Proteggere Il Db Di Domoticz
“Come Proteggere il tuo Database dai Curiosi?”. Naturalmente vuoi che nessuno veda la struttura del tuo DB e che soprattutto nessuno vada ad alterare le tue impostazioni. L’Autore si riserva il diritto di esaminare il contenuto dei commenti e qualora questi fossero ritenuti non idonei alla pubblicazione verranno insindacabilmente.
Embedded devices using flash-based storage — especially the crappy SD/MMC devices with their own built-in translation layer, and using a normal block file system such as ext4 on top — should always be careful to avoid doing too many writes to the device. For long-term embedded use cases, it's best for the file system to be read only.It would be useful to separate the permanent configuration of Domoticz, from the ongoing data logging. In some cases the former might be kept on the real file system, while the latter can be in a tmpfs and thus just in memory.It's not the end of the world if that gets lost on a restart, and it is painful if constantly writing to the storage device means the system doesn't boot any more after a few months of operation. Separating them gives uses the option of temporary storage for the logs. It certainly wouldn't force you to use temporary storage.And the class 10 cards might be slightly less crappy than the others but they're still crappy.
And it's still a fundamental design flaw to have them pretend to be spinning rust, just to use a traditional block file system on top of them. Etc.)Sure, using a better card can buy you time. But for an embedded system which you want to keep working for years, you really don't want to be constantly writing to the same device you need to boot from. The problem is that for devices like the Raspberry Pi which have only the one SD card as storage, there isn't a lot you can do.
The failure mode is often at the device level — especially when it gets subjected to power failures. So you can't partition it and put the database in a certain partition, because that doesn't help.
The only thing that helps is not writing to the SD card at all. My plan was to keep the running logs in a database on tmpfs, and back it up to a remote server (perhaps in real time), and restore it on restart (if possible). But right now, all I wanted to do was have the facility to split long-term from short-term data. It shouldn't even be that hard or intrusive; I can try to knock up a patch which does it. I'm not sure I'd want to use NFS for the day-to-day operation.
That would mean the NFS server and the routers/switches would need to be on UPS which lasts as long as the Domoticz system. Even if we didn't have any other reliability concerns about NFS.I would definitely want the system to be able to operate standalone.What I was thinking was the short-term database in tmpfs and backed up over the network basically in real time (or every five minutes, at least). On a clean shutdown a 'final' backup would be triggered. On startup, we'd restore the short-term database from the server. Those operations could actually be handled by the initscripts, rather than Domoticz itself.So the common case would be that it all just works and nothing is lost. On an unclean shutdown you might lose the last tiny bit of data — but that you expect anyway, and on SD cards you probably expect to lose a whole lot more on an unclean power failure.Only if the server is actually absent when you power up, is the shortlog lost. And again, this is a deployment choice — nobody would be forced to put the shortlog in tmpfs.
Proteggere Il Db Di Domoticz 1
To support this, all we really need on the Domoticz side is to allow the flexibility for the user to deploy it in such a way.