forked from evolix/ansible-roles
mysql: improve Bullseye compatibility
This commit is contained in:
parent
4c52719561
commit
3de5de5304
|
@ -34,6 +34,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
* listupgrade: crontab is configurable
|
* listupgrade: crontab is configurable
|
||||||
* logstash: logging to syslog is configurable (default: True)
|
* logstash: logging to syslog is configurable (default: True)
|
||||||
* mongodb: create munin plugins directory if missing
|
* mongodb: create munin plugins directory if missing
|
||||||
|
* mysql: improve Bullseye compatibility
|
||||||
* mysql: script "mysql_connections" to display a compact list of connections
|
* mysql: script "mysql_connections" to display a compact list of connections
|
||||||
* mysql: script "mysql-queries-killer.sh" to kill MySQL queries
|
* mysql: script "mysql-queries-killer.sh" to kill MySQL queries
|
||||||
* nagios-nrpe + evolinux-users: new checks for bkctld
|
* nagios-nrpe + evolinux-users: new checks for bkctld
|
||||||
|
|
|
@ -10,8 +10,15 @@
|
||||||
- include: packages_jessie.yml
|
- include: packages_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
|
## There is nothing to do with users on Debian 11
|
||||||
|
# - include: users_bullseye.yml
|
||||||
|
# when: ansible_distribution_release == "bullseye"
|
||||||
|
|
||||||
|
- include: users_buster.yml
|
||||||
|
when: ansible_distribution_release == "buster"
|
||||||
|
|
||||||
- include: users_stretch.yml
|
- include: users_stretch.yml
|
||||||
when: ansible_distribution_major_version is version('9', '>=')
|
when: ansible_distribution_release == "stretch"
|
||||||
|
|
||||||
- include: users_jessie.yml
|
- include: users_jessie.yml
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
|
@ -10,12 +10,20 @@
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: Install perl libraries for Munin
|
- name: "Install perl libraries for Munin (Debian < 11)"
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- libdbd-mysql-perl
|
- libdbd-mysql-perl
|
||||||
- libcache-cache-perl
|
- libcache-cache-perl
|
||||||
state: present
|
state: present
|
||||||
|
when: ansible_distribution_major_version is version('11', '<')
|
||||||
|
|
||||||
|
- name: "Install perl libraries for Munin (Debian >= 11)"
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- libcache-cache-perl
|
||||||
|
- libdbd-mariadb-perl
|
||||||
|
when: ansible_distribution_major_version is version('11', '>=')
|
||||||
|
|
||||||
- name: Enable core Munin plugins
|
- name: Enable core Munin plugins
|
||||||
file:
|
file:
|
||||||
|
|
96
mysql/tasks/users_buster.yml
Normal file
96
mysql/tasks/users_buster.yml
Normal file
|
@ -0,0 +1,96 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Python dependencies for Ansible are installed
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- python-mysqldb
|
||||||
|
- python-pymysql
|
||||||
|
- python3-mysqldb
|
||||||
|
- python3-pymysql
|
||||||
|
state: present
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: create a password for mysqladmin
|
||||||
|
command: "apg -n 1 -m 16 -M lcN"
|
||||||
|
register: mysql_admin_password
|
||||||
|
changed_when: False
|
||||||
|
check_mode: False
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: there is a mysqladmin user
|
||||||
|
mysql_user:
|
||||||
|
name: mysqladmin
|
||||||
|
password: '{{ mysql_admin_password.stdout }}'
|
||||||
|
priv: "*.*:ALL,GRANT"
|
||||||
|
update_password: on_create
|
||||||
|
state: present
|
||||||
|
config_file: "/etc/mysql/debian.cnf"
|
||||||
|
login_user: root
|
||||||
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
||||||
|
register: create_mysqladmin_user
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: mysqladmin is the default user
|
||||||
|
ini_file:
|
||||||
|
dest: /root/.my.cnf
|
||||||
|
mode: "0600"
|
||||||
|
section: client
|
||||||
|
option: '{{ item.option }}'
|
||||||
|
value: '{{ item.value }}'
|
||||||
|
create: yes
|
||||||
|
loop:
|
||||||
|
- { option: 'user', value: 'mysqladmin' }
|
||||||
|
- { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
|
||||||
|
when: create_mysqladmin_user is changed
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: create a password for debian-sys-maint
|
||||||
|
command: "apg -n 1 -m 16 -M lcN"
|
||||||
|
register: mysql_debian_password
|
||||||
|
changed_when: False
|
||||||
|
check_mode: False
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: there is a debian-sys-maint user
|
||||||
|
mysql_user:
|
||||||
|
name: debian-sys-maint
|
||||||
|
password: '{{ mysql_debian_password.stdout }}'
|
||||||
|
priv: "*.*:ALL,GRANT"
|
||||||
|
update_password: on_create
|
||||||
|
state: present
|
||||||
|
config_file: "/root/.my.cnf"
|
||||||
|
register: create_debian_user
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: store debian-sys-maint user credentials
|
||||||
|
ini_file:
|
||||||
|
dest: /etc/mysql/debian.cnf
|
||||||
|
mode: "0600"
|
||||||
|
section: "{{ item[0] }}"
|
||||||
|
option: '{{ item[1].option }}'
|
||||||
|
value: '{{ item[1].value }}'
|
||||||
|
create: yes
|
||||||
|
loop: "{{ _sections | product(_credentials) | list }}"
|
||||||
|
vars:
|
||||||
|
_sections: [ 'client', 'mysql_upgrade' ]
|
||||||
|
_credentials:
|
||||||
|
- { option: 'user', value: 'debian-sys-maint' }
|
||||||
|
- { option: 'password', value: '{{ mysql_debian_password.stdout }}' }
|
||||||
|
when: create_debian_user is changed
|
||||||
|
tags:
|
||||||
|
- mysql
|
||||||
|
|
||||||
|
- name: root user is absent
|
||||||
|
mysql_user:
|
||||||
|
name: root
|
||||||
|
host_all: yes
|
||||||
|
config_file: "/root/.my.cnf"
|
||||||
|
state: absent
|
||||||
|
tags:
|
||||||
|
- mysql
|
|
@ -5,21 +5,10 @@
|
||||||
msg: "We can't create other users with 'debian-sys-maint' on Debian 8 with MariaDB.\nWe must give it the GRANT privilege before continuing."
|
msg: "We can't create other users with 'debian-sys-maint' on Debian 8 with MariaDB.\nWe must give it the GRANT privilege before continuing."
|
||||||
when: mysql_variant == "mariadb"
|
when: mysql_variant == "mariadb"
|
||||||
|
|
||||||
# dependency for mysql_user and mysql_db
|
- name: Python dependencies for Ansible are installed
|
||||||
- name: python-mysqldb is installed (Ansible dependency)
|
|
||||||
apt:
|
apt:
|
||||||
name: python-mysqldb
|
name: python-mysqldb
|
||||||
state: present
|
state: present
|
||||||
when: ansible_distribution_major_version is version('10', '<=')
|
|
||||||
tags:
|
|
||||||
- mysql
|
|
||||||
|
|
||||||
# dependency for mysql_user and mysql_db
|
|
||||||
- name: python3-mysqldb is installed (Ansible dependency)
|
|
||||||
apt:
|
|
||||||
name: python3-mysqldb
|
|
||||||
state: present
|
|
||||||
when: ansible_distribution_major_version is version('10', '>')
|
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
|
@ -29,7 +18,7 @@
|
||||||
changed_when: False
|
changed_when: False
|
||||||
check_mode: no
|
check_mode: no
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: there is a mysqladmin user
|
- name: there is a mysqladmin user
|
||||||
mysql_user:
|
mysql_user:
|
||||||
|
@ -41,7 +30,7 @@
|
||||||
config_file: "/etc/mysql/debian.cnf"
|
config_file: "/etc/mysql/debian.cnf"
|
||||||
register: create_mysqladmin_user
|
register: create_mysqladmin_user
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: mysqladmin is the default user
|
- name: mysqladmin is the default user
|
||||||
ini_file:
|
ini_file:
|
||||||
|
@ -56,13 +45,13 @@
|
||||||
- { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
|
- { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
|
||||||
when: create_mysqladmin_user is changed
|
when: create_mysqladmin_user is changed
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: remove root user
|
- name: root user is absent
|
||||||
mysql_user:
|
mysql_user:
|
||||||
name: root
|
name: root
|
||||||
host_all: yes
|
host_all: yes
|
||||||
config_file: "/root/.my.cnf"
|
config_file: "/root/.my.cnf"
|
||||||
state: absent
|
state: absent
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
|
@ -1,24 +1,11 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# dependency for mysql_user and mysql_db
|
- name: Python dependencies for Ansible are installed
|
||||||
- name: python modules is installed (Ansible dependency)
|
|
||||||
apt:
|
apt:
|
||||||
name:
|
name:
|
||||||
- python-mysqldb
|
- python-mysqldb
|
||||||
- python-pymysql
|
- python-pymysql
|
||||||
state: present
|
state: present
|
||||||
when: ansible_distribution_major_version is version('10', '<=')
|
|
||||||
tags:
|
|
||||||
- mysql
|
|
||||||
|
|
||||||
# dependency for mysql_user and mysql_db
|
|
||||||
- name: python3 modules is installed (Ansible dependency)
|
|
||||||
apt:
|
|
||||||
name:
|
|
||||||
- python3-mysqldb
|
|
||||||
- python3-pymysql
|
|
||||||
state: present
|
|
||||||
when: ansible_distribution_major_version is version('10', '>=')
|
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
|
@ -28,7 +15,7 @@
|
||||||
changed_when: False
|
changed_when: False
|
||||||
check_mode: False
|
check_mode: False
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: there is a mysqladmin user
|
- name: there is a mysqladmin user
|
||||||
mysql_user:
|
mysql_user:
|
||||||
|
@ -38,9 +25,11 @@
|
||||||
update_password: on_create
|
update_password: on_create
|
||||||
state: present
|
state: present
|
||||||
config_file: "/etc/mysql/debian.cnf"
|
config_file: "/etc/mysql/debian.cnf"
|
||||||
|
login_user: root
|
||||||
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
||||||
register: create_mysqladmin_user
|
register: create_mysqladmin_user
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: mysqladmin is the default user
|
- name: mysqladmin is the default user
|
||||||
ini_file:
|
ini_file:
|
||||||
|
@ -55,8 +44,7 @@
|
||||||
- { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
|
- { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
|
||||||
when: create_mysqladmin_user is changed
|
when: create_mysqladmin_user is changed
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
|
|
||||||
- name: create a password for debian-sys-maint
|
- name: create a password for debian-sys-maint
|
||||||
command: "apg -n 1 -m 16 -M lcN"
|
command: "apg -n 1 -m 16 -M lcN"
|
||||||
|
@ -64,7 +52,7 @@
|
||||||
changed_when: False
|
changed_when: False
|
||||||
check_mode: False
|
check_mode: False
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: there is a debian-sys-maint user
|
- name: there is a debian-sys-maint user
|
||||||
mysql_user:
|
mysql_user:
|
||||||
|
@ -96,7 +84,7 @@
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
|
||||||
- name: remove root user
|
- name: root user is absent
|
||||||
mysql_user:
|
mysql_user:
|
||||||
name: root
|
name: root
|
||||||
host_all: yes
|
host_all: yes
|
||||||
|
|
|
@ -49,17 +49,19 @@
|
||||||
- mariadb-client-10.5
|
- mariadb-client-10.5
|
||||||
- libconfig-inifiles-perl
|
- libconfig-inifiles-perl
|
||||||
- libterm-readkey-perl
|
- libterm-readkey-perl
|
||||||
|
- libdbd-mariadb-perl
|
||||||
when: ansible_distribution_major_version is version('11', '>=')
|
when: ansible_distribution_major_version is version('11', '>=')
|
||||||
|
|
||||||
- name: Read debian-sys-maint password
|
- name: Read debian-sys-maint password (Debian < 11)
|
||||||
shell: 'cat /etc/mysql/debian.cnf | grep -m1 "password = .*" | cut -d" " -f3'
|
shell: 'cat /etc/mysql/debian.cnf | grep -m1 "password = .*" | cut -d" " -f3'
|
||||||
register: mysql_debian_password
|
register: mysql_debian_password
|
||||||
changed_when: False
|
changed_when: False
|
||||||
check_mode: no
|
check_mode: no
|
||||||
tags:
|
tags:
|
||||||
- mysql
|
- mysql
|
||||||
|
when: ansible_distribution_major_version is version('11', '<')
|
||||||
|
|
||||||
- name: Configure mytop
|
- name: Configure mytop (Debian < 11)
|
||||||
template:
|
template:
|
||||||
src: mytop.j2
|
src: mytop.j2
|
||||||
dest: /root/.mytop
|
dest: /root/.mytop
|
||||||
|
@ -68,6 +70,18 @@
|
||||||
tags:
|
tags:
|
||||||
- mytop
|
- mytop
|
||||||
- mysql
|
- mysql
|
||||||
|
when: ansible_distribution_major_version is version('11', '<')
|
||||||
|
|
||||||
|
- name: Configure mytop (Debian >= 11)
|
||||||
|
template:
|
||||||
|
src: mytop.bullseye.j2
|
||||||
|
dest: /root/.mytop
|
||||||
|
mode: "0600"
|
||||||
|
force: yes
|
||||||
|
tags:
|
||||||
|
- mytop
|
||||||
|
- mysql
|
||||||
|
when: ansible_distribution_major_version is version('11', '>=')
|
||||||
|
|
||||||
# mysqltuner
|
# mysqltuner
|
||||||
|
|
||||||
|
|
3
mysql/templates/mytop.bullseye.j2
Normal file
3
mysql/templates/mytop.bullseye.j2
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
user = root
|
||||||
|
socket = /var/run/mysqld/mysqld.sock
|
||||||
|
db = mysql
|
Loading…
Reference in a new issue