tom/ansible_mariadb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
acd3223ba34f536efc95bda535e38db48b5d3aba
ansible_mariadb/tasks/mariadb.yml

138 lines
4.4 KiB
YAML
Raw Blame History

---
- name: OS vars
ansible.builtin.include_vars: "{{ ansible_distribution|lower }}{{ ansible_distribution_major_version }}.yml"
tags: always
- name: install prerequisite
ansible.builtin.package:
name: "{{ packages_list }}"
state: present
- name: set some vars
ansible.builtin.set_fact:
mariadb_root_password: "{{ lookup( 'viczem.keepass.keepass', '{{ group_names[0]}}/{{ inventory_hostname }}_mysql', 'password' ) }}"
when: (mariadb_root_password is not defined) or (mariadb_root_password|length ==0)
- name: install on CentOS
when: ansible_os_family == 'RedHat'
block:
- name: install repo
vars:
va: "{{ mariadb_version | ansible.builtin.split('.') }}"
ve: "{{ va[0] }}.{{ va[1] }}"
ansible.builtin.yum_repository:
name: mariadb
descrition: mariadb repo
baseurl: "https://downloads.mariadb.com/MariaDB/mariadb-{{ ve }}/yum/rhel/$releasever/$basearch"
src: mariadb.repo
dest: /etc/yum.repos.d/
gpgkey: https://mirrors.ircam.fr/pub/mariadb/yum/RPM-GPG-KEY-MariaDB
- name: install mariadb server package
ansible.builtin.package:
name:
- "mariadb"
- mariadb-server
state: present
- name: setup logging
when: ansible_os_family == 'RedHat'
ansible.builtin.file:
path: "{{ mariadb_server_log }}"
state: touch
owner: mysql
group: "{{ admin_group }}"
mode: 0640
- name: setup logfile rotation
when: ansible_os_family == 'RedHat'
ansible.builtin.template:
src: mysql_logrotate
dest: /etc/logrotate.d/mysql.conf
- name: configure mariadb
ansible.builtin.ini_file:
path: /etc/my.cnf.d/server.cnf
section: mysqld
option: "{{ item.option }}"
value: "{{ item.value}}"
state: present
loop:
"{{ mariadb_server_settings }}"
notify: restart mysql
- name: activate and start mariadb service
ansible.builtin.systemd: name=mariadb enabled=true state=started
#Below tasks "stolen" from https://github.com/geerlingguy/ansible-role-mysql/
- name: Get list of hosts for the root user.
ansible.builtin.command: mysql -NBe "SELECT Host FROM mysql.user WHERE User = '{{ mariadb_root_username }}' ORDER BY (Host='localhost') ASC"
register: mariadb_root_hosts
changed_when: false
check_mode: no
- name: Update MySQL root password for localhost root account (5.7.x).
ansible.builtin.shell: >
mysql -u root -NBe
'ALTER USER "{{ mariadb_root_username }}"@"{{ item }}" IDENTIFIED BY "{{ mariadb_root_password }}";'
with_items: "{{ mariadb_root_hosts.stdout_lines|default([]) }}"
# Has to be after the root password assignment, for idempotency.
- name: Copy .my.cnf file with root password credentials.
ansible.builtin.template:
src: "root-my.cnf.j2"
dest: "{{ mariadb_root_home }}/.my.cnf"
owner: root
group: root
mode: 0600
- name: Disallow root login remotely and anonymous access
ansible.builtin.command: 'mysql -NBe "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
- DELETE FROM mysql.user WHERE User='{{ mariadb_root_username }}' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: false
- name: create root bin and backup dirs
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: 0700
loop:
- "{{ mariadb_backup_dir }}"
- /root/bin
- name: deploy backup script
ansible.builtin.git:
repo: https://infra.opendoor.fr/git/tom/mysql_backup.git
dest: /root/bin/mysql_backup
- name: backup script permissions
ansible.builtin.file:
path: /root/bin/mysql_backup/mysql_backup.sh
mode: 700
- name: backup script cron
ansible.builtin.cron:
name: mysql_backup
cron_file: mysql_backup
user: root
hour: "01"
minute: "00"
job: "/root/bin/mysql_backup/mysql_backup.sh {{ mariadb_backup_dir }}"
- name: install percona toolkit
ansible.builtin.package:
name: https://downloads.percona.com/downloads/percona-toolkit/3.3.1/binary/redhat/{{ ansible_distribution }}/x86_64/percona-toolkit-3.3.1-1.el{{ ansible_distribution_major_version }}.x86_64.rpm
state: present
when: ansible_os_family == 'RedHat' and mariadb_use_percona
- name: clean up
ansible.builtin.file:
path: /var/lib/mysql/.ansible
state: absent
Reference in New Issue View Git Blame Copy Permalink