Mercurial > p > roundup > code

view doc/mysql.txt @ 5717:cad18de2b988

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2550949: Rate limit password guesses/login attempts. Generic rate limit mechanism added. Deployed for web page logins. Default is 3 login attempts/minute for a user. After which one login attempt every 20 seconds can be done. Uses gcra algorithm so all I need to store is a username and timestamp in the one time key database. This does mean I don't have a list of all failed login attempts as part of the rate limiter. Set up config setting as well so admin can tune the rate. Maybe 1 every 10 seconds is ok at a site with poor typists who need 6 attempts to get the password right 8-). The gcra method can also be used to limit the rest and xmlrpc interfaces if needed. The mechanism I added also supplies a status method that calculates the expected values for http headers returned as part of rate limiting. Also tests added to test all code paths I hope.
author John Rouillard <rouilj@ieee.org>
date Sat, 11 May 2019 17:24:58 -0400
parents 0df5f9eeefd4
children e48b039b0ec0
line wrap: on
line source

=============
MySQL Backend
=============

This notes detail the MySQL backend for the Roundup issue tracker.


Prerequisites
=============

To use MySQL as the backend for storing roundup data, you also need 
to install:

1. MySQL RDBMS 4.0.18 or higher - http://www.mysql.com. Your MySQL
   installation MUST support InnoDB tables (or Berkeley DB (BDB) tables
   if you have no other choice). If you're running < 4.0.18 (but not <4.0)
   then you'll need to use BDB to pass all unit tests. Edit the
   ``roundup/backends/back_mysql.py`` file to enable DBD instead of InnoDB.
2. Python MySQL interface - https://pypi.org/project/mysqlclient/


Other Configuration
===================

If you are indexing large documents (e.g attached file contents)
using MySQL, you may need to increase the max_allowed_packet size.
If you don't you can see the error::

   'MySql Server has gone away (2006)'

To do this edit /etc/my.conf and change::

    [mysqld]
    max_allowed_packet = 1M

the 'max_allowed_packet' value from '1M' to '64M' or
larger.

Alternatively you can install an alternate indexer (whoosh, xapian
etc.) and force the tracker to use it by setting the ``indexer``
setting in the tracker's ``config.ini``.

This fix was supplied by telsch. See issue
https://issues.roundup-tracker.org/issue2550743 for further info or if
you are interested in developing a patch to roundup to help work
around this issue.

Running the MySQL tests
=======================

Roundup tests expect an empty MySQL database. Two alternate ways to provide 
this:

1. If you have root permissions on the MySQL server, you can create 
   the necessary database entries using the follwing SQL sequence. Use
   ``mysql`` on the command line to enter::

       CREATE DATABASE rounduptest;
       USE rounduptest;
       GRANT ALL PRIVILEGES ON rounduptest.* TO rounduptest@localhost
            IDENTIFIED BY 'rounduptest';
       FLUSH PRIVILEGES;

2. If your administrator has provided you with database connection info, 
   see the config values in 'test/db_test_base.py' 
   about which database connection, name and user will be used.

The MySQL database should not contain any tables. Tests will not 
drop the database with existing data.


Showing MySQL who's boss
========================

If things ever get to the point where that test database is totally hosed,
just::

  $ su -
  # /etc/init.d/mysql stop
  # rm -rf /var/lib/mysql/rounduptest
  # /etc/init.d/mysql start

and all will be better (note that on some systems, ``mysql`` is spelt
``mysqld``).
Roundup Issue Tracker: http://roundup-tracker.org/