[Feature] add a page about using the H2 database

[pjfanning]

Feature Request

There is a page about MySQL.
https://hertzbeat.apache.org/docs/help/mysql/

From the mailing lists, there is evidence that some users are using Hertzbeat with H2 databases.

H2 Database is not meant to be used in production environments and has dangerous functionality that allows users to run scripts that can run raw Java commands - including very dangerous Java commands.

I would suggest that you read https://h2database.com/html/security.html - the really worrying bit is the 'CREATE ALIAS' bit. With CREATE ALIAS support, you let malicious users get full access to the Hertzbeat server and run shell commands.

Can we add a page that tells users that H2 support in Hertzbeat is meant for testing in sandboxed environment and it isn't meant for production?

Is your feature request related to a problem? Please describe

No response

Describe the solution you'd like

No response

Describe alternatives you've considered

No response

Additional context

No response

[tomsun28]

Hi yes currently there is only documentation for mysql postgresql. https://hertzbeat.apache.org/docs/start/mysql-change We will add an h2-related document and note that h2 is limited to the trial test environment only.

[kachida]

@tomsun28 , I'm interseted, could you kindly assign me this task.