* '''Зависимости'''


dnf install epel-release -y
dnf install htop mc t1utils fontconfig freetype libgsf unixODBC lcms2 -y

* '''PostgreSQL-1C 12'''


rpm --import http://repo.postgrespro.ru/keys/GPG-KEY-POSTGRESPRO
dnf config-manager --add-repo http://repo.postgrespro.ru/1c-archive/pg1c-12.2/centos/8/os/x86_64/rpms/
dnf install postgrespro-1c-12-server postgrespro-1c-12-contrib -y

/opt/pgpro/1c-12/bin/pg-setup initdb
systemctl enable postgrespro-1c-12 --now


sudo -u postgres /opt/pgpro/1c-12/bin/psql postgres
\password postgres

\quit

nano /var/lib/pgpro/1c-12/data/pg_hba.conf


host all all 0.0.0.0/0 md5

nano /var/lib/pgpro/1c-12/data/postgresql.conf


listen_addresses = '*'                  # what IP address(es) to listen on;
max_connections = 500                   # (change requires restart)
shared_buffers = 4GB                    # min 128kB
temp_buffers = 256MB                    # min 800kB
work_mem = 512MB                        # min 64kB
maintenance_work_mem = 1024MB           # min 1MB
dynamic_shared_memory_type = posix      # the default is the first option
bgwriter_lru_maxpages = 400             # max buffers written/round, 0 disables
bgwriter_lru_multiplier = 4.0           # 0-10.0 multiplier on buffers scanned/round
effective_io_concurrency = 2            # 1-1000; 0 disables prefetching
synchronous_commit = off                # synchronization level;
commit_delay = 1000                     # range 0-100000, in microseconds
commit_siblings = 5                     # range 1-1000
max_wal_size = 4GB
min_wal_size = 2GB
checkpoint_completion_target = 0.9      # checkpoint target duration, 0.0 - 1.0
random_page_cost = 1.3                  # same scale as above
effective_cache_size = 8GB
logging_collector = off # Enable capturing of stderr and csvlog
log_timezone = 'Europe/Moscow'
autovacuum = on                         # Enable autovacuum subprocess?  'on'
autovacuum_max_workers = 4              # max number of autovacuum subprocesses
autovacuum_naptime = 20s                # time between autovacuum runs
row_security = off
datestyle = 'iso, dmy'
timezone = 'Europe/Moscow'
lc_messages = 'ru_RU.UTF-8'                     # locale for system error message
lc_monetary = 'ru_RU.UTF-8'                     # locale for monetary formatting
lc_numeric = 'ru_RU.UTF-8'                      # locale for number formatting
lc_time = 'ru_RU.UTF-8'                         # locale for time formatting
default_text_search_config = 'pg_catalog.russian'
max_locks_per_transaction = 256         # min 10
escape_string_warning = off
standard_conforming_strings = off


systemctl restart postgrespro-1c-12

* '''1c'''


wget https://cloud.augin.ru/apps/sharingpath/as/distr/1c/rpm64_8_3_16_1296.tar.gz --no-check-certificate
mkdir ~/1c_distr
tar xvfz rpm64_8_3_16_1296.tar.gz -C ~/1c_distr
cd ~/1c_distr
dnf install *.rpm
chown -R usr1cv8:grp1cv8 /opt/1C

systemctl enable srv1cv83
systemctl start srv1cv83
systemctl status srv1cv83

* '''шрифты'''


wget https://cloud.augin.ru/s/WMkjbE6Wo9HLcqa/download --no-check-certificate -O Core_Fonts.zip
unzip Core_Fonts.zip -d /usr/share/fonts/
fc-cache –fv

* '''авторизация AD''' [[Настройка SAMBA в CentOS8]] В ад надо создать пользователя для авторизации сервера 1с (linux1cuser)


cmd:
setspn -A usr1cv8/s1c linux1cuser
#setspn -A usr1cv8/s1c.augin.ru linux1cuser

Keytab можно получить как в винде так и влинуксе. В винде(на котроллере домена):


ktpass -kvno 12 -ptype KRB5_NT_PRINCIPAL -princ usr1cv8/s1c.augin.ru@AUGIN.RU -mapuser linux1cuser -pass PASSWORDforLinux1cuser -out usr1cv8.keytab

Или прям на сервере 1с


ktutil
ktutil:  addent -password -p usr1cv8/s1c@AUGIN.RU -k 12 -e rc4-hmac
Password for usr1cv8/s1c@AUGIN.RU: PASSWORDforLinux1cuser
ktutil:  wkt /opt/1C/v8.3/x86_64/usr1cv8.keytab
ktutil:  q


chown usr1cv8:grp1cv8 /opt/1C/v8.3/x86_64/usr1cv8.keytab
chmod 600 /opt/1C/v8.3/x86_64/usr1cv8.keytab

так же необходимо добавить шифрование rc4-hmac к поддерживаемым nano /etc/krb5.conf.d/crypto-policies


[libdefaults]
permitted_enctypes = aes256-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 camellia256-cts-cmac aes128-cts-hmac-sha1-96 aes128-cts-hmac-sha256-128 camellia128-cts-cmac rc4-hmac


kinit -k -t /opt/1C/v8.3/x86_64/usr1cv8.keytab usr1cv8/s1c@AUGIN.RU

* '''WEB'''


dnf install httpd -y
dnf install php php-common php-pgsql php-gd php-xml php-mbstring -y
systemctl enable httpd --now
systemctl enable --now php-fpm
wget https://github.com/vrana/adminer/releases/download/v4.7.6/adminer-4.7.6.php -O /var/www/html/index.php
mkdir /var/www/html/dengi/
/opt/1C/v8.3/x86_64/webinst -apache24 -wsdir dengi -dir '/var/www/html/dengi' -connStr 'Srvr="s1c.augin.ru";Ref="dengi";' -confPath /etc/httpd/conf/httpd.conf

nano /var/www/html/dengi/default.vrd


systemctl restart httpd

* '''Включение логов'''


mkdir /home/usr1cv8/.1cv8/1C/1cv8/conf/
touch /home/usr1cv8/.1cv8/1C/1cv8/conf/logcfg.xml
chown usr1cv8:grp1cv8 /home/usr1cv8/.1cv8/1C/1cv8/conf/ -R
mkdir /var/log/1c
mkdir /var/log/1c/dumps
chown -R usr1cv8:grp1cv8 /var/log/1c

nano /home/usr1cv8/.1cv8/1C/1cv8/conf/logcfg.xml

* lic


wget https://cloud.augin.ru/s/2pndNgk4dLYQBji/download --no-check-certificate -O dumps.zip
wget https://cloud.augin.ru/s/oi4nNr4CTCfiNgd/download --no-check-certificate -O install_hasp_centos78.sh
chmod +x install_hasp_centos78.sh
sed -i "s/\r//g" install_hasp_centos78.sh
./install_hasp_centos78.sh

* ошибка access_ok


убираем первый параметр в строке с access_ok

* backup cat /opt/backup.sh


BAK_DIR="/home/disk1/sql_bases/s1c-x"
DATE=`date +%d.%m.%Y-%H%M`

ssh root@bs "mkdir $BAK_DIR/$DATE"

for base in ` su -l postgres -c "/opt/pgpro/1c-12/bin/psql -U postgres -Aqt -c 'select datname from pg_database;'"`
do
su -l postgres -c "/opt/pgpro/1c-12/bin/pg_dump $base" | gzip > /var/lib/pgpro/bak/$base.sql.gz

scp "/var/lib/pgpro/bak/$base.sql.gz" "root@bs:$BAK_DIR/$DATE/$base.sql.gz"

#ssh root@bs "gzip > $BAK_DIR/$DATE/$base.sql.gz"
done

ssh root@bs "/home/disk1/sql_bases/clean.sh $BAK_DIR"

chmod +x /opt/backup.sh mkdir /var/lib/pgpro/bak/ ssh-copy-id root@bs cat /etc/cron.d/backup-postgresql


# backup postgres
0 1 * * * root /opt/backup.sh

cat /opt/restore.sh su postgres -c "/opt/pgpro/1c-12/bin/psql -c 'DROP DATABASE pg_base_name;'" su postgres -c "/opt/pgpro/1c-12/bin/psql -c 'CREATE DATABASE pg_base_name;'" su postgres -c "gunzip -c pg_base_name.sql.gz | /opt/pgpro/1c-12/bin/psql pg_base_name" cat /home/disk1/sql_bases/clean.sh


#!/bin/bash

if [ $# -lt 1 ]
then
 echo Something wrong with parameters
  exit
  fi

x=1  # Счетчик файлов
path=$1 #"/home/disk1/sql_bases/s1c-nd" # Путь к удаляемым файлам

for i in `ls -t $path`
        do
          if [ $x -le 14 ]
                then
                ((x++))
                continue
          fi
        rm -rf $path/$i
  done

* lic apt install libc6-i386 -y wget http://download.etersoft.ru/pub/Etersoft/HASP/stable/x86_64/Ubuntu/16.04/haspd-modules_7.90-eter2ubuntu_amd64.deb wget http://download.etersoft.ru/pub/Etersoft/HASP/stable/x86_64/Ubuntu/16.04/haspd_7.90-eter2ubuntu_amd64.deb dpkg -i haspd*.deb systemctl status haspd