
## 메시지 작성에서 /getid 입력 -> 생성된 ID 키값 확인
▶Semaphore web 서비스 port변경
Semaphore의 기본 web port는 3000 이므로 서비스 포트를 8080으로 변경
[root@jh-semaphore ~]# semaphore service --config=/semaphore/config.json
MySQL root@127.0.0.1:3306 semaphore
Tmp Path (projects home) /semaphore/workspace
Semaphore v2.8.53
Interface
Port :8080
Server is running
