====== Runbook: systemd ======

<WRAP round info>
**Trajanje:** ~10 minuta \\
**Uloga:** Linux-Administrator \\
**Preduvjet:** root/sudo, .NET 8 Runtime
</WRAP>

Data Gateway kao systemd-Service pod Linuxom.

----

===== Tijek rada =====

<mermaid>
flowchart TD
    A[Start] --> B[Gateway instalirati]
    B --> C[Service-Unit kreirati]
    C --> D[systemctl enable]
    D --> E[systemctl start]
    E --> F[Health Check]
    F --> G{OK?}
    G -->|Da| H[Gotovo]
    G -->|Ne| I[journalctl provjeriti]

    style H fill:#e8f5e9
    style I fill:#ffebee
</mermaid>

----

===== 1. Gateway instalirati =====

<code bash>
# Direktorij kreirati
sudo mkdir -p /opt/data-gateway
sudo chown $USER:$USER /opt/data-gateway

# Datoteke kopirati
cp -r ./publish/* /opt/data-gateway/

# Izvrsno postaviti
chmod +x /opt/data-gateway/WvdS.WebAPI.Data.Gateway.Api

# Konfiguraciju prilagoditi
sudo nano /opt/data-gateway/appsettings.json
</code>

----

===== 2. Korisnika kreirati =====

<code bash>
# Namjenski Service-korisnik
sudo useradd --system --no-create-home --shell /sbin/nologin datagateway

# Dozvole postaviti
sudo chown -R datagateway:datagateway /opt/data-gateway
</code>

----

===== 3. systemd Unit kreirati =====

<code bash>
sudo nano /etc/systemd/system/data-gateway.service
</code>

**Sadrzaj:**

<code ini>
[Unit]
Description=WvdS Data Gateway
Documentation=https://wiki.example.com/data-gateway
After=network.target

[Service]
Type=notify
User=datagateway
Group=datagateway
WorkingDirectory=/opt/data-gateway
ExecStart=/opt/data-gateway/WvdS.WebAPI.Data.Gateway.Api
Restart=always
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=data-gateway
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

# Sigurnost
NoNewPrivileges=true
ProtectSystem=strict
ProtectHome=true
PrivateTmp=true
ReadWritePaths=/opt/data-gateway/logs
ReadWritePaths=/opt/data-gateway/data

# Limiti
LimitNOFILE=65536
TimeoutStopSec=30

[Install]
WantedBy=multi-user.target
</code>

----

===== 4. Service aktivirati =====

<code bash>
# systemd ponovno ucitati
sudo systemctl daemon-reload

# Autostart aktivirati
sudo systemctl enable data-gateway

# Service pokrenuti
sudo systemctl start data-gateway

# Status provjeriti
sudo systemctl status data-gateway
</code>

----

===== 5. Health Check =====

<code bash>
# Pricekati dok je spreman
sleep 5

# Health Check
curl -s http://localhost:5000/health
# Ocekivani odgovor: "Healthy"

# API test
curl -s http://localhost:5000/api/v1/dsn/demo/tables | head
</code>

----

===== 6. Logove prikazati =====

<code bash>
# Aktualni logovi
sudo journalctl -u data-gateway -n 50 --no-pager

# Live-Tail
sudo journalctl -u data-gateway -f

# Od danas
sudo journalctl -u data-gateway --since today

# Samo greske
sudo journalctl -u data-gateway -p err
</code>

----

===== 7. Kontrolna lista =====

| # | Provjera | Da/Ne |
|---|-----------|---|
| 1 | .NET 8 instaliran | - |
| 2 | Gateway u /opt/data-gateway | - |
| 3 | Service-User kreiran | - |
| 4 | Unit-datoteka kreirana | - |
| 5 | Service enabled | - |
| 6 | Service pokrenut | - |
| 7 | Health Check OK | - |

----

===== Service naredbe =====

| Naredba | Opis |
|--------|--------------|
| ''systemctl start data-gateway'' | Pokretanje |
| ''systemctl stop data-gateway'' | Zaustavljanje |
| ''systemctl restart data-gateway'' | Ponovno pokretanje |
| ''systemctl status data-gateway'' | Status |
| ''systemctl enable data-gateway'' | Autostart ukljuciti |
| ''systemctl disable data-gateway'' | Autostart iskljuciti |

----

===== Rjesavanje problema =====

| Problem | Uzrok | Rjesenje |
|---------|---------|--------|
| ''code=exited, status=203'' | Pogresan put | ExecStart provjeriti |
| ''code=exited, status=1'' | Config greska | journalctl provjeriti |
| ''Permission denied'' | Pogresna prava | chown provjeriti |
| ''Address already in use'' | Port zauzet | drugi port ili proces ubiti |

**Detaljna analiza gresaka:**

<code bash>
# Izvrsnu datoteku direktno testirati
sudo -u datagateway /opt/data-gateway/WvdS.WebAPI.Data.Gateway.Api

# SELinux problemi (RHEL/CentOS)
sudo ausearch -m avc -ts recent
sudo setsebool -P httpd_can_network_connect 1
</code>

----

===== Port promijeniti =====

U ''appsettings.json'':

<code json>
{
  "Kestrel": {
    "Endpoints": {
      "Http": {
        "Url": "http://0.0.0.0:8080"
      }
    }
  }
}
</code>

**Firewall otvoriti:**

<code bash>
# firewalld (RHEL/CentOS)
sudo firewall-cmd --permanent --add-port=8080/tcp
sudo firewall-cmd --reload

# ufw (Ubuntu/Debian)
sudo ufw allow 8080/tcp
</code>

----

===== Service ukloniti =====

<code bash>
# Zaustaviti i deaktivirati
sudo systemctl stop data-gateway
sudo systemctl disable data-gateway

# Unit-datoteku ukloniti
sudo rm /etc/systemd/system/data-gateway.service
sudo systemctl daemon-reload

# Datoteke ukloniti (opcionalno)
sudo rm -rf /opt/data-gateway
sudo userdel datagateway
</code>

----

===== Povezani runbookovi =====

  * [[.:docker|Docker]] - Container alternativa
  * [[..:monitoring:prometheus|Prometheus]] - Metrics eksportiranje
  * [[..:sicherheit:tls-einrichten|TLS postavljanje]] - HTTPS

----

<< [[.:windows-dienst|<- Windows-Dienst]] | [[.:docker|-> Docker]] >>

----
//Wolfgang van der Stille @ EMSR DATA d.o.o. - Data Gateway Professional//

{{tag>operator runbook linux systemd service}}