apt install software-properties-common -y apt-add-repository contrib apt update apt install gnupg2 sudo ttf-mscorefonts-installer fontconfig -y fc-cache -fv
wget http://ftp.de.debian.org/debian/pool/main/e/enchant/libenchant1c2a_1.6.0-11.1+b1_amd64.deb dpkg -i libenchant1c2a_1.6.0-11.1+b1_amd64.deb apt --fix-broken install -y
tar xvfz server64_8.3.22.2143.tar.gz ./setup-full-8.3.22.2143-x86_64.run --mode unattended --enable-components server,ws,server_admin,liberica_jre,ru chown -R usr1cv8:grp1cv8 /opt/1cv8/ ln -f /opt/1cv8/x86_64/8.3.22.2143/srv1cv8-8.3.22.2143@.service /etc/systemd/system/srv1cv8.service sed -i 's/^Environment=SRV1CV8_KEYTAB=.*/Environment=SRV1CV8_KEYTAB=\/opt\/1cv8\/conf\/usr1cv8.keytab/g' /etc/systemd/system/srv1cv8.service systemctl daemon-reload systemctl enable srv1cv8.service systemctl start srv1cv8 systemctl status srv1cv8
dpkg --add-architecture i386 apt update apt install unixodbc:i386 imagemagick:i386 liblcms2-2:i386 wget http://ftp.de.debian.org/debian/pool/main/e/enchant/libenchant1c2a_1.6.0-11.1+b1_i386.deb dpkg -i libenchant1c2a_1.6 apt --fix-broken install -y
cd ~ wget http://repo.postgrespro.ru/keys/GPG-KEY-POSTGRESPRO apt-key add GPG-KEY-POSTGRESPRO echo deb https://repo.postgrespro.ru/pg1c-14/debian bullseye main > /etc/apt/sources.list.d/postgrespro.list apt update apt install postgrespro-1c-14-server -y
/opt/pgpro/1c-14/bin/pg-wrapper links update pg-setup initdb systemctl enable postgrespro-1c-14 systemctl start postgrespro-1c-14 systemctl status postgrespro-1c-14
sudo -u postgres psql postgres \password postgres \quit
nano /var/lib/pgpro/1c-14/data/pg_hba.conf host all all 0.0.0.0/0 md5
<!– nano /var/lib/pgpro/1c-14/data/postgresql.conf
listen_addresses = '*' # what IP address(es) to listen on; max_connections = 500 # (change requires restart) shared_buffers = 4GB # min 128kB temp_buffers = 256MB # min 800kB work_mem = 512MB # min 64kB maintenance_work_mem = 1024MB # min 1MB dynamic_shared_memory_type = posix # the default is the first option bgwriter_lru_maxpages = 400 # max buffers written/round, 0 disables bgwriter_lru_multiplier = 4.0 # 0-10.0 multiplier on buffers scanned/round effective_io_concurrency = 2 # 1-1000; 0 disables prefetching synchronous_commit = off # synchronization level; commit_delay = 1000 # range 0-100000, in microseconds commit_siblings = 5 # range 1-1000 max_wal_size = 4GB min_wal_size = 2GB checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0 random_page_cost = 1.3 # same scale as above effective_cache_size = 8GB logging_collector = off # Enable capturing of stderr and csvlog log_timezone = 'Europe/Moscow' autovacuum = on # Enable autovacuum subprocess? 'on' autovacuum_max_workers = 4 # max number of autovacuum subprocesses autovacuum_naptime = 20s # time between autovacuum runs row_security = off datestyle = 'iso, dmy' timezone = 'Europe/Moscow' lc_messages = 'ru_RU.UTF-8' # locale for system error message lc_monetary = 'ru_RU.UTF-8' # locale for monetary formatting lc_numeric = 'ru_RU.UTF-8' # locale for number formatting lc_time = 'ru_RU.UTF-8' # locale for time formatting default_text_search_config = 'pg_catalog.russian' max_locks_per_transaction = 256 # min 10 escape_string_warning = off standard_conforming_strings = off
–>
systemctl restart postgrespro-1c-14
* 'samba'
apt install samba winbind krb5-config libnss-winbind acl krb5-user -y
systemctl enable –now {smbd,nmbd}
cat << EOF > /etc/krb5.conf
[libdefaults]
default_realm = AUGIN.RU
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
DC1.AUGIN.RU = {
kdc = dc1.augin.ru
admin_server = dc1.augin.ru
}
AUGIN.RU = {
kdc = dc1.augin.ru
}
[domain_realm]
dc1.augin.ru = DC1.AUGIN.RU
.dc1.augin.ru = DC1.AUGIN.RU
EOF
cat << EOF > /etc/samba/smb.conf [global] workgroup = AUGIN security = ads kerberos method = secrets and keytab realm = AUGIN.RU winbind use default domain = true winbind enum groups = Yes winbind enum users = Yes password server = dc1.augin.ru idmap config * : range = 16777216-33554431 idmap config * : backend = autorid template homedir = /home/%U template shell = /sbin/nologin winbind offline logon = false vfs objects = acl_xattr map acl inherit = Yes store dos attributes = Yes [exchange$] comment = exchange folder path = /home/exchange public = yes writable = yes EOF mkdir /home/exchange
nano /etc/nsswitch.conf
passwd: files systemd winbind group: files systemd winbind ...
net ads join -U Administrator systemctl restart smbd nmbd winbind wbinfo -u setfacl -R -m g:«domain admins»:rwx /home setfacl -R -d -m g:«domain admins»:rwx /home
* 'авторизация AD'
PowerShell Invoke-Command -ComputerName dc1 -ScriptBlock {ktpass -kvno 12 -ptype KRB5_NT_PRINCIPAL -princ usr1cv8/s1c.augin.ru@AUGIN.RU -mapuser l1cuser -pass PaSwOrD(l1cuser) -out \\s1c\home$\usr1cv8.keytab}
cp /home/usr1cv8.keytab /opt/1cv8/conf/usr1cv8.keytab chown usr1cv8:grp1cv8 /opt/1cv8/conf/usr1cv8.keytab chmod 600 /opt/1cv8/conf/usr1cv8.keytab sed -i 's/^Environment=SRV1CV8_KEYTAB=.*/Environment=SRV1CV8_KEYTAB=\/opt\/1cv8\/conf\/usr1cv8.keytab/g' /etc/systemd/system/srv1cv8.service systemctl daemon-reload systemctl restart srv1cv8.service
* 'WEB'
apt install apache2 -y apt install php php-common php-pgsql php-gd php-xml php-mbstring php-fpm -y systemctl enable apache2 --now a2enmod proxy_fcgi setenvif a2enconf php7.4-fpm systemctl restart apache2 php7.4-fpm wget https://github.com/vrana/adminer/releases/download/v4.7.6/adminer-4.7.6.php -O /var/www/html/index.php
mkdir /var/www/html/dengi/ /opt/1cv8/x86_64/8.3.22.1709/webinst -apache24 -wsdir dengi -dir '/var/www/html/dengi' -connStr 'Srvr="s1c.augin.ru";Ref="dengi";' -confPath /etc/apache2/apache2.conf systemctl restart apache2
* lic
wget https://cloud.augin.ru/s/2pndNgk4dLYQBji/download/Dumps.zip wget https://cloud.augin.ru/s/3wc2XbXqWbErxjA/download/install_hasp_Debian_11.sh chmod +x install_hasp_Debian_11.sh ./install_hasp_Debian_11.sh apt install libc6-i386 -y wget https://cloud.augin.ru/s/ifP5KKKFDGXWmp7/download/haspd_7.90-eter2ubuntu_amd64.deb dpkg -i haspd_7.90-eter2ubuntu_amd64.deb
* 'backup'
cat << EOF > /opt/backup.sh
#!/bin/bash
SERVER=bs
BAK_DIR="/mnt/disk1/sql_bases/s1c-x"
DATE=\`date +%d.%m.%Y-%H%M\`
RECENT=7
ssh root@\$SERVER "mkdir \$BAK_DIR/\$DATE"
for base in \`su -l postgres -c "psql -U postgres -Aqt -c 'select datname from pg_database;'"\`
do
su -l postgres -c "pg_dump \$base" | gzip > /var/lib/pgpro/bak/\$base.sql.gz
scp "/var/lib/pgpro/bak/\$base.sql.gz" "root@\$SERVER:\$BAK_DIR/\$DATE/\$base.sql.gz"
done
x=1
for i in \`ssh root@\$SERVER -C "ls -t \$BAK_DIR"\`
do
if [ \$x -le \$RECENT ]
then
((x++))
continue
fi
ssh root@\$SERVER -C "rm -rf \$BAK_DIR/\$i"
done
EOF
chmod +x /opt/backup.sh
mkdir /var/lib/pgpro/bak/
cat << EOF > /etc/cron.d/backup-postgresql
# backup postgres
0 1 * * * root /opt/backup.sh
EOF
cat << EOF > /opt/restore.sh
su postgres -c "psql -c 'DROP DATABASE pg_base_name;'"
su postgres -c "psql -c 'CREATE DATABASE pg_base_name;'"
su postgres -c "gunzip -c pg_base_name.sql.gz | psql pg_base_name"
EOF
ssh-copy-id root@bs
* 'Создание информационной базы'
su usr1cv8 -c «/opt/1cv8/x86_64/8.3.22.1704/ras cluster –daemon»
su usr1cv8 -c «/opt/1cv8/x86_64/8.3.22.1704/rac cluster list»
cluster : 1fc5b766-b120-44e1-8982-245b7458830a
su usr1cv8 -c «/opt/1cv8/x86_64/8.3.22.1704/rac infobase –cluster=1fc5b766-b120-44e1-8982-245b7458830a create –create-database –name=dengi –dbms=PostgreSQL –db-server=s1c –db-name=dengi –locale=ru_RU –db-user=postgres –db-pwd='password' –license-distribution=allow»
infobase : bed93d44-3e5d-4c3e-80a2-f681a14c24f2
su usr1cv8 -c «/opt/1cv8/x86_64/8.3.22.1704/rac infobase –cluster=1fc5b766-b120-44e1-8982-245b7458830a summary list»
/opt/1C/v8.3/x86_64/rac infobase –cluster=47e454ce-622f-13e8-548b-005c293a22e1 drop –infobase=356332f4-62a8-11e9-1d97-003c254a22e1 –infobase-user=admin –infobase-pwd='alks76dg(h323)qw' –drop-database