サポート #4
openもしデモサイトを作るなら
0%
Description
- csv file size 制限 でっけぇtableを作らせない
- user account 予め用意したアカウントで、現在使用中ではないアカウントを振り分ける、もしくは時間制限のデモアカウントを作って振り分ける
- サーバーに異常が発生した場合に通知する
Updated by keiji ono 12 months ago
とりあえずredmineとデモを兼ねたサイトを作った。
Hostage vps
Contractor login account. ono@jetelina.org / sadatou1aterui0
Root / #Sadatou1Aterui0
Host name (temp) srv904266.hstgr.cloud
Ssh ssh jetelina@168.231.125.156
Scp scp <up file name> jetelina@168....:~/
Users *パスワードは2025/11/7に変更済
onoke / #9K%eiji@!
jetelina / #9J%etelina@!
root / #9K%eiji@!	J%etelina@!
Both are able to execute sudo
After login with root, execute ‘su - onoke’ or ‘su - jetelina’
Redmine
http://168.231.125.156/redmine
Local -> remote data transfer
At local
1. sudo -u postgres pg_dump redmine > backupfile.dump
2. scp backupfile.dump root@168….:~/
At remote
1. sudo -u postgres psql redmine < backupfile.dump
ここでpostgresのアカウントにパスワードが設定されていなかったので追加設定する
1. sudo passed postgres <— passwordは’postgres’にした
2. su - postgres
3. alter role postgres with password ‘postgres’;
4. PostgreSQL restart. sudo systemctl stop postgresql -> sudo systemctl start postgresql
5. redmineのdatabase.ymlも’postgres’ユーザに変更する。何せlocalがそうだったから。
6. Redmine restart. sudo systemctl reload apache2
Updated by keiji ono 12 months ago
redmine&demoはvpsサーバにある。
jetelina.orgとはIPが違うのでサブドメインとしてSSLを使うには別途cerfiticationを用意しないといけないらしい。
jetelina.orgのやつをDLする方法は見つからなかった。
" めんどくさいようならVPSサイトに新たにドメインをふってもいいかな。.jetelina.orgにこだわらなくてもいいよね。
SSLにしなければgoogle検索に引っかからないからむしろ好都合かもしれない。vpsをプライベートにして内々でだけ使うならこの方がいいかも。
webhostingのhpanelにはSecurity -> SSLの設定項目はあるが、vpsにはそれはない。なので手動で入れ込む必要があるらしい。
手動で入れ込む一般的な手順
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu
Hostingerのチャットではこう言っている
Here’s how you can use your SSL certificate for a subdomain on your VPS with Apache:
Upload your SSL certificate files (private key, certificate, and CA bundle if available) to your VPS, usually in the /etc/ssl/ or /etc/apache2/ssl/ directory.
Edit your Apache configuration file for your subdomain (often found in /etc/apache2/sites-available/) and add or update the <VirtualHost *:443> block to include the following lines:
SSLEngine on
SSLCertificateFile /path/to/your/certificate.crt
SSLCertificateKeyFile /path/to/your/private.key
SSLCertificateChainFile /path/to/your/ca_bundle.crt # Optional, if you have a CA bundle
Save the file, then run sudo a2enmod ssl and sudo systemctl reload apache2 to enable SSL and apply changes.
If you need more detailed steps or help with a specific part, just let me know!
Updated by keiji ono 12 months ago
mongodb install
ref: https://www.mongodb.com/ja-jp/docs/manual/tutorial/install-mongodb-on-ubuntu/
"デフォルトでは、MongoDB はmongodb ユーザー アカウントを使用して実行されます。MongoDB プロセスを実行するユーザーを変更する場合は、必ず データディレクトリとログ ディレクトリのデータへの権限も変更して、このユーザーがこれらのディレクトリにアクセスできるようにしてください"
リスタート sudo systemctl restart mongod 状態確認 sudo systemctl status mongod
7/24
redis install
mysql install
Updated by keiji ono 10 months ago
demo siteのssl
ref:
https://ubuntu.perlzemi.com/blog/20200519084454.html
https://qiita.com/bezeklik/items/990bed2e7e529584fa57
https://help.zerossl.com/hc/en-us/articles/360058295854-Installing-SSL-Certificate-on-Apache
https://app.zerossl.com/certificate/install/f3c9fba186f6ab749083a185527ed9d1
/etc/apache2/sites-enabled, /etc/apache2/mods-enabled
これらのdirにはデモサーバで実際に使用するモジュール設定が格納される。ここに、各*-available dirからリンクを張ることで実行可能となる。
ssl実行に必要なモジュールとして
- ssl.conf
- ssl.load
- socache_shmcd.load
の各ファイルをmods-avaliable -> mods-enabled にリンクを張る。
sslのvhost設定はsites-availabe/default-ssl.confに記述して sites-available -> sites-enabled にリンクを張る。
設定の書式確認とapache起動は
sudo apachectl configtest
書式に問題なければ
sudo systemctl start apache2
正常に起動すると何もメッセージが帰ってこない。なので状態を確認する。
sudo sytemctl status apache2
sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/apache2.service; enabled; preset: enabled)
Active: active (running) since Mon 2025-08-25 00:49:03 UTC; 14min ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 856262 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Tasks: 80 (limit: 9486)
Memory: 188.3M (peak: 256.6M)
CPU: 16.681s
CGroup: /system.slice/apache2.service
├─856290 /usr/sbin/apache2 -k start
├─856293 "Passenger watchdog"
├─856298 "Passenger core"
├─856310 /usr/sbin/apache2 -k start
├─856312 /usr/sbin/apache2 -k start
└─856437 "Passenger RubyApp: /var/lib/redmine (production)"
8月 25 00:49:03 srv904266 systemd[1]: Starting apache2.service - The Apache HTTP Server...
8月 25 00:49:03 srv904266 systemd[1]: Started apache2.service - The Apache HTTP Server.
と出ればOK。
redmineは https://r.jetelina.org/redmine でOK
jetelinaデモは8000portで起動しているのでSSLではない。 http://r.jetelina.org:8000
デモをsslで動かすには別途設定が必要だね
Updated by keiji ono 10 months ago
- apache v.2.4.58
- 必要modules: ./mods-available/proxy.load, proxy_http.load ついでにproxy_http2.load これらを./mods-enabledにリンクを張る
- apache2.conf に以下を追記
ProxyRequests Off SSLProxyEngine On ProxyPass /jetelina http://r.jetelina.org:8000/jetelina ProxyPassReverse /jetelina http://r.jetelina.org:8000/jetelina
- 設定syntaxを確認してから再起動
sudo apachectl configtest sudo systemctl restart apache2 sudo systemctl status apache2
ただし、html内で記述しているjsファイル類はhttpsだと「知らなーい」と言われてしまうのでちょっと工夫が必要。(´・ω・`)
jetelinaのjs/cssはリダイレクト対象になっているが、Genieオリジナルのjs/cssはパスが違うのでリダイレクト対象になっていないのが原因。
- server設定で対応するならProxy設定に "/jetelna"のリバースに"/js","/css"を追加
- jetelinaで対応するなら
- Genieオリジナルのjs,cssをjetelina配下にリンクを張る これだとwinに対応できない
- 〃 移動する これならwinにも対応する。だけど、どうなんだろう?
jetelinaで対応して2とするのがいいのかなぁ。jetelinaにwin版とlinux版を用意するのがいいのかなぁ。
2025/8/28
結局、genieのオリジナルjs/cssをjetleina配下にコピーしてjetelina_dashboard.htmlを書き換えて対応することにした。これでlinux/win共通で稼働するし、jetleina環境で解決することでreverse proxy設定も単純になる。きっと他に設定が必要になってもjetelina環境で帰結するので簡単になるハズ。
9/8
リバースでhttpsにとんだ後にajax関数は"/ajaxfunc"で呼び出される。ajaxfuncは"/jetelina"配下で呼ばれることを期待しているのでこれだと"https://.../ajaxfunc"となってNot Foundになってしまう。さてどうしたものか。
Updated by keiji ono 10 months ago
9/9
redmnie -> r.jetelina.org
jetelina -> d.jetleina.org
でそれぞれ実行することにした。
redmineのssl証明書は"r_*"と改名。
今の所redmineは正常に動いている。
次は、jetelinaをやる....ぞ。
結局こう、
で、redmineに関しては"https://r.jetelina.org"で、jetelinaでは"https://d.jetelina.org/jetelina"がurlになる。
これは、"https://d.jetelina.org"ではGenieのwelcomeが出るから。なのでjetelinaのproxy設定が2種類(htmlとjs/post&get)がある。
■/etc/apache2/sites-available/000-default.conf
<VirtualHost 168.231.125.156:80> ←IPで
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName r.jetelina.org ←サーバ名を指定: redmine server
ServerAdmin webmaster@localhost
# DocumentRoot /var/www/html
DocumentRoot /var/lib/redmine/public ←redmineはこれが必要
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# ProxyRequests Off
# SSLProxyEngine On
# ProxyPass / https://localhost/redmine
# ProxyPassReverse / https://localhost/redmine/
</VirtualHost>
<VirtualHost 168.231.125.156:80> ←こっちもIPで
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName d.jetelina.org ←サーバ名:jetelinaサーバ
ServerAdmin webmaster@localhost
# DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# ProxyRequests Off
SSLProxyEngine On ←忘れずに
ProxyPass /jetelina/ http://localhost:8000/jetelina/ ←html/js/css向けに
ProxyPassReverse /jetelina/ http://localhost:8000/jetelina/ ← 〃
ProxyPass / http://localhost:8000/ ←ajax/post&get向けに
ProxyPassReverse / http://localhost:8000/ ← 〃
</VirtualHost>
------------------------------------------------------------------------------------------------------------------------
■/etc/apache2/sites-available/default-ssl.conf
<VirtualHost r.jetelina.org:443> ←サーバ名で:redmineサーバ
ServerName r.jetelina.org
ServerAdmin webmaster@localhost
# DocumentRoot /var/www/html
DocumentRoot /var/lib/redmine/public ←redmineはこれが必要
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/r_certificate.crt ←r.jete... の証明書
SSLCertificateKeyFile /etc/ssl/private/r_private.key ← 〃
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
SSLCertificateChainFile /etc/ssl/certs/r_ca_bundle.crt ← 〃
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /etc/ssl/certs/
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /etc/apache2/ssl.crl/
#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(?:cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
<VirtualHost d.jetelina.org:443> ←サーバ名で:jetelinaサーバ
ServerName d.jetelina.org
ServerAdmin webmaster@localhost
# DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/d_certificate.crt ←d.jeteli...の証明書
SSLCertificateKeyFile /etc/ssl/private/d_private.key ← 〃
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
SSLCertificateChainFile /etc/ssl/certs/d_ca_bundle.crt ← 〃
<FilesMatch "\.(?:cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# ProxyRequests Off
# SSLProxyEngine On ←000-default.confで設定済みなのでここでは不要
ProxyPass /jetelina/ http://localhost:8000/jetelina/ ←html/js/css向けに
ProxyPassReverse /jetelina/ http://localhost:8000/jetelina/ ← 〃
ProxyPass / http://localhost:8000/ ←ajax/post&get向けに
ProxyPassReverse / http://localhost:8000/ ← 〃
</VirtualHost>
Updated by keiji ono 10 months ago
デモサイトは
- postgresqlがユーザDB
- アカウントは、keiji,jelena,hisashi,antonを作成
正しいURLは"https://d.jetelina.org/jetelina/"。
"http://d.jetelina.org","https://d.jetelina.org"ではGenieのwelcome.htmlになるので、welcome.htmlから正しいURLにリダイレクトするようにした。
<html>
<meta http-equiv="refresh" content="1;url=https://d.jetelina.org/jetelina/">
<head>
</head>
<body>
lead you to the correct place
</body>
</html>
"https://d.jetelina.org/jetelina"と、最後に"/"が付かないとcss&jsのパスが効かないので間抜けな画面になるのは今は放っておこう。
Updated by keiji ono 8 months ago
でもサイトのpostgresが時々落ちてredmineが使えなくなる事象が発生している。2025/10
postgresが自動で再起動するとportがブロックされてしまうらしい。
なので、firewallを明示的に開けてみた。
jetelina@srv904266:/var/lib/redmine/log$ sudo ufw allow 5432 Rules updated Rules updated (v6) jetelina@srv904266:/var/lib/redmine/log$ sudo netstat -lntp | grep postgres tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 3637220/postgres tcp6 0 0 ::1:5432 :::* LISTEN 3637220/postgres
log fileは
postgres -> /var/log/postgres
redmine -> /usr/lib/redmine/log
Updated by keiji ono 8 months ago
SSL certification
ZeroSSLは90日毎に更新が必要
サイトのアカウントは onokeiji@gmail.com / Sada...1
Updated by keiji ono 8 months ago
ウィルスが気になったら
ref: https://qiita.com/nouernet/items/4b5a01bba7d3ceb2d42c
clamav は実装済みなので以下を実行する >sudo clamscan
Updated by keiji ono 7 months ago
ちょっとセキュリティ設定をしたほうがいいかもしれない。
https://dflabo-jp.tech/close-ports-ubuntu/#index_id4
https://qiita.com/kztktr/items/3d255879eca179fb8734
sshの"PermitRootLogin"は"yes"だったので"no"にした 2025/11/21
Updated by keiji ono 7 months ago
2025/12/6
nmapをd.jetelina.orgに仕掛けた結果。
外部に開いているポートはssh/httpd/httpsだけみたいなのでヨシとしてもいいのかな。
onoke@onoke-OptiPlex-990:~/jetelina_v3_1_git/Jetelina$ nmap -A d.jetelina.org Starting Nmap 7.80 ( https://nmap.org ) at 2025-12-06 10:41 JST Nmap scan report for d.jetelina.org (168.231.125.156) Host is up (0.0053s latency). rDNS record for 168.231.125.156: srv904266.hstgr.cloud Not shown: 920 filtered ports, 77 closed ports PORT STATE SERVICE VERSION 22/tcp open tcpwrapped |_ssh-hostkey: ERROR: Script execution failed (use -d to debug) 80/tcp open tcpwrapped 443/tcp open tcpwrapped Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.34 seconds
Updated by keiji ono 7 months ago
重要 SSL証明証更新¶
r.jetelina.orgはまだzerosslでまだイケる。
d.jetelina.orgはlet's encriptに切り替えた。
let's encryptはサーバ環境の理由によりstandaloneでしか証明証を取得できなかった。 これを毎回手作業でやらないといけないので要注意。 取得した証明証類は/etc/letsencrypt配下にあるので、これを/etc/ssl配下にコピーする。 証明書: fullchain.pem -> d_ private key: privkey.pem -> d_ 1. apacheを止める jetelina@srv904266:~/sslcert/lets$ sudo systemctl stop apache2 2. 証明書を取得する jetelina@srv904266:~/sslcert/lets$ sudo certbot certonly --standalone -d d.jetelina.org Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for d.jetelina.org Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/d.jetelina.org/fullchain.pem Key is saved at: /etc/letsencrypt/live/d.jetelina.org/privkey.pem This certificate expires on 2026-03-06. These files will be updated when the certificate renews. Certbot has set up a scheduled task to automatically renew this certificate in the background. 3. 証明書を所定の場所にコピーする sudo cp /etc/letsencrypt/live/d.jetelina.org/fullchain.pem ./d_certificate.crt sudo cp /etc/letsencrypt/live/d.jetelina.org/privkey.pem ./d_private.key *"/live"は多分最初だけで、更新時は"/renewal"になるかも
Updated by keiji ono 7 months ago
12/8
v3.1でpostgresql with pg_ivm/redis/mongodb が動くことを確認した。
postgresqlではちゃんとpg_ivmでテーブルができている。\(o)/
myqlだけつながらない。-> なんかよくわからないので再インストールした。
- https://qiita.com/toshirot/items/61d2393dff6f704cc61c
- https://zenn.dev/phpguider/articles/b0f453689bc991
mysql再インストールでやったこと 1を参考にアンインストール → インストール 2を参考にセキュリティ強化とユーザ作成 root/ater..0 user/userpasswd jetelina@srv904266:~$ sudo mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 11 Server version: 8.0.44-0ubuntu0.24.04.2 (Ubuntu) Copyright (c) 2000, 2025, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create user 'user'@'%' identified by 'userpasswd'; <- ユーザ作成 Query OK, 0 rows affected (0.04 sec) mysql> grant all privileges on *.* to 'user'@'%' with grant option; Query OK, 0 rows affected (0.01 sec) mysql> flush privileges; Query OK, 0 rows affected (0.01 sec) mysql>exit; jetelina@srv904266:~$ mysql -u user -p <-'user'で再度ログイン これ大事 Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 12 Server version: 8.0.44-0ubuntu0.24.04.2 (Ubuntu) Copyright (c) 2000, 2025, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show database; ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'database' at line 1 mysql> show databases; +--------------------+ | Database | +--------------------+ <-'jetelina' tableがないので作る | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.00 sec) mysql> create database jetelina; <-'jetelina’ table作成 Query OK, 1 row affected (0.00 sec) mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | jetelina | <-'jetelina' tableができた | mysql | | performance_schema | | sys | +--------------------+ 5 rows in set (0.01 sec) mysql> use jetelina Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +--------------------+ | Tables_in_jetelina | +--------------------+ | ftest | <- 'ftest.csv'をuploadしてみた\(^o^)/ +--------------------+ 1 row in set (0.00 sec) mysql> exit;
Updated by keiji ono 7 months ago
2025/Nov
なんか前からだけど、デモサイトのpostgresqlがよく落ちるんだよねぇ。
redmineもだからアプリのせいではなくシステム/OSの問題だと思うんだけど今のところよくわかんないのと触りたくないので放っておいてる。
そのうち、なんかの時に...
select version();
PostgreSQL 16.11 (Ubuntu 16.11-0ubuntu0.24.04.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0, 64-bit
postgres log
2025-12-10 22:45:07.261 UTC [711210] LOG: starting PostgreSQL 16.11 (Ubuntu 16.11-0ubuntu0.24.04.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 13.3.0-6ubuntu2~24.04) 13.3.0, 64-bit 2025-12-10 22:45:07.261 UTC [711210] LOG: listening on IPv6 address "::1", port 5432 2025-12-10 22:45:07.261 UTC [711210] LOG: listening on IPv4 address "127.0.0.1", port 5432 2025-12-10 22:45:07.263 UTC [711210] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" 2025-12-10 22:45:07.273 UTC [711213] LOG: database system was interrupted; last known up at 2025-12-10 02:08:18 UTC 2025-12-10 22:45:07.456 UTC [711213] LOG: database system was not properly shut down; automatic recovery in progress 2025-12-10 22:45:07.466 UTC [711213] LOG: redo starts at 0/28E5B00
syslog
2025-12-10T22:45:01.063548+00:00 srv904266 CRON[711197]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1) 2025-12-10T22:45:07.091680+00:00 srv904266 systemd[1]: postgresql.service: Deactivated successfully. 2025-12-10T22:45:07.093739+00:00 srv904266 systemd[1]: Stopped postgresql.service - PostgreSQL RDBMS. 2025-12-10T22:45:07.094006+00:00 srv904266 systemd[1]: Stopping postgresql.service - PostgreSQL RDBMS... 2025-12-10T22:45:07.101229+00:00 srv904266 systemd[1]: Starting postgresql@16-main.service - PostgreSQL Cluster 16-main... 2025-12-10T22:45:09.590654+00:00 srv904266 systemd[1]: Started postgresql@16-main.service - PostgreSQL Cluster 16-main. 2025-12-10T22:45:09.601189+00:00 srv904266 systemd[1]: Starting postgresql.service - PostgreSQL RDBMS... 2025-12-10T22:45:09.605739+00:00 srv904266 systemd[1]: Finished postgresql.service - PostgreSQL RDBMS.
なんか、debian-sa1がcron実行されてそれに伴ってpostgresが再起動されるみたいなのでこれを止めてみる。
/etc/cron.d/sysstat
# The first element of the path is a directory where the debian-sa1 # script is located PATH=/usr/lib/sysstat:/usr/sbin:/usr/sbin:/usr/bin:/sbin:/bin # Activity reports every 10 minutes everyday 5-55/10 * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1 # Additional run at 23:59 to rotate the statistics file #59 23 * * * root command -v debian-sa1 > /dev/null && debian-sa1 60 2 <-こいつをコメントアウトしてみた
utc/jstの時差は9hなので、utc-23:59 -> jst-8:59
あれっ、でもsyslogには22:45実行で残ってるなぁ。ロンドン/リトアニアの冬時間時差が2hだからかなぁ。そんなわけないか。
そんなわけなかった。コメントアウトしても相変わらずsa1は起動してpostgresqlは再起動されて、でもその後でも今回は繋がる。つまり手動での再起動は必要なかった。なんなんだろう?
落ちるもんは落ちるのでコメントアウトを元に戻した。
まさかJetelina/Giene/Juliaに何かある、とは思えないが、確認のためプロセスを落としてみた。これで明日とかやっぱりダメならJetelinaのせいではなかろう。
リソース不足という噂がある。
なのでJetelinaを一旦止めてRedmineだけ動かしおいたら2日連続で落ちなかった。次はRemineを止めてJetelinaだけ動かしてみよう。
■Redmine & Jetelinaが動いているとき
jetelina@srv904266:~/Jetelina/Jetelina/Jetelina/bin$ free -h
total used free shared buff/cache available
Mem: 7.8Gi 3.2Gi 422Mi 28Mi 4.5Gi 4.5Gi
Swap: 0B 0B 0B
■Remineだけ動いている時
jetelina@srv904266:~$ free -h
total used free shared buff/cache available
Mem: 7.8Gi 2.7Gi 1.0Gi 28Mi 4.4Gi 5.1Gi
Swap: 0B 0B 0B
■Jetelinaだけ動いている時
jetelina@srv904266:~$ free -h
total used free shared buff/cache available
Mem: 7.8Gi 3.1Gi 574Mi 30Mi 4.5Gi 4.7Gi
Swap: 0B 0B 0B
確かにキツそうだ。