Files
Thinh Lam 688fac73e9
CI/CD / backend (push) Failing after 2m8s
CI/CD / frontend (push) Failing after 1m40s
CI/CD / deploy (push) Has been skipped
sciagent code + Gitea Actions CI/CD
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-30 09:38:30 +07:00

79 lines
2.3 KiB
Transact-SQL

-- ============================================================================
-- DYD — Create Production Database + Dedicated Login
-- Run on SQL Server as sysadmin (sa)
-- ============================================================================
USE [master];
GO
-- 1. Create database
IF NOT EXISTS (SELECT 1 FROM sys.databases WHERE name = N'DYD_Prod')
BEGIN
CREATE DATABASE [DYD_Prod]
COLLATE Vietnamese_CI_AS;
-- Optional: set recovery model (Simple cho dev/staging, Full cho prod backup log)
ALTER DATABASE [DYD_Prod] SET RECOVERY SIMPLE;
PRINT 'Database [DYD_Prod] created.';
END
ELSE
BEGIN
PRINT 'Database [DYD_Prod] already exists. Skipping.';
END
GO
-- 2. Create dedicated login for the app (KHÔNG dùng sa trong production)
-- TODO: Thay '<APP_DB_PASSWORD>' bằng password mạnh (32+ char, random)
-- Generate: [System.Web.Security.Membership]::GeneratePassword(32, 8)
IF NOT EXISTS (SELECT 1 FROM sys.sql_logins WHERE name = N'dyd_app')
BEGIN
CREATE LOGIN [dyd_app] WITH
PASSWORD = N'<APP_DB_PASSWORD>',
DEFAULT_DATABASE = [DYD_Prod],
CHECK_EXPIRATION = OFF,
CHECK_POLICY = ON;
PRINT 'Login [dyd_app] created.';
END
ELSE
BEGIN
PRINT 'Login [dyd_app] already exists. Skipping.';
END
GO
-- 3. Map login to database user + assign roles
USE [DYD_Prod];
GO
IF NOT EXISTS (SELECT 1 FROM sys.database_principals WHERE name = N'dyd_app')
BEGIN
CREATE USER [dyd_app] FOR LOGIN [dyd_app];
PRINT 'User [dyd_app] created in [DYD_Prod].';
END
GO
-- Grant roles:
-- db_datareader — SELECT
-- db_datawriter — INSERT, UPDATE, DELETE
-- db_ddladmin — CREATE/ALTER/DROP (cho EF migrations)
ALTER ROLE db_datareader ADD MEMBER [dyd_app];
ALTER ROLE db_datawriter ADD MEMBER [dyd_app];
ALTER ROLE db_ddladmin ADD MEMBER [dyd_app];
PRINT 'Roles granted to [dyd_app].';
GO
-- 4. Verify
SELECT
DB_NAME() AS Database_Name,
USER_NAME() AS Current_User,
@@VERSION AS Server_Version;
GO
PRINT '';
PRINT '==========================================';
PRINT ' DONE — DYD_Prod ready.';
PRINT '==========================================';
PRINT '';
PRINT 'Connection string cho .NET (điền password đã tạo):';
PRINT 'Server=103.124.94.58,1433;Database=DYD_Prod;User Id=dyd_app;Password=<APP_DB_PASSWORD>;TrustServerCertificate=True;MultipleActiveResultSets=True;';
GO