tom/ansible_mariadb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

up version

Browse Source 
reorg
make it work on rocky
This commit is contained in:
Thomas Constans
2023-03-13 20:07:25 +01:00
parent dc6f9dd711
commit 1f5b63160e
5 changed files with 163 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
defaults/main.yml
View File

@@ -1,5 +1,5 @@
---
mariadb_version: 10.6.4
mariadb_version: 10.6.11
mariadb_data_dir: /var/lib/mysql
mariadb_root_home: /root
mariadb_user: mysql

155
tasks/main.yml
View File

@@ -1,154 +1,3 @@
---
- name: OS vars
include_vars: "{{ ansible_distribution|lower }}{{ ansible_distribution_major_version }}.yml"
tags: always
- name: install prerequisite
package:
name: "{{ packages_list }}"
state: present
- name: set some vars
set_fact:
mariadb_root_password: "{{ lookup( 'keepass', '{{ group_names[0]}}/{{ inventory_hostname }}_mysql', 'password' ) }}"
when: (mariadb_root_password is not defined) or (mariadb_root_password|length ==0)
- name: install on CentOS
block:
- name: install repo 1
get_url:
url: https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
dest: /tmp/configure_mariadb_repo
mode: 0700
- name: install repo 2
command: "/tmp/configure_mariadb_repo --os-type=rhel --os-version={{ ansible_distribution_major_version }} --skip-maxscale --mariadb-server-version={{ mariadb_version }}"
- name: install mariadb server package
package:
name:
- "mariadb"
- mariadb-server
state: present
- name: create datadir
file:
path: "{{ mariadb_data_dir }}"
state: directory
mode: 0700
owner: "{{ mariadb_user }}"
setype: mysqld_db_t
- name: initialize data dir
become: true
become_user: mysql
command: "/usr/bin/mysql_install_db --datadir={{ mariadb_data_dir }} --user={{ mariadb_user }}"
args:
creates: "{{ mariadb_data_dir }}/mysql"
when: ansible_os_family == 'RedHat'
- name: installa mariadb server package - debian
apt:
name: "{{ packages_list }}"
state: present
when: ansible_os_family == "Debian"
- name: setup logging
file:
path: "{{ mariadb_server_log }}"
state: touch
owner: mysql
group: "{{ admin_group }}"
mode: 0640
- name: setup logfile rotation
template:
src: mysql_logrotate
dest: /etc/logrotate.d/mysql.conf
- name: configure mariadb
ini_file:
path: /etc/my.cnf.d/server.cnf
section: mysqld
option: "{{ item.option }}"
value: "{{ item.value}}"
state: present
loop:
"{{ mariadb_server_settings }}"
notify: restart mysql
- name: activate and start mariadb service
systemd: name=mariadb enabled=true state=started
#Below tasks "stolen" from https://github.com/geerlingguy/ansible-role-mysql/
- name: Get list of hosts for the root user.
command: mysql -NBe "SELECT Host FROM mysql.user WHERE User = '{{ mariadb_root_username }}' ORDER BY (Host='localhost') ASC"
register: mariadb_root_hosts
changed_when: false
check_mode: no
- name: Update MySQL root password for localhost root account (5.7.x).
shell: >
mysql -u root -NBe
'ALTER USER "{{ mariadb_root_username }}"@"{{ item }}" IDENTIFIED BY "{{ mariadb_root_password }}";'
with_items: "{{ mariadb_root_hosts.stdout_lines|default([]) }}"
# Has to be after the root password assignment, for idempotency.
- name: Copy .my.cnf file with root password credentials.
template:
src: "root-my.cnf.j2"
dest: "{{ mariadb_root_home }}/.my.cnf"
owner: root
group: root
mode: 0600
- name: Disallow root login remotely and anonymous access
command: 'mysql -NBe "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
- DELETE FROM mysql.user WHERE User='{{ mariadb_root_username }}' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: false
- name: create root bin and backup dirs
file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: 0700
loop:
- "{{ mariadb_backup_dir }}"
- /root/bin
- name: deploy backup script
ansible.builtin.git:
repo: https://infra.opendoor.fr/git/tom/mysql_backup.git
dest: /root/bin
- name: backup script permissions
ansible.builtin.file:
path: /root/bin/mysql_backup/mysql_backup.sh
mode: 700
- name: backup script cron
cron:
name: mysql_backup
cron_file: mysql_backup
user: root
hour: "01"
minute: "00"
job: "/root/bin/mysql_backup/mysql_backup.sh {{ mariadb_backup_dir }}"
- name: install percona toolkit
yum:
name: https://downloads.percona.com/downloads/percona-toolkit/3.3.1/binary/redhat/{{ ansible_distribution }}/x86_64/percona-toolkit-3.3.1-1.el{{ ansible_distribution_major_version }}.x86_64.rpm
state: present
when: ansible_os_family == 'RedHat' and mariadb_use_percona
- name: clean up
file:
path: /var/lib/mysql/.ansible
state: absent
- import_tasks: mariadb.yml
tags: mariadb,mysql

142
tasks/mariadb.yml Normal file
View File

@@ -0,0 +1,142 @@
---
- name: OS vars
ansible.builtin.include_vars: "{{ ansible_distribution|lower }}{{ ansible_distribution_major_version }}.yml"
tags: always
- name: install prerequisite
ansible.builtin.package:
name: "{{ packages_list }}"
state: present
- name: set some vars
ansible.builtin.set_fact:
mariadb_root_password: "{{ lookup( 'viczem.keepass.keepass', '{{ group_names[0]}}/{{ inventory_hostname }}_mysql', 'password' ) }}"
when: (mariadb_root_password is not defined) or (mariadb_root_password|length ==0)
- name: install on CentOS
block:
- name: install repo
vars:
va: "{{ mariadb_version | ansible.builtin.split('.') }}"
ve: "{{ va[0] }}.{{ va[1] }}"
ansible.builtin.yum_repository:
name: mariadb
descrition: mariadb repo
baseurl: "https://downloads.mariadb.com/MariaDB/mariadb-{{ ve }}/yum/rhel/$releasever/$basearch"
src: mariadb.repo
dest: /etc/yum.repos.d/
gpgkey: https://mirrors.ircam.fr/pub/mariadb/yum/RPM-GPG-KEY-MariaDB
- name: install mariadb server package
ansible.builtin.package:
name:
- "mariadb"
- mariadb-server
state: present
when: ansible_os_family == 'RedHat'
- name: install mariadb server package - debian
ansible.builtin.package:
name: "{{ packages_list }}"
state: present
when: ansible_os_family == "Debian"
- name: setup logging
ansible.builtin.file:
path: "{{ mariadb_server_log }}"
state: touch
owner: mysql
group: "{{ admin_group }}"
mode: 0640
- name: setup logfile rotation
ansible.builtin.template:
src: mysql_logrotate
dest: /etc/logrotate.d/mysql.conf
- name: configure mariadb
ansible.builtin.ini_file:
path: /etc/my.cnf.d/server.cnf
section: mysqld
option: "{{ item.option }}"
value: "{{ item.value}}"
state: present
loop:
"{{ mariadb_server_settings }}"
notify: restart mysql
- name: activate and start mariadb service
ansible.builtin.systemd: name=mariadb enabled=true state=started
#Below tasks "stolen" from https://github.com/geerlingguy/ansible-role-mysql/
- name: Get list of hosts for the root user.
ansible.builtin.command: mysql -NBe "SELECT Host FROM mysql.user WHERE User = '{{ mariadb_root_username }}' ORDER BY (Host='localhost') ASC"
register: mariadb_root_hosts
changed_when: false
check_mode: no
- name: Update MySQL root password for localhost root account (5.7.x).
ansible.builtin.shell: >
mysql -u root -NBe
'ALTER USER "{{ mariadb_root_username }}"@"{{ item }}" IDENTIFIED BY "{{ mariadb_root_password }}";'
with_items: "{{ mariadb_root_hosts.stdout_lines|default([]) }}"
# Has to be after the root password assignment, for idempotency.
- name: Copy .my.cnf file with root password credentials.
ansible.builtin.template:
src: "root-my.cnf.j2"
dest: "{{ mariadb_root_home }}/.my.cnf"
owner: root
group: root
mode: 0600
- name: Disallow root login remotely and anonymous access
ansible.builtin.command: 'mysql -NBe "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
- DELETE FROM mysql.user WHERE User='{{ mariadb_root_username }}' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: false
- name: create root bin and backup dirs
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: 0700
loop:
- "{{ mariadb_backup_dir }}"
- /root/bin
- name: deploy backup script
ansible.builtin.git:
repo: https://infra.opendoor.fr/git/tom/mysql_backup.git
dest: /root/bin/mysql_backup
- name: backup script permissions
ansible.builtin.file:
path: /root/bin/mysql_backup/mysql_backup.sh
mode: 700
- name: backup script cron
ansible.builtin.cron:
name: mysql_backup
cron_file: mysql_backup
user: root
hour: "01"
minute: "00"
job: "/root/bin/mysql_backup/mysql_backup.sh {{ mariadb_backup_dir }}"
- name: install percona toolkit
ansible.builtin.package:
name: https://downloads.percona.com/downloads/percona-toolkit/3.3.1/binary/redhat/{{ ansible_distribution }}/x86_64/percona-toolkit-3.3.1-1.el{{ ansible_distribution_major_version }}.x86_64.rpm
state: present
when: ansible_os_family == 'RedHat' and mariadb_use_percona
- name: clean up
ansible.builtin.file:
path: /var/lib/mysql/.ansible
state: absent

15
templates/mariadb.repo Normal file
View File

@@ -0,0 +1,15 @@
[mariadb-main]
name = MariaDB Server
baseurl = https://dlm.mariadb.com/repo/mariadb-server/{{ mariadb_version }}/yum/rhel/{{ ansible_distribution_major_version }}/x86_64
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-Server-GPG-KEY
gpgcheck = 1
enabled = 1
module_hotfixes = 1
[mariadb-tools]
name = MariaDB Tools
baseurl = https://downloads.mariadb.com/Tools/rhel/{{ ansible_distribution_major_version }}/x86_64
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-Enterprise-GPG-KEY
gpgcheck = 1
enabled = 1

3
vars/rocky9.yml Normal file
View File

@@ -0,0 +1,3 @@
packages_list:
- python3-PyMySQL
admin_group: wheel