数据库SQL审核-archery-v1.10.0-docker部署安装
推荐使用docker或k8s跑archery,手工部署环境和各类插件有点繁琐
安装docker
1.安装依赖包
yum install -y yum-utils device-mapper-persistent-data lvm2
2.添加阿里镜像仓库
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
3.安装docker
yum -y install docker-ce
安装docker compose
curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
下载Releases文件(https://github.com/hhyo/archery/releases/),解压后进入docker-compose文件夹
修改各类配置文件
路径:src/docker-compose/archery/settings.py
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 | DEBUG = False # 设置ALLOWED_HOSTS,建议限制内网访问 ALLOWED_HOSTS = [ '*' ] # 请求大小限制,如果提交SQL语句过大可以修改该值 DATA_UPLOAD_MAX_MEMORY_SIZE = 15728640 # 密码校验,用户注册和添加密码校验规则 AUTH_PASSWORD_VALIDATORS = [ { 'NAME' : 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator' , }, { 'NAME' : 'django.contrib.auth.password_validation.MinimumLengthValidator' , 'OPTIONS' : { 'min_length' : 9, } }, { 'NAME' : 'django.contrib.auth.password_validation.CommonPasswordValidator' , }, { 'NAME' : 'django.contrib.auth.password_validation.NumericPasswordValidator' , }, ] DATABASES = { 'default' : { 'ENGINE' : 'django.db.backends.mysql' , 'NAME' : 'archery' , # 数据库名称 'USER' : 'archery' , # 数据库用户 'PASSWORD' : '1234567' , # 数据库密码 'HOST' : '10.127.137.97' , # 数据库HOST,如果是docker启动并且关联,可以使用容器名连接 'PORT' : '3306' , # 数据库端口 'OPTIONS' : { 'init_command' : "SET sql_mode='STRICT_TRANS_TABLES'" , # SQL_MODE,为了兼容 select * group by ,可以按需调整 'charset' : 'utf8mb4' }, 'TEST' : { 'NAME' : 'test_archery' , 'CHARSET' : 'utf8mb4' , }, } } Q_CLUSTER = { 'name' : 'archery' , 'workers' : 4, 'recycle' : 500, 'timeout' : 60, 'compress' : True, 'cpu_affinity' : 1, 'save_limit' : 0, 'queue_limit' : 50, 'label' : 'Django Q' , 'django_redis' : 'default' , 'sync' : False # 本地调试可以修改为True,使用同步模式 } CACHES = { "default" : { "BACKEND" : "django_redis.cache.RedisCache" , "LOCATION" : "redis://10.127.137.94:6379/5" , # redis://host:port/db "OPTIONS" : { "CLIENT_CLASS" : "django_redis.client.DefaultClient" , "PASSWORD" : "M!Df^1X2121" } } } |
修改docker-compose.yml
路径:src/docker-compose/docker-compose.yml
redis与mysql为独立部署
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | version: '3' services: goinception: image: hanchuanchuan/goinception container_name: goinception restart: always ports: - "4000:4000" volumes: - "./inception/config.toml:/etc/config.toml" archery: image: hhyo/archery:v1.10.0 container_name: archery restart: always ports: - "9123:9123" volumes: - "./archery/settings.py:/opt/archery/local_settings.py" - "./archery/soar.yaml:/etc/soar.yaml" - "./archery/docs.md:/opt/archery/docs/docs.md" - "./archery/downloads:/opt/archery/downloads" - "./archery/sql/migrations:/opt/archery/sql/migrations" - "./archery/logs:/opt/archery/logs" - "./archery/keys:/opt/archery/keys" entrypoint: "dockerize -wait tcp://xxxx:3306 -wait tcp://xxxx:6379 -timeout 60s /opt/archery/src/docker/startup.sh" env_file: - .env |
修改config.toml
路径:src/docker-compose/inception/config.toml
调整数据库连接信息
backup_host = "10.127.127.97"
backup_port = 3306
backup_user = "xx"
backup_password = "xxxx"
启动
docker-compose -f docker-compose.yml up -d
表结构初始化
docker exec -ti archery /bin/bash
cd /opt/archery
source /opt/venv4archery/bin/activate
python3 manage.py makemigrations sql
python3 manage.py migrate
数据初始化
python3 manage.py dbshell<sql/fixtures/auth_group.sql
python3 manage.py dbshell<src/init_sql/mysql_slow_query_review.sql
创建管理用户
python3 manage.py createsuperuser
退出容器
exit
日志查看和问题排查
docker logs archery -f --tail=50
访问地址:
http://xx.xx.xx.xx:9123
审计oracle数据库SQL发生各种报错:替换容器里/opt/archery/sql/engines/oracle.py文件,重新打包镜像,启动即可。
文件链接:https://pan.baidu.com/s/1000aLwbuYfAujIj1VXA6HQ?pwd=hl3y
提取码:hl3y
蛮好用的sql审核平台,点赞!!!
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 一个费力不讨好的项目,让我损失了近一半的绩效!
· 清华大学推出第四讲使用 DeepSeek + DeepResearch 让科研像聊天一样简单!
· 实操Deepseek接入个人知识库
· CSnakes vs Python.NET:高效嵌入与灵活互通的跨语言方案对比
· Plotly.NET 一个为 .NET 打造的强大开源交互式图表库
2019-02-20 Oracle Duplicating 路径转换