Skip to content

Service Management

Jump to bottom
coldfire84 edited this page Aug 16, 2019 · 13 revisions

Backup of MongoDB

MongoDB stores usernames, oauth keys, device definitions, user MQTT topics etc.

Every other component is throw-away and can be recreated as above.

sudo mkdir -p /var/docker/dropbox-uploader
Browse to: https://www.dropbox.com/developers/apps and create an application
Generate API key

docker run -it --rm -v /var/docker/dropbox-uploader:/config peez/dropbox-uploader

mkdir ~/scripts/
cd ~/scripts

wget -O backup-mongodb.sh https://gist.github.com/coldfire84/81c3239c9fb477d64a166418f209871d/raw/d7c9d94403dc62d818886a8e42b616331a792103/backup-mongodb.sh

export MONGO_ADMIN=<username>
export MONGO_PASSWORD=<password>
sudo sed -i "s/<mongo-admin>/$MONGO_ADMIN/g" ~/scripts/backup-mongodb.sh
sudo sed -i "s/<password>/$MONGO_PASSWORD/g" ~/scripts/backup-mongodb.sh

sudo crontab -e

# Add
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
SHELL=/bin/bash
00 23 * * * /home/<username>/scripts/backup-mongodb.sh > /home/<username>/scripts/backup-mongodb.log

Performing a MongoDB Restore

  • Create MongoDB Docker container
  • Ensure that NodeJS web-app, Mosquitto Docker containers are not running
  • Copy tgz file to new host, extract into a folder under /var/docker/backup
  • Start the MongoDB Docker container

Execute the command below to restore the database to this new Docker container:

mongorestore --host localhost --port 27017 --username <admin username> --password <password> /backup/<backup folder name>

Once restored, you can now restart MongoDB Docker container, followed by the Mosquitto and NodeJS Docker containers.

Verify LetsEncrypt Certificates

Use the command below to check/ verify certificates are up-to-date:

sudo certbot certificates

MQTT

Test MQTT events are being received for a specific user:

mosquitto_sub -h <mqtt-server> --username '<username>' --pw '<password>' -t command/<username>/# -i test_client

Databases

Cleanup OAUTH2 Access Tokens

This is automated using a MongoDB TTL index.

db.accesstokens.createIndex( { "expires": 1 }, { expireAfterSeconds: 0 } )
db.alexaauthaccesstokens.createIndex( { "expires": 1 }, { expireAfterSeconds: 0 } )

Manual Cleanup

To manually remove access tokens follow the stpes below

db.accesstokens.deleteMany({
	"expires" : {
		$lt: new Date(new Date().setDate(new Date().getDate()-1))
	}
})

Filter for a specific user:

db.accesstokens.count({
	"user" : ObjectId("<_id>"),
	"expires" : {
		$lt: new Date(new Date().setDate(new Date().getDate()-1))
	}
})

Remove a Database

mongod
show dbs
use users
db.dropDatabase()

View Collections

mongod
show dbs
use users
show collections

Change MongoDB User Password

db.changeUserPassword("<username>", "<new password>")

Remove MongoDB User

use admin
db.dropUser("mqtt-user")

Reset Users OAuth

db.grantcodes.find({user: ObjectId("<id>"), application: ObjectId("<id>") })
db.grantcodes.deleteOne({user: ObjectId("<id>"), application: ObjectId("<id>") })

db.refreshtokens.find({user: ObjectId("<id>"), application: ObjectId("<id>") })
db.refreshtokens.deletOne({user: ObjectId("<id>"), application: ObjectId("<id>")})

db.accesstokens.find({user: ObjectId("<id>"), application: ObjectId("<id>")})
db.accesstokens.deleteMany({user: ObjectId("<id>"), application: ObjectId("<id>")})

Extend MQTT Topics

// Update a testaccount of your choice (find and replace 'testaccount' in ALL of the commands below)
db.accounts.find( { username:'testaccount'} ).forEach(function(doc) {    
    var newTopic = "message/" + doc.username + "/#/";
    db.topics.update( { _id: doc.topics }, { $push: { topics: newTopic } } );
})

// Check 'testaccount' topic look OK
db.topics.find()

// Apply the topics changes to *ALL* accounts (find and replace 'testaccount' with your actual test account)
db.accounts.find({ username:{$not:/testaccount/}}).forEach(function(doc) {
	var newTopic = "message/" + doc.username + "/#/";
    db.topics.update( { _id: doc.topics }, { $push: { topics: newTopic } } );
})

Updating Components

Redis

sudo docker pull redis

sudo docker stop redis
sudo docker rm redis

sudo docker create --name redis \
--network nr-alexav3 \
-v /var/docker/redis/data:/data \
--restart always \
--log-opt max-size=10m \
--log-opt max-file=5 \
redis

sudo docker start redis

Mosquitto


mkdir mosquitto-auth-build
cd mosquitto-auth-build
git clone --single-branch -b development https://github.com/coldfire84/mosquitto-auth.git .
sudo docker build -t mosq-auth:0.1 -f Dockerfile .

sudo docker stop mosquitto
sudo docker rm mosquitto

sudo docker create --name mosquitto \
--network nr-alexav3 \
-p 1883:1883 \
-p 8883:8883 \
-v /etc/letsencrypt:/etc/letsencrypt \
-v /var/docker/mosquitto/config:/mosquitto/config \
-v /var/docker/mosquitto/data:/mosquitto/data \
-v /var/docker/mosquitto/log:/mosquitto/log \
--restart=always \
--log-opt max-size=10m \
--log-opt max-file=5 \
mosq-auth:0.1

sudo docker start mosquitto

MongoDB

sudo docker pull mongo
sudo docker stop mongodb
sudo docker rm mongodb

export MONGO_ADMIN=<username>
export MONGO_PASSWORD=<password>

sudo docker create \
--name mongodb -p 27017:27017 \
--network nr-alexav3 \
-e MONGO_INITDB_ROOT_USERNAME=$MONGO_ADMIN \
-e MONGO_INITDB_ROOT_PASSWORD=$MONGO_PASSWORD \
-v /var/docker/mongodb/docker-entrypoint-initdb.d/:/docker-entrypoint-initdb.d/ \
-v /var/docker/mongodb/etc/:/etc/mongo/ \
-v /var/docker/mongodb/data/:/data/db/ \
-v /var/docker/backup:/backup/ \
--restart always \
--log-opt max-size=100m \
--log-opt max-file=5 \
mongo

sudo docker start mongodb

NGINX

sudo docker pull nginx
sudo docker stop nginx
sudo docker rm nginx

sudo docker create --network nr-alexav3 --name nginx -p 80:80 -p 443:443 \
-v /var/docker/nginx/conf.d/:/etc/nginx/conf.d/ \
-v /var/docker/nginx/stream_conf.d/:/etc/nginx/stream_conf.d/ \
-v /etc/letsencrypt:/etc/nginx/ssl/ \
-v /var/docker/nginx/includes:/etc/nginx/includes/ \
-v /var/docker/nginx/www/:/var/www \
--restart always \
--log-opt max-size=100m \
--log-opt max-file=5 \
nginx
Clone this wiki locally