migration commit
This commit is contained in:
parent
f0bc56ba42
commit
24fabb8083
12 changed files with 378 additions and 3 deletions
5
README.MD
Normal file
5
README.MD
Normal file
|
@ -0,0 +1,5 @@
|
|||
# Mariadb role
|
||||
|
||||
This role covers deployment, configuration and software updates of MariaDB Server. This role is a fork of [https://github.com/deimosfr/ansible-mariadb](https://github.com/deimosfr/ansible-mariadb) vy **Pierre Mavro / deimosfr** and is released under GPL2 Licence. We give no warranty for this piece of software. Currently supported OS - Debian..
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
# mariadb
|
||||
|
||||
Ansible role to deploy, configure and maintain mariadb database servers.
|
113
defaults/main.yml
Normal file
113
defaults/main.yml
Normal file
|
@ -0,0 +1,113 @@
|
|||
---
|
||||
|
||||
# MariaDB repository
|
||||
mariadb_set_repository: True
|
||||
mariadb_version: 10.3
|
||||
mariadb_repo: 'deb http://ftp.nluug.nl/db/mariadb/repo/{{ mariadb_version }}/debian {{ansible_distribution_release }} main'
|
||||
mariadb_repo_key_id: '0xF1656F24C74CD1D8'
|
||||
mariadb_repo_key_url: 'keyserver.ubuntu.com'
|
||||
|
||||
# MariaDB Packages
|
||||
mariadb_package_client: mariadb-client
|
||||
mariadb_package_server: mariadb-server
|
||||
|
||||
# MariaDB service
|
||||
mariadb_manage_service: True
|
||||
mariadb_service_name: mysql
|
||||
|
||||
# MariaDB/MySQL tools
|
||||
mariadb_install_tools: False
|
||||
|
||||
# MariaDB users
|
||||
mariadb_user_home: /root
|
||||
mariadb_root_username: root
|
||||
mariadb_root_password: root
|
||||
mariadb_debsysmaint_password:
|
||||
mariadb_client_port: 3306
|
||||
#mariadb_uid: '' #uncomment and define if you use non-standard uid
|
||||
#mariadb_gid: '' #uncomment and define if you use non-standard gid
|
||||
|
||||
# MariaDB Configuration
|
||||
mariadb_configuration: /etc/mysql/my.cnf
|
||||
mariadb_includedir: /etc/mysql/conf.d/
|
||||
|
||||
# Configuration vars
|
||||
mariadb_datadir: /var/lib/mysql
|
||||
|
||||
mariadb_default_config:
|
||||
- name: 'client'
|
||||
config:
|
||||
- port = {{mariadb_client_port}}
|
||||
- socket = /var/run/mysqld/mysqld.sock
|
||||
- name: 'mysqld_safe'
|
||||
config:
|
||||
- safe_socket = /var/run/mysqld/mysqld.sock
|
||||
- safe_nice = 0
|
||||
- name: 'mysqld'
|
||||
config:
|
||||
- user = mysql
|
||||
- pid_file = /var/run/mysqld/mysqld.pid
|
||||
- socket = /var/run/mysqld/mysqld.sock
|
||||
- port = 3306
|
||||
- basedir = /usr
|
||||
- datadir = "{{mariadb_datadir}}"
|
||||
- tmpdir = /tmp
|
||||
- skip_external_locking = True
|
||||
- bind_address = 127.0.0.1
|
||||
- key_buffer = 16M
|
||||
- max_allowed_packet = 16M
|
||||
- thread_stack = 192K
|
||||
- thread_cache_size = 8
|
||||
- myisam_recover = BACKUP
|
||||
- max_connections = 1000
|
||||
- query_cache_limit = 1M
|
||||
- query_cache_size = 16M
|
||||
- general_log_file = /var/log/mysql/mysql.log
|
||||
- general_log = 0
|
||||
- slow_query_log = 0
|
||||
- slow_query_log_file = /var/log/mysql/mysql-slow.log
|
||||
- long_query_time = 1
|
||||
- log_queries_not_using_indexes = False
|
||||
- default_storage_engine = InnoDB
|
||||
- innodb_buffer_pool_size = 128M
|
||||
- innodb_log_file_size = 128M
|
||||
- innodb_log_buffer_size = 8M
|
||||
- innodb_thread_concurrency = 64
|
||||
- innodb_read_io_threads = 16
|
||||
- innodb_write_io_threads = 16
|
||||
- innodb_file_per_table = 1
|
||||
- innodb_open_files = 400
|
||||
- innodb_io_capacity = 600
|
||||
- innodb_lock_wait_timeout = 60
|
||||
- innodb_flush_method = O_DIRECT
|
||||
- innodb_doublewrite = 0
|
||||
- innodb_use_native_aio = 0
|
||||
- server_id = 1
|
||||
- log_bin = /var/log/mysql/mysql-bin.log
|
||||
- expire_logs_days = 10
|
||||
- max_binlog_size = 100M
|
||||
- name: 'mysqldump'
|
||||
config:
|
||||
- quick
|
||||
- quotes-names
|
||||
- max_allowed_packet = 16M
|
||||
- name: 'isamchk'
|
||||
config:
|
||||
- key_buffer = 16M
|
||||
|
||||
# Databases
|
||||
# mariadb_databases:
|
||||
# - { name: example, collation: utf8_general_ci, encoding: utf8, replicate: 1 }
|
||||
mariadb_databases: []
|
||||
|
||||
# Users
|
||||
# mariadb_users:
|
||||
# - { name: example, host: 127.0.0.1, password: secret, priv: *.*:USAGE }
|
||||
mariadb_users: []
|
||||
|
||||
#APT
|
||||
mariadb_apt_deps:
|
||||
- ca-certificates
|
||||
- apt-transport-https
|
||||
- dialog
|
||||
- dirmngr
|
16
handlers/main.yml
Normal file
16
handlers/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
|
||||
- name: restart mariadb
|
||||
systemd:
|
||||
name: "{{ mariadb_service_name }}"
|
||||
state: restarted
|
||||
|
||||
- name: start mariadb
|
||||
systemd:
|
||||
name: "{{ mariadb_service_name }}"
|
||||
state: started
|
||||
|
||||
- name: stop mariadb
|
||||
systemd:
|
||||
name: "{{ mariadb_service_name }}"
|
||||
state: stopped
|
158
tasks/configure.yml
Normal file
158
tasks/configure.yml
Normal file
|
@ -0,0 +1,158 @@
|
|||
---
|
||||
|
||||
# Manage permissions
|
||||
# need to stop mariadb to change uid/gid
|
||||
- meta: flush_handlers
|
||||
|
||||
# be sure all folders exists before resting permissions
|
||||
- name: '[Configure] - Ensure /run/mysqld folder exists'
|
||||
file:
|
||||
path: /run/mysqld
|
||||
owner: mysql
|
||||
group: mysql
|
||||
mode: 0755
|
||||
state: directory
|
||||
|
||||
# reseting permissions
|
||||
- name: '[Configure] - reset mariadb data folder and subfolder to new uid'
|
||||
shell: 'find {{ item }} -user mysql -exec chown {{ mariadb_uid }}:{{ mariadb_gid }} {} \;'
|
||||
with_items:
|
||||
- "{{ mariadb_datadir }}"
|
||||
- /run/mysqld
|
||||
- /var/run/mysqld
|
||||
when: mariadb_uid is defined or mariadb_gid is defined
|
||||
changed_when: false
|
||||
|
||||
- name: '[Configure] - reset mariadb log folder and subfolder to new uid'
|
||||
file:
|
||||
path: /var/log/mysql
|
||||
owner: "{{ mariadb_uid }}"
|
||||
group: adm
|
||||
recurse: yes
|
||||
state: directory
|
||||
when: mariadb_uid is defined
|
||||
|
||||
- name: '[Configure] - set mariadb user uid'
|
||||
user:
|
||||
name: mysql
|
||||
uid: "{{ mariadb_uid }}"
|
||||
state: present
|
||||
when: mariadb_uid is defined
|
||||
|
||||
- name: '[Configure] - set mariadb user gid'
|
||||
group:
|
||||
name: mysql
|
||||
gid: "{{ mariadb_gid }}"
|
||||
state: present
|
||||
when: mariadb_gid is defined
|
||||
|
||||
- name: '[Configure] - check datadir/mysql is present'
|
||||
stat:
|
||||
path: "{{mariadb_datadir}}/mysql"
|
||||
register: datadir_is_ok
|
||||
|
||||
# build default tables if absent
|
||||
- name: '[Configure] - create default databases if not exist'
|
||||
command: mysql_install_db --user=mysql --ldata={{mariadb_datadir}}
|
||||
when: datadir_is_ok.stat.exists == False
|
||||
|
||||
- name: '[Configure] - start temporary mariadb'
|
||||
shell: "mysqld_safe --datadir={{mariadb_datadir}} --user=mysql & echo $!"
|
||||
register: mariadb_temp_instance
|
||||
when: datadir_is_ok.stat.exists == False
|
||||
|
||||
- name: '[Configure] - set .my.cnf root blank password for temporary mariadb'
|
||||
lineinfile:
|
||||
dest: /root/.my.cnf
|
||||
regexp: '^password='
|
||||
line: 'password='
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0600
|
||||
when: datadir_is_ok.stat.exists == False
|
||||
|
||||
- name: '[Configure] - start mariadb'
|
||||
systemd:
|
||||
name: mysql
|
||||
state: started
|
||||
when: datadir_is_ok.stat.exists
|
||||
|
||||
- meta: flush_handlers
|
||||
|
||||
# reset debian-sys-maint user password
|
||||
- name: '[Configure] - set debian-sys-maint user account'
|
||||
mysql_user:
|
||||
name: 'debian-sys-maint'
|
||||
password: "{{mariadb_debsysmaint_password}}"
|
||||
priv: '*.*:ALL'
|
||||
state: present
|
||||
when: mariadb_debsysmaint_password is defined and mariadb_debsysmaint_password
|
||||
|
||||
- name: '[Configure] - set debian-sys-maint configuration file'
|
||||
template:
|
||||
src: debian.cnf.j2
|
||||
dest: /etc/mysql/debian.cnf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0600
|
||||
backup: yes
|
||||
when: mariadb_debsysmaint_password is defined and mariadb_debsysmaint_password
|
||||
|
||||
# kill temp mariadb if present
|
||||
- name: '[Configure] - exit temporary started'
|
||||
command: kill {{ mariadb_temp_instance.stdout_lines[0] }}
|
||||
when: datadir_is_ok.stat.exists == False
|
||||
|
||||
- name: '[Configure] -v start mariadb'
|
||||
systemd:
|
||||
name: mysql
|
||||
state: started
|
||||
|
||||
- meta: flush_handlers
|
||||
|
||||
- name: '[Configure] - update mariadb root password for all root accounts'
|
||||
mysql_user:
|
||||
name: "root"
|
||||
host: "{{ item }}"
|
||||
password: "{{ mariadb_root_password }}"
|
||||
with_items:
|
||||
- 127.0.0.1
|
||||
- ::1
|
||||
- localhost
|
||||
|
||||
- name: '[Configure] - setting mariadb configuration'
|
||||
template:
|
||||
src: my.cnf.j2
|
||||
dest: "{{mariadb_configuration}}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0640
|
||||
backup: yes
|
||||
notify: restart mariadb
|
||||
|
||||
- name: '[Configure] - copy .my.cnf file with root password credentials'
|
||||
template:
|
||||
src: "home_my.cnf.j2"
|
||||
dest: "{{ mariadb_user_home }}/.my.cnf"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0600
|
||||
|
||||
# clean default unsecure data
|
||||
- name: '[Configure] - remove anonymous mariadb user'
|
||||
mysql_user:
|
||||
name: ''
|
||||
state: 'absent'
|
||||
|
||||
- name: '[Configure] - remove mariadb test database'
|
||||
mysql_db:
|
||||
name: 'test'
|
||||
state: 'absent'
|
||||
|
||||
- name: '[Configure] - ensure mariadb is started and enabled on boot'
|
||||
systemd:
|
||||
name: "{{ mariadb_service_name }}"
|
||||
state: started
|
||||
enabled: yes
|
||||
when: mariadb_manage_service
|
||||
changed_when: false
|
10
tasks/databases.yml
Normal file
10
tasks/databases.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
|
||||
- name: '[Databases] - create MariaDB databases'
|
||||
mysql_db:
|
||||
name: "{{ item.name }}"
|
||||
collation: "{{ item.collation | default('utf8_general_ci') }}"
|
||||
encoding: "{{ item.encoding | default('utf8') }}"
|
||||
state: present
|
||||
with_items: "{{mariadb_databases}}"
|
||||
when: mariadb_databases|length > 0
|
33
tasks/install.yml
Normal file
33
tasks/install.yml
Normal file
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
|
||||
# Install packages
|
||||
|
||||
- name: '[APT] - Install dependencies'
|
||||
apt:
|
||||
name: "{{ mariadb_apt_deps }}"
|
||||
update_cache: yes
|
||||
|
||||
- name: '[APT] - Add official MariaDB apt key'
|
||||
apt_key:
|
||||
id: "{{mariadb_repo_key_id}}"
|
||||
keyserver: "{{mariadb_repo_key_url}}"
|
||||
state: present
|
||||
when: mariadb_set_repository
|
||||
|
||||
- name: '[APT] - setup official MariaDB repository'
|
||||
apt_repository:
|
||||
repo: "{{ mariadb_repo }}"
|
||||
state: present
|
||||
filename: 'mariadb'
|
||||
update_cache: yes
|
||||
when: mariadb_set_repository
|
||||
|
||||
- name: '[APT] - installing MariaDB packages'
|
||||
apt:
|
||||
name:
|
||||
- "{{ mariadb_package_client }}"
|
||||
- "{{ mariadb_package_server }}"
|
||||
- python-mysqldb
|
||||
state: present
|
||||
update_cache: yes
|
||||
notify: stop mariadb
|
6
tasks/main.yml
Normal file
6
tasks/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
|
||||
- include: install.yml
|
||||
- include: configure.yml
|
||||
- include: databases.yml
|
||||
- include: users.yml
|
11
tasks/users.yml
Normal file
11
tasks/users.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
|
||||
- name: '[Users] - add MariaDB users accounts'
|
||||
mysql_user:
|
||||
name: "{{ item.name }}"
|
||||
password: "{{ item.password }}"
|
||||
priv: "{{ item.priv }}"
|
||||
host: "{{ item.host }}"
|
||||
state: "{{ item.state | default('present') }}"
|
||||
with_items: "{{ mariadb_users }}"
|
||||
when: mariadb_users|length > 0
|
13
templates/debian.cnf.j2
Normal file
13
templates/debian.cnf.j2
Normal file
|
@ -0,0 +1,13 @@
|
|||
# {{ ansible_managed }}
|
||||
# Automatically generated for Debian scripts. DO NOT TOUCH!
|
||||
[client]
|
||||
host = localhost
|
||||
user = debian-sys-maint
|
||||
password = {{ mariadb_debsysmaint_password }}
|
||||
socket = /var/run/mysqld/mysqld.sock
|
||||
[mysql_upgrade]
|
||||
host = localhost
|
||||
user = debian-sys-maint
|
||||
password = {{ mariadb_debsysmaint_password }}
|
||||
socket = /var/run/mysqld/mysqld.sock
|
||||
basedir = /usr
|
4
templates/home_my.cnf.j2
Normal file
4
templates/home_my.cnf.j2
Normal file
|
@ -0,0 +1,4 @@
|
|||
[client]
|
||||
user={{ mariadb_root_username }}
|
||||
password={{ mariadb_root_password }}
|
||||
port={{ mariadb_client_port }}
|
9
templates/my.cnf.j2
Normal file
9
templates/my.cnf.j2
Normal file
|
@ -0,0 +1,9 @@
|
|||
# {{ ansible_managed }}
|
||||
{% for section in mariadb_default_config %}
|
||||
[{{ section.name }}]
|
||||
{% for item in section.config %}
|
||||
{{ item }}
|
||||
{% endfor %}
|
||||
|
||||
{% endfor %}
|
||||
!includedir {{ mariadb_includedir }}
|
Loading…
Reference in a new issue