From 1b32be19c07a01d57dd44543070ae55118c54f24 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 11:39:33 -0400 Subject: [PATCH 1/7] mysql script directory is a variable --- mysql/tasks/utils.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mysql/tasks/utils.yml b/mysql/tasks/utils.yml index 262dcd0f..eafb9068 100644 --- a/mysql/tasks/utils.yml +++ b/mysql/tasks/utils.yml @@ -1,8 +1,8 @@ --- -- name: Ensure /usr/share/scripts exists +- name: Ensure scripts directory exists file: - dest: /usr/share/scripts + dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}" mode: "0700" state: directory tags: From 213ad5a606ce942f1fa98f46243ce33b9463fa34 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 12:10:21 -0400 Subject: [PATCH 2/7] mysql: log2mail config is owned by log2mail group --- mysql/tasks/log2mail.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mysql/tasks/log2mail.yml b/mysql/tasks/log2mail.yml index fb256d26..568b6649 100644 --- a/mysql/tasks/log2mail.yml +++ b/mysql/tasks/log2mail.yml @@ -13,6 +13,8 @@ template: src: log2mail.j2 dest: /etc/log2mail/config/mysql.conf + owner: log2mail + group: adm mode: "0640" when: log2mail_config_dir.stat.exists tags: From a8570456614a82b4cb430393cbc87f041fba22e1 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 12:11:13 -0400 Subject: [PATCH 3/7] mysql: use apg for passwords --- mysql/tasks/nrpe.yml | 2 +- mysql/tasks/users_jessie.yml | 2 +- mysql/tasks/users_stretch.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mysql/tasks/nrpe.yml b/mysql/tasks/nrpe.yml index 7cebcf50..be18a966 100644 --- a/mysql/tasks/nrpe.yml +++ b/mysql/tasks/nrpe.yml @@ -20,7 +20,7 @@ - block: - name: Create a password for NRPE - shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)' + command: "apg -n 1 -m 16 -M lcN" register: mysql_nrpe_password changed_when: False diff --git a/mysql/tasks/users_jessie.yml b/mysql/tasks/users_jessie.yml index 4d225317..a8c22cf8 100644 --- a/mysql/tasks/users_jessie.yml +++ b/mysql/tasks/users_jessie.yml @@ -10,7 +10,7 @@ - mysql - name: create a password for mysqladmin - shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)' + command: "apg -n 1 -m 16 -M lcN" register: mysql_admin_password changed_when: False tags: diff --git a/mysql/tasks/users_stretch.yml b/mysql/tasks/users_stretch.yml index 0a3238eb..c57bd3ae 100644 --- a/mysql/tasks/users_stretch.yml +++ b/mysql/tasks/users_stretch.yml @@ -10,7 +10,7 @@ - mysql - name: create a password for mysqladmin - shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)' + command: "apg -n 1 -m 16 -M lcN" register: mysql_admin_password changed_when: False tags: @@ -45,7 +45,7 @@ - name: create a password for debian-sys-maint - shell: perl -e 'print map{("a".."z","A".."Z",0..9)[int(rand(62))]}(1..16)' + command: "apg -n 1 -m 16 -M lcN" register: mysql_debian_password changed_when: False tags: From 7d8c1988490ba1fa90f0a4ab257c5bec547edbda Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 12:13:35 -0400 Subject: [PATCH 4/7] mysql: split packages tasks by release --- mysql/tasks/main.yml | 6 ++- .../{packages.yml => packages_jessie.yml} | 0 mysql/tasks/packages_stretch.yml | 37 +++++++++++++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) rename mysql/tasks/{packages.yml => packages_jessie.yml} (100%) create mode 100644 mysql/tasks/packages_stretch.yml diff --git a/mysql/tasks/main.yml b/mysql/tasks/main.yml index ca3f0571..be64360c 100644 --- a/mysql/tasks/main.yml +++ b/mysql/tasks/main.yml @@ -1,6 +1,10 @@ --- -- include: packages.yml +- include: packages_stretch.yml + when: ansible_distribution_release == "stretch" + +- include: packages_jessie.yml + when: ansible_distribution_release == "jessie" - include: users_stretch.yml when: ansible_distribution_release == "stretch" diff --git a/mysql/tasks/packages.yml b/mysql/tasks/packages_jessie.yml similarity index 100% rename from mysql/tasks/packages.yml rename to mysql/tasks/packages_jessie.yml diff --git a/mysql/tasks/packages_stretch.yml b/mysql/tasks/packages_stretch.yml new file mode 100644 index 00000000..d5645bea --- /dev/null +++ b/mysql/tasks/packages_stretch.yml @@ -0,0 +1,37 @@ +--- + +- name: Choose packages + set_fact: + mysql_packages: "{{ item }}" + with_items: + - mariadb-server + - mariadb-client + tags: + - mysql + - packages + +- name: Install MySQL packages + apt: + name: '{{ item }}' + update_cache: yes + state: present + with_items: "{{ mysql_packages }}" + tags: + - mysql + - packages + +- name: MySQL is started + service: + name: mysql + state: started + tags: + - mysql + - services + +- name: apg package is installed + apt: + name: apg + state: present + tags: + - mysql + - packages From 574cf3ab44a26227a776676b7954b07ecb532bb1 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 12:23:44 -0400 Subject: [PATCH 5/7] mysql: install mysqltuner from packages --- mysql/tasks/utils.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/mysql/tasks/utils.yml b/mysql/tasks/utils.yml index eafb9068..20b62581 100644 --- a/mysql/tasks/utils.yml +++ b/mysql/tasks/utils.yml @@ -52,13 +52,17 @@ when: (mysql_scripts_dir or general_scripts_dir) | search ("/usr") - name: Install mysqltuner - copy: - src: mysqltuner.pl - dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/mysqltuner.pl" - mode: "0700" + # copy: + # src: mysqltuner.pl + # dest: "{{ mysql_scripts_dir or general_scripts_dir | mandatory }}/mysqltuner.pl" + # mode: "0700" + apt: + name: mysqltuner + state: present tags: - mysql - mysqltuner + - mysqltuner - name: Install aha apt: From d15bcc168e25a49c708a320880fa87b45d9857f5 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 12:24:14 -0400 Subject: [PATCH 6/7] mysql: fix mysql optimize tasks --- mysql/tasks/utils.yml | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/mysql/tasks/utils.yml b/mysql/tasks/utils.yml index 20b62581..7fae0c97 100644 --- a/mysql/tasks/utils.yml +++ b/mysql/tasks/utils.yml @@ -83,7 +83,7 @@ tags: - mysql -- name: "Cron dir is present" +- name: "Cron dir for optimize is present" file: path: "/etc/cron.{{ mysql_cron_optimize_frequency | mandatory }}" state: directory @@ -102,12 +102,36 @@ - name: "Disable cron to optimize MySQL" file: - dest: /etc/cron.weekly/mysql-optimize.sh + dest: /etc/cron.{{ mysql_cron_optimize_frequency | mandatory }}/mysql-optimize.sh state: absent when: not mysql_cron_optimize tags: - mysql +- name: "Cron dir for mysqltuner is present" + file: + path: "/etc/cron.{{ mysql_cron_mysqltuner_frequency | mandatory }}" + state: directory + mode: "0755" + owner: root + group: root + +- name: "Enable mysqltuner in cron" + copy: + src: mysqltuner.cron.sh + dest: /etc/cron.{{ mysql_cron_mysqltuner_frequency | mandatory }}/mysqltuner.sh + when: mysql_cron_mysqltuner + tags: + - mysql + +- name: "Disable mysqltuner in cron" + file: + dest: /etc/cron.{{ mysql_cron_mysqltuner_frequency | mandatory }}/mysqltuner.sh + state: absent + when: not mysql_cron_mysqltuner + tags: + - mysql + # my-add.sh - include: remount_usr_rw.yml From efa7e288dd48581759e1b000ab23b28026c4db70 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Sat, 12 Aug 2017 12:25:07 -0400 Subject: [PATCH 7/7] mysql: install cron task for mysqltuer --- mysql/defaults/main.yml | 3 ++ mysql/files/mysqltuner.cron.sh | 50 ++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 mysql/files/mysqltuner.cron.sh diff --git a/mysql/defaults/main.yml b/mysql/defaults/main.yml index 3c2bbeb6..b84e59ec 100644 --- a/mysql/defaults/main.yml +++ b/mysql/defaults/main.yml @@ -18,4 +18,7 @@ mysql_innodb_buffer_pool_size: '{{ (ansible_memtotal_mb * 0.3) | int }}M' mysql_cron_optimize: True mysql_cron_optimize_frequency: weekly +mysql_cron_mysqltuner: True +mysql_cron_mysqltuner_frequency: monthly + mysql_force_new_nrpe_password: False diff --git a/mysql/files/mysqltuner.cron.sh b/mysql/files/mysqltuner.cron.sh new file mode 100644 index 00000000..5424aa90 --- /dev/null +++ b/mysql/files/mysqltuner.cron.sh @@ -0,0 +1,50 @@ +#!/bin/bash +set -e +export TERM=screen + +mem=$(free -m | grep Mem: | tr -s ' ' | cut -d ' ' -f2) +swap=$(free -m | grep Swap: | tr -s ' ' | cut -d ' ' -f2) +template=$(mktemp --tmpdir=/tmp evomysqltuner.XXX) +body=$(mktemp --tmpdir=/tmp evomysqltuner.XXX) +clientmail=$(grep EVOMAINTMAIL /etc/evomaintenance.cf | cut -d'=' -f2) +hostname=$(grep HOSTNAME /etc/evomaintenance.cf | cut -d'=' -f2) +hostname=${hostname%%.evolix.net} +# If hostname is composed with -, remove the first part. +if [[ $hostname =~ "-" ]]; then + hostname=$(echo $hostname | cut -d'-' -f2-) +fi + +# Remove temporary files on exit. +trap "rm $template $body" EXIT + +# Add port here if you have more than one instance! +instances="3306" +for instance in $instances; do + mysqltuner --port $instance --host 127.0.0.1 --forcemem $mem --forceswap $swap \ + | aha > /var/www/mysqlreport_${instance}.html + cat << EOT > $template +Content-Type: text/plain; charset="utf-8" +Reply-To: Équipe Evolix +From: Équipe Evolix +To: $clientmail +Subject: Rapport MySQL instance $instance pour votre serveur $hostname +EOT + cat << EOT > $body +Bonjour, + +Veuillez trouver ci-joint un rapport MySQL. +Celui-ci permet d'identifier aisément si des optimisations MySQL sont possibles. + +N'hésitez pas à nous indiquer par mail ou ticket quelles variables vous souhaiter +optimiser. + +Veuillez noter qu'il faudra redémarrer MySQL pour appliquer de nouveaux paramètres. + +Bien à vous, +-- +Rapport automatique Evolix +EOT + mutt -x -e 'set send_charset="utf-8"' -H $template \ + -a /var/www/mysqlreport_${instance}.html < $body +done +chmod 644 /var/www/mysqlreport*html