Updates to many roles, including main user role to allow setting an alternate home directory
This commit is contained in:
20
db/mysql-percona/tasks/check-settings.yml
Normal file
20
db/mysql-percona/tasks/check-settings.yml
Normal file
@@ -0,0 +1,20 @@
|
||||
---
|
||||
|
||||
- name: "Check if percona-server is installed"
|
||||
shell: dpkg -l | grep -i percona-server-server
|
||||
ignore_errors: yes
|
||||
register: percona_server_is_installed
|
||||
|
||||
- name: "Check for innodb_log_file_size setting (Ubuntu)"
|
||||
shell:
|
||||
cmd: grep -E ^innodb_log_file_size /etc/mysql/my.cnf | awk -F= '{ print $2}' | sed 's/\s//g'
|
||||
removes: "/etc/mysql/my.cnf"
|
||||
register: configured_innodb_log_file_size
|
||||
|
||||
- name: "Abort when innodb_log_file_size changes"
|
||||
fail:
|
||||
msg: "The existing MySQL server has innodb_log_file_size={{ configured_innodb_log_file_size.stdout }}, but your are trying to set it to {{ mysql_innodb_log_file_size }}. Please, change this value for the variable in either ansible or the server itself. See: https://dev.mysql.com/doc/refman/5.6/en/innodb-redo-log.html"
|
||||
when:
|
||||
- percona_server_is_installed.stdout|trim != ""
|
||||
- not configured_innodb_log_file_size.stdout | regex_search('^skipped')
|
||||
- configured_innodb_log_file_size.stdout != mysql_innodb_log_file_size
|
||||
26
db/mysql-percona/tasks/configure.yml
Normal file
26
db/mysql-percona/tasks/configure.yml
Normal file
@@ -0,0 +1,26 @@
|
||||
---
|
||||
|
||||
- name: "Update the my.cnf"
|
||||
template: "src=etc_mysql_my.cnf.j2 dest=/etc/mysql/my.cnf owner=root mode=0644"
|
||||
register: "config_file"
|
||||
notify:
|
||||
- "Restart percona"
|
||||
|
||||
- name: "Ensure that percona is running and enabled"
|
||||
service:
|
||||
name: "mysql"
|
||||
state: "started"
|
||||
enabled: "yes"
|
||||
register: mysql_service
|
||||
|
||||
# This service restart is needed when changing default mysql_datadir, mysql_native_password
|
||||
# and other settings. So better restart when the my.cnf file changes
|
||||
# Restart when my.cnf has changed and it has not been restarted by the above task
|
||||
- name: "Restart mysql to apply changes done in my.cnf file"
|
||||
service:
|
||||
name: "mysql"
|
||||
state: "restarted"
|
||||
when:
|
||||
- config_file.changed
|
||||
- mysql_service is defined
|
||||
- not mysql_service.changed
|
||||
92
db/mysql-percona/tasks/install.yml
Normal file
92
db/mysql-percona/tasks/install.yml
Normal file
@@ -0,0 +1,92 @@
|
||||
---
|
||||
# (do not put quotes on key id, for some reason it won't work)
|
||||
- name: "Obtaining percona public key"
|
||||
apt_key:
|
||||
keyserver: "keyserver.ubuntu.com"
|
||||
id: 9334A25F8507EFA5
|
||||
|
||||
- name: "Adding percona repository"
|
||||
apt_repository:
|
||||
repo: "deb http://repo.percona.com/apt {{ ansible_distribution_release }} main"
|
||||
state: "present"
|
||||
|
||||
- name: "Update apt cache"
|
||||
apt:
|
||||
update_cache: yes
|
||||
cache_valid_time: 300
|
||||
|
||||
- name: "Install percona-release package (Percona version >= 8)"
|
||||
apt:
|
||||
deb: "https://repo.percona.com/apt/percona-release_latest.{{ ansible_distribution_release }}_all.deb"
|
||||
when: mysql_version_major|int >= 8
|
||||
|
||||
# https://www.percona.com/doc/percona-server/LATEST/installation/apt_repo.html
|
||||
- name: "Enable Percona repository (Percona version >= 8)"
|
||||
command: "percona-release setup ps{{ mysql_version_major }}{{ mysql_version_minor }}"
|
||||
when: mysql_version_major|int >= 8
|
||||
|
||||
- name: "Install python-is-python3 (Ubuntu >= Focal/20.04)"
|
||||
apt:
|
||||
name: "python-is-python3"
|
||||
when:
|
||||
- ansible_distribution_version is version_compare('20.04', '>=')
|
||||
|
||||
- name: "Get the major version of python used to run ansible"
|
||||
command: "{{ ansible_python_interpreter | default('/usr/bin/python') }} -c 'import sys; print(sys.version_info.major)'"
|
||||
register: ansible_python_major
|
||||
changed_when: false
|
||||
|
||||
- debug:
|
||||
msg: "ansible_python_interpreter major version: {{ ansible_python_major.stdout }}"
|
||||
|
||||
- name: "Install package dependencies for ansible MySQL modules (python 2)"
|
||||
apt:
|
||||
name: "python-mysqldb"
|
||||
when:
|
||||
- ansible_python_major.stdout == "2"
|
||||
|
||||
- name: "Install package dependencies for ansible MySQL modules (python 3)"
|
||||
apt:
|
||||
name: "python3-mysqldb"
|
||||
when:
|
||||
- ansible_python_major.stdout == "3"
|
||||
|
||||
- name: "Install percona packages and dependencies on Ubuntu (Percona version < 8)"
|
||||
apt:
|
||||
name:
|
||||
- "percona-server-server-{{ mysql_version_major }}.{{ mysql_version_minor }}"
|
||||
- "percona-server-client-{{ mysql_version_major }}.{{ mysql_version_minor }}"
|
||||
- "percona-toolkit"
|
||||
- "percona-xtrabackup"
|
||||
state: "present"
|
||||
when: mysql_version_major|int < 8
|
||||
|
||||
- name: "Install | configure debconf for version 8.0 (Use Legacy Authentication Method)"
|
||||
debconf:
|
||||
name: 'percona-server-server'
|
||||
question: 'percona-server-server/default-auth-override'
|
||||
value: 'Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)'
|
||||
vtype: select
|
||||
changed_when: false
|
||||
when:
|
||||
- mysql_version_major|int >= 8
|
||||
- mysql_default_authentication_plugin is defined
|
||||
- mysql_default_authentication_plugin == "mysql_native_password"
|
||||
|
||||
- name: "Install percona packages and dependencies on Ubuntu (Percona version >= 8)"
|
||||
apt:
|
||||
name:
|
||||
- "percona-server-server={{ mysql_version_major }}.{{ mysql_version_minor }}*"
|
||||
- "percona-server-client={{ mysql_version_major }}.{{ mysql_version_minor }}*"
|
||||
- "percona-toolkit"
|
||||
- "percona-xtrabackup-80"
|
||||
state: "present"
|
||||
when: mysql_version_major|int >= 8
|
||||
|
||||
- name: "Adjust permissions of datadir"
|
||||
file:
|
||||
path: "{{ mysql_datadir }}"
|
||||
owner: "mysql"
|
||||
group: "mysql"
|
||||
mode: 0700
|
||||
state: "directory"
|
||||
6
db/mysql-percona/tasks/main.yml
Normal file
6
db/mysql-percona/tasks/main.yml
Normal file
@@ -0,0 +1,6 @@
|
||||
---
|
||||
- include: check-settings.yml
|
||||
- include: install.yml
|
||||
- include: configure.yml
|
||||
- include: secure.yml
|
||||
- include: users.yml
|
||||
35
db/mysql-percona/tasks/secure.yml
Normal file
35
db/mysql-percona/tasks/secure.yml
Normal file
@@ -0,0 +1,35 @@
|
||||
---
|
||||
- name: "Copy .my.cnf file into the root home folder"
|
||||
template:
|
||||
src: root-my-cnf.j2
|
||||
dest: /root/.my.cnf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0600
|
||||
|
||||
- name: "Set the root password"
|
||||
mysql_user:
|
||||
name: root
|
||||
host: "{{ item }}"
|
||||
password: "{{ mysql_root_password }}"
|
||||
check_implicit_admin: yes
|
||||
state: present
|
||||
with_items:
|
||||
- "{{ ansible_hostname }}"
|
||||
- "127.0.0.1"
|
||||
- "::1"
|
||||
- "localhost"
|
||||
|
||||
- name: "Ensure anonymous users are not in the database"
|
||||
mysql_user:
|
||||
name: ''
|
||||
host: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
- "{{ ansible_hostname }}"
|
||||
- "localhost"
|
||||
|
||||
- name: "Remove the test database"
|
||||
mysql_db:
|
||||
name: test
|
||||
state: absent
|
||||
11
db/mysql-percona/tasks/users.yml
Normal file
11
db/mysql-percona/tasks/users.yml
Normal file
@@ -0,0 +1,11 @@
|
||||
---
|
||||
|
||||
- name: "Make sure the MySQL users are present"
|
||||
mysql_user:
|
||||
name: "{{ item.name }}"
|
||||
password: "{{ item.pass | default('techie') }}"
|
||||
priv: "{{ item.priv | default('*.*:ALL') }}"
|
||||
state: "present"
|
||||
host: "{{ item.host | default('%') }}"
|
||||
with_items: "{{ mysql_users }}"
|
||||
no_log: "true"
|
||||
Reference in New Issue
Block a user