tom/ansible_mariadb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

mariadb: initial commit

Browse Source
This commit is contained in:
Thomas Constans
2021-10-18 17:42:25 +02:00
commit 7c9285ce17
9 changed files with 192 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README Normal file
View File

@@ -0,0 +1,10 @@
install and configure mariadb on CentOS 7
variables:
mariadb_data_dir - default /var/lib/mysql
mariadb_user - default mysql
mariadb_root_password - lookup from group_names[0]}}/{{ inventory_hostname }}_mysql
mariadb_root_home - default /root
mariadb_root_username - default root
mariadb_backup_dir - directory where backups will be stored

21
defaults/main.yml Normal file
View File

@@ -0,0 +1,21 @@
---
mariadb_data_dir: /var/lib/mysql
mariadb_root_home: /root
mariadb_user: mysql
mariadb_root_username: root
mariadb_server_log: /var/log/mysqld.log
mariadb_backup_dir: /srv/Backups/mysql
mariadb_server_settings:
- { option: "datadir", value: "{{mariadb_data_dir }}" }
- { option: "max_allowed_packet", value: "64M" }
- { option: "query_cache_size", value: "0" }
- { option: "join_buffer_size", value: "1M" }
- { option: "tmp_table_size", value: "32M" }
- { option: "max_heap_table_size", value: "32M" }
- { option: "performance_schema", value: "ON" }
- { option: "innodb_buffer_pool_size", value: "4G" }
- { option: "innodb_log_file_size",value: "1G" }
- { option: "log-error", value: "{{ mariadb_server_log }}" }
- { option: "log-bin", value: "{{ mariadb_data_dir }}/log-bin" }
- { option: "expire_logs_days", value: "7" }
- { option: "max_binlog_size", value: "1G" }

5
handlers/main.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: restart mysql
service:
name: mysql
state: restarted

134
tasks/main.yml Normal file
View File

@@ -0,0 +1,134 @@
---
- name: OS vars
include_vars: "{{ ansible_distribution|lower }}.yml"
- name: install prerequisite
package:
name: "{{ packages_list }}"
state: present
- name: set some vars
set_fact:
mariadb_root_password: "{{ lookup( 'keepass', '{{ group_names[0]}}/{{ inventory_hostname }}_mysql', 'password' ) }}"
- name: install on CentOS
block:
- name: install repo 1
get_url:
url: https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
dest: /tmp/configure_mariadb_repo
mode: 0700
- name: install repo 2
command: /tmp/configure_mariadb_repo --os-type=rhel --os-version=7 --skip-maxscale
- name: install mariadb server package
yum:
name:
- "mariadb"
- mariadb-server
state: present
- name: create datadir
file:
path: "{{ mariadb_data_dir }}"
state: directory
mode: 0700
owner: "{{ mariadb_user }}"
setype: mysqld_db_t
when: ansible_distribution == "CentOS"
- name: initialize data dir
become: true
become_user: mysql
command: "/usr/bin/mysql_install_db --datadir={{ mariadb_data_dir }} --user={{ mariadb_user }}"
args:
creates: "{{ mariadb_data_dir }}/mysql"
- name: setup logging
file:
path: "{{ mariadb_server_log }}"
state: touch
owner: mysql
group: "{{ admin_group }}"
mode: 0640
- name: setup logfile rotation
template:
src: mysql_logrotate
dest: /etc/logrotate.d/mysql.conf
- name: configure mariadb
ini_file:
path: /etc/my.cnf.d/server.cnf
section: mysqld
option: "{{ item.option }}"
value: "{{ item.value}}"
state: present
loop:
"{{ mariadb_server_settings }}"
notify: restart mysql
- name: activate and start mariadb service
systemd: name=mariadb enabled=true state=started
#Below tasks "stolen" from https://github.com/geerlingguy/ansible-role-mysql/
- name: Get list of hosts for the root user.
command: mysql -NBe "SELECT Host FROM mysql.user WHERE User = '{{ mariadb_root_username }}' ORDER BY (Host='localhost') ASC"
register: mariadb_root_hosts
changed_when: false
check_mode: no
- name: Update MySQL root password for localhost root account (5.7.x).
shell: >
mysql -u root -NBe
'ALTER USER "{{ mariadb_root_username }}"@"{{ item }}" IDENTIFIED BY "{{ mariadb_root_password }}";'
with_items: "{{ mariadb_root_hosts.stdout_lines|default([]) }}"
# Has to be after the root password assignment, for idempotency.
- name: Copy .my.cnf file with root password credentials.
template:
src: "root-my.cnf.j2"
dest: "{{ mariadb_root_home }}/.my.cnf"
owner: root
group: root
mode: 0600
- name: Disallow root login remotely and anonymous access
command: 'mysql -NBe "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
- DELETE FROM mysql.user WHERE User='{{ mariadb_root_username }}' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: false
- name: create root bin and backup dirs
file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: 0700
loop:
- "{{ mariadb_backup_dir }}"
- /root/bin
- name: deploy backup script
copy:
src: /home/tom/Documents/Opendoor/Developpement/Scripts/MySQL/mysql_backup.sh
dest: /root/bin
mode: 0700
- name: backup script cron
cron:
name: mysql_backup
cron_file: mysql_backup
user: root
hour: "01"
minute: "00"
job: "/root/bin/mysql_backup.sh {{ mariadb_backup_dir }}"
- name: install percona toolkit
yum:
name: https://www.percona.com/downloads/percona-toolkit/3.1.0/binary/redhat/7/x86_64/percona-toolkit-3.1.0-2.el7.x86_64.rpm
state: present
when: ansible_distribution == 'CentOS'

1
templates/init_root_password.ini Normal file
View File

@@ -0,0 +1 @@
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('{{ mysql_root_password }}') ;

8
templates/mysql_logrotate Normal file
View File

@@ -0,0 +1,8 @@
{{ mariadb_server_log }} {
daily
rotate 7
create 0640 mysql wheel
postrotate
/usr/bin/mysqladmin flush-logs
endscript
}

4
templates/root-my.cnf.j2 Normal file
View File

@@ -0,0 +1,4 @@
[client]
host=localhost
user={{ mariadb_root_username }}
password={{ mariadb_root_password }}

4
vars/centos.yml Normal file
View File

@@ -0,0 +1,4 @@
packages_list:
- MySQL-python
admin_group: wheel

5
vars/debian.yml Normal file
View File

@@ -0,0 +1,5 @@
packages_list:
- mariadb-server
- python-pymysql
admin_group: adm