====== Firebird databázový server v Debianu ======

===== Potřebné balíčky =====

  * firebird2.5-superclassic
  * libnagios-plugin-perl
  * libdbd-firebird-perl

===== Konfigurace =====

  * ''%%dpkg-reconfigure firebird2.5-superclassic%%'' - vynutí znovu nastavení hesla pro hlavního uživatele SYSDBA. Defaultně se používá heslo ''%%masterkey%%'', ale samozřejmě záleží na nastavení aplikace, kterou budete používat = doporučuji nahlédnout do dokumentace výrobce.
  * Editace souboru ''%%/etc/firebird/2.5/firebird.conf%%'' - nastaveni pro zakladni funkčnost, ostatní je mošno doladit dle potřeby

<file ini /etc/firebird/2.5/firebird.conf>
#######################################
#
# Firebird configuration file
#
# Comments
# --------
# The # character is used for comments and can be placed anywhere on a
# line.  Anything following the # character on a line is considered a
# comment.
#
# Examples:
#
#    # This is a comment
#    DefaultDbCachePages = 2048   # This is an end-of-line comment
#
# Entries
# -------
# The default value for each entry is listed to the right of the "=".
# To activate an entry, remove the leading "#"s and supply the desired
# value.
#
# Please note, a number of the values are specified in **Bytes** (Not KB).
# Accordingly, we have provided some simple conversion tables at the bottom
# of this file.
#
# There are three types of configuration values: integer, boolean and string.
#
# Integer
# --------
# Integers is what they sound like, an integral value. Examples:
#   1
#   42
#   4711
#
# Boolean
# -------
# Boolean is expressed as integer values with 0 (zero) being "false" and
# non-zero is taken to mean "true". For consistency we recommend you
# only use 0/1.
#
# String
# ------
# Strings are also what they sound like, strings. Examples:
#   RootDirectory  = /opt/firebird
#   RemotePipeName = pipe47
#
#
# Portions of this file have been reproduced/made available with the
# permission of Ann Harrison @ IBPhoenix.
#######################################
#
# Firebird configuration file
#
# Comments
# --------
# The # character is used for comments and can be placed anywhere on a
# line.  Anything following the # character on a line is considered a
# comment.
#
# Examples:
#
#    # This is a comment
#    DefaultDbCachePages = 2048   # This is an end-of-line comment
#
# Entries
# -------
# The default value for each entry is listed to the right of the "=".
# To activate an entry, remove the leading "#"s and supply the desired
# value.
#
# Please note, a number of the values are specified in **Bytes** (Not KB).
# Accordingly, we have provided some simple conversion tables at the bottom
# of this file.
#
# There are three types of configuration values: integer, boolean and string.
#
# Integer
# --------
# Integers is what they sound like, an integral value. Examples:
#   1
#   42
#   4711
#
# Boolean
# -------
# Boolean is expressed as integer values with 0 (zero) being "false" and
# non-zero is taken to mean "true". For consistency we recommend you
# only use 0/1.
#
# String
# ------
# Strings are also what they sound like, strings. Examples:
#   RootDirectory  = /opt/firebird
#   RemotePipeName = pipe47
#
#
# Portions of this file have been reproduced/made available with the
# permission of Ann Harrison @ IBPhoenix.
#######################################
#
# Firebird configuration file
#
# Comments
# --------
# The # character is used for comments and can be placed anywhere on a
# line.  Anything following the # character on a line is considered a
# comment.
#
# Examples:
#
#    # This is a comment
#    DefaultDbCachePages = 2048   # This is an end-of-line comment
#
# Entries
# -------
# The default value for each entry is listed to the right of the "=".
# To activate an entry, remove the leading "#"s and supply the desired
# value.
#
# Please note, a number of the values are specified in **Bytes** (Not KB).
# Accordingly, we have provided some simple conversion tables at the bottom
# of this file.
#
# There are three types of configuration values: integer, boolean and string.
#
# Integer
# --------
# Integers is what they sound like, an integral value. Examples:
#   1
#   42
#   4711
#
# Boolean
# -------
# Boolean is expressed as integer values with 0 (zero) being "false" and
# non-zero is taken to mean "true". For consistency we recommend you
# only use 0/1.
#
# String
# ------
# Strings are also what they sound like, strings. Examples:
#   RootDirectory  = /opt/firebird
#   RemotePipeName = pipe47
#
#
# Portions of this file have been reproduced/made available with the
# permission of Ann Harrison @ IBPhoenix.
#######################################
#
# Firebird configuration file
#
# Comments
# --------
# The # character is used for comments and can be placed anywhere on a
# line.  Anything following the # character on a line is considered a
# comment.
#
# Examples:
#
#    # This is a comment
#    DefaultDbCachePages = 2048   # This is an end-of-line comment
#
# Entries
# -------
# The default value for each entry is listed to the right of the "=".
# To activate an entry, remove the leading "#"s and supply the desired
# value.
#
# Please note, a number of the values are specified in **Bytes** (Not KB).
# Accordingly, we have provided some simple conversion tables at the bottom
# of this file.
#
# There are three types of configuration values: integer, boolean and string.
#
# Integer
# --------
# Integers is what they sound like, an integral value. Examples:
#   1
#   42
#   4711
#
# Boolean
# -------
# Boolean is expressed as integer values with 0 (zero) being "false" and
# non-zero is taken to mean "true". For consistency we recommend you
# only use 0/1.
#
# String
# ------
# Strings are also what they sound like, strings. Examples:
#   RootDirectory  = /opt/firebird
#   RemotePipeName = pipe47
#
#
# Portions of this file have been reproduced/made available with the
# permission of Ann Harrison @ IBPhoenix.
#######################################

# ----------------------------
# Database Paths/Directories
#
# DatabaseAccess may be None, Full or Restrict. If you choose Restrict,
# provide ';'-separated trees list, where database files are stored.
# Relative paths are treated relative to RootDirectory entry
# (see above). Default value 'Full' gives full access to all files
# on your site. To specify access to specific trees, enum all required
# paths (for Win32 this may be something like 'C:\DataBase;D:\Mirror',
# for unix - '/db;/mnt/mirrordb'). If you choose 'None', then only
# databases listed in aliases.conf can be attached.
#
# Note: simple quotation marks shown above should *NOT* be used when
# specifying values and directory path names. Examples:
#
# DatabaseAccess = None
# DatabaseAccess = Restrict C:\DataBase
# DatabaseAccess = Restrict C:\DataBase;D:\Mirror
# DatabaseAccess = Restrict /db
# DatabaseAccess = Restrict /db;/mnt/mirrordb
# DatabaseAccess = Full
#
# UNCONTROLLED DATABASE ACCESS MAY COMPROMISE YOUR SYSTEM!
# IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT
# DATABASE LOCATIONS!
#
# Type: string (special format)
#
#DatabaseAccess = Full
DatabaseAccess = Restrict /var/lib/firebird

# ----------------------------
# Temporary directories
#
# Provide ';'-separated trees list, where temporary files are stored.
# Relative paths are treated relative to RootDirectory entry
# (see above). Default value is determined using FIREBIRD_TMP,
# TEMP or TMP environment options. Once the first specified
# directory has no available space, the engine will switch to the
# next one, and so on.
#
# E.g.:
# TempDirectories = c:\temp
# or
# TempDirectories = c:\temp;d:\temp
#
# Type: string (special format)
#
TempDirectories = /var/lib/firebird/2.5/tmp

# ----------------------------
# External File Paths/Directories
#
# ExternalFileAccess may be None, Full or Restrict. If you choose
# Restrict, provide ';'-separated trees list, where external files
# are stored. Relative paths are treated relative to RootDirectory entry
# (see above). Default value 'None' disables any use of external files
# on your site. To specify access to specific trees, enum all required
# paths (for Win32 this may be something like 'C:\ExternalTables',
# for unix - '/db/extern;/mnt/extern').
#
# NOTE: THE EXTERNAL TABLE ENGINE FEATURE COULD BE USED TO COMPROMISE
# THE SERVER/HOST AS WELL AS DATABASE SECURITY!!
#
# IT IS STRONGLY RECOMMENDED THAT THIS SETTING BE USED TO LIMIT
# EXTERNAL TABLE LOCATIONS!
#
# Type: string (special format)
#
ExternalFileAccess = Restrict /var/lib/firebird/inisoft

 Allows incoming connections to be bound to the IP address of a
# specific network card. It enables rejection of incoming connections
# through any other network interface except this one. By default,
# connections from any available network interface are allowed.
# If you are using Classic Server, this setting is for Windows only.
# Under Linux, BSD or Mac OS X, with Classic server use xinetd or launchd
# configuration file (bind parameter).
#
# Type: string
#
#RemoteBindAddress =
RemoteBindAddress = 172.16.33.1
</file>

  - **DatabaseAccess** = omezíme přístup jen do adresáře s databázema
  - **RemoteBindAddress** = nastavíme vnitřní adresu firemního serveru, kde má firebird poslouchat. Zbytečně  neotevíráme do Internetu.

  * Následně vytvoříme v adresáři **/var/lib/firebird** adresář se jménem aplikace a do ní nahrajeme databázové soubory **dbg**. V našem případě se jedná o aplikaci inisoft. V adresáři je defaultně ještě adresář **2.5**, který obsahuje systémové databáze firebirdu.
  * **Pozor na nastavení přístupových práv** = všechny soubory a podadresáře včetně adresáře ''%%/var/lib/firebird%%'' musí vlastnit uživatel a skupina **firebird**. Následně adresáře musí mít práva **775** a soubory **660** !!!
  * V aplikaci potom zadáme IP adresu, na kterém poslouchá firebird a potom celou cestu k datovému souboru databáze, tj. např. ''%%/var/lib/firebird/inisoft/dbini.gdb%%''

===== Monitoring nagiosem =====

Pro monitoring jsem použil plugin [[http://exchange.nagios.org/directory/Plugins/Databases/check_firebird-2Epl/details]] - ke stažení např. také z naší wiki: {{:howto:hosting:check_firebird.pl.gz|}}. \\

Plugin přidáme do nrpe.conf \\
''%%command[check_firebird]=/usr/lib/nagios/plugins/check_firebird.pl -H 172.16.33.1 -U SYSDBA -P <heslo> -D /var/lib/firebird/inisoft/dbini.gdb%%'' \\

<code bash>
root@server:/var/lib/firebird# /usr/lib/nagios/plugins/check_firebird.pl -H 172.16.33.1 -U SYSDBA -P <heslo> -D /var/lib/firebird/inisoft/dbini.gdb
OK: Database looks intact
</code>