Compare commits
16 commits
Author | SHA1 | Date | |
---|---|---|---|
951ec2a4c8 | |||
2c32003804 | |||
0efdcb045e | |||
5eb6a71466 | |||
6361a81fe5 | |||
a5a31223c0 | |||
e109a23cfa | |||
fcbf14dc3a | |||
753770e77d | |||
03dcb51ea1 | |||
51fbef2480 | |||
837a6cce63 | |||
611d8234ad | |||
b9070661f9 | |||
2dbbaf8147 | |||
08f588d4aa |
15 changed files with 186 additions and 160 deletions
18
.forgejo/workflows/molecule.yml
Normal file
18
.forgejo/workflows/molecule.yml
Normal file
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
on: [push]
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: code.waks.be/nishiki/molecule:docker
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- run: ansible-lint .
|
||||
- run: yamllint .
|
||||
molecule:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: code.waks.be/nishiki/molecule:docker
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- run: molecule test
|
10
.gitlab-ci.yml
Normal file
10
.gitlab-ci.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
image: nishiki/molecule:docker
|
||||
|
||||
before_script:
|
||||
- molecule --version
|
||||
|
||||
molecule:
|
||||
stage: test
|
||||
script:
|
||||
- molecule test
|
38
.rubocop.yml
38
.rubocop.yml
|
@ -1,38 +0,0 @@
|
|||
---
|
||||
AllCops:
|
||||
Exclude:
|
||||
- db/**/*
|
||||
- config/**/*
|
||||
- Vagrantfile
|
||||
TargetRubyVersion: 2.4
|
||||
|
||||
Naming/AccessorMethodName:
|
||||
Enabled: false
|
||||
|
||||
Lint/RescueWithoutErrorClass:
|
||||
Enabled: false
|
||||
|
||||
Metrics/LineLength:
|
||||
Max: 120
|
||||
Metrics/CyclomaticComplexity:
|
||||
Enabled: false
|
||||
Metrics/PerceivedComplexity:
|
||||
Enabled: false
|
||||
Metrics/MethodLength:
|
||||
Enabled: false
|
||||
Metrics/BlockLength:
|
||||
Enabled: false
|
||||
Metrics/ClassLength:
|
||||
Enabled: false
|
||||
Metrics/AbcSize:
|
||||
Enabled: false
|
||||
|
||||
Style/NumericLiteralPrefix:
|
||||
Enabled: false
|
||||
Style/FrozenStringLiteralComment:
|
||||
Enabled: false
|
||||
Style/CommandLiteral:
|
||||
Enabled: true
|
||||
EnforcedStyle: percent_x
|
||||
Style/Documentation:
|
||||
Enabled: false
|
|
@ -2,11 +2,11 @@
|
|||
extends: default
|
||||
|
||||
ignore: |
|
||||
.kitchen/*
|
||||
.kitchen*
|
||||
vendor/
|
||||
.forgejo/
|
||||
|
||||
rules:
|
||||
line-length:
|
||||
max: 120
|
||||
level: warning
|
||||
truthy: false
|
||||
|
|
30
CHANGELOG.md
30
CHANGELOG.md
|
@ -3,28 +3,48 @@
|
|||
This project adheres to [Semantic Versioning](http://semver.org/).
|
||||
Which is based on [Keep A Changelog](http://keepachangelog.com/)
|
||||
|
||||
## [Unreleased]
|
||||
## Unreleased
|
||||
|
||||
## [v2.0.1] - 2020-03-28
|
||||
### Fixed
|
||||
|
||||
- fix: change gpg key
|
||||
|
||||
## v2.1.0 - 2021-08-22
|
||||
|
||||
### Added
|
||||
|
||||
- test: add support debian 11
|
||||
|
||||
### Fixed
|
||||
|
||||
- fix: bug with multiple privileges
|
||||
|
||||
### Changed
|
||||
|
||||
- chore: use FQCN for module name
|
||||
- fix: replace no_log to loop label
|
||||
- test: use personal docker registry
|
||||
|
||||
## v2.0.1 - 2020-03-28
|
||||
|
||||
### Changed
|
||||
|
||||
- fix: remove default value for mariadb_password
|
||||
- test: replace kitchen to molecule
|
||||
|
||||
## [v2.0.0] - 2019-06-05
|
||||
## v2.0.0 - 2019-06-05
|
||||
|
||||
- breaking: remove support for ansible < 2.8
|
||||
- feat: add official repository
|
||||
- feat: remove unused users in init
|
||||
- feat: install database if datadir doesn't exist
|
||||
|
||||
## [v1.0.1] - 2019-03-16
|
||||
## v1.0.1 - 2019-03-16
|
||||
|
||||
- fix: add client-server option in default configuration
|
||||
- fix: install python-mysqldb package
|
||||
- test: add tests with travis-ci
|
||||
|
||||
## [v1.0.0] - 2019-02-23
|
||||
## v1.0.0 - 2019-02-23
|
||||
|
||||
- first version
|
||||
|
|
58
README.md
58
README.md
|
@ -1,34 +1,36 @@
|
|||
# Ansible role: MariaDB
|
||||
|
||||
[![Version](https://img.shields.io/badge/latest_version-2.0.1-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-mariadb/releases)
|
||||
[![Build Status](https://travis-ci.org/nishiki/ansible-role-mariadb.svg?branch=master)](https://travis-ci.org/nishiki/ansible-role-mariadb)
|
||||
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-mariadb/src/branch/master/LICENSE)
|
||||
[![Version](https://img.shields.io/badge/latest_version-2.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-mariadb/releases)
|
||||
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-mariadb/src/branch/master/LICENSE)
|
||||
[![Build](https://code.waks.be/nishiki/ansible-role-mariadb/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-mariadb/actions?workflow=molecule.yml)
|
||||
|
||||
Install and configure MariaDB
|
||||
|
||||
## Requirements
|
||||
|
||||
* Ansible >= 2.8
|
||||
* Debian Stretch and Buster
|
||||
- Ansible >= 2.9
|
||||
- Debian
|
||||
- Bullseye
|
||||
- Bookworm
|
||||
|
||||
## Role variables
|
||||
|
||||
| Name | Type | Required |Default | Comment |
|
||||
|---------------------------------|-------|----------|--------|----------------------------------------|
|
||||
| mariadb_use_official_repository | bool | no | true | use the official repository |
|
||||
| mariadb_branch | str | no | 10.3 | the branch version to install |
|
||||
| mariadb_user | str | no | root | login to connect on mariadb |
|
||||
| mariadb_password | str | yes | | password to connect on mariadb |
|
||||
| mariadb_master | bool | no | false | the server is master |
|
||||
| mariadb_autorestart | bool | no | false | restart mariadb when the config change |
|
||||
| mariadb_users | array | no | | the users to manage |
|
||||
| mariadb_databases | array | no | | the databases to manage |
|
||||
| mariadb_config | hash | no | | extra options for configuration |
|
||||
| Name | Type | Required | Default | Comment |
|
||||
| ------------------------------- | ----- | -------- | ------- | -------------------------------------- |
|
||||
| mariadb_use_official_repository | bool | no | true | use the official repository |
|
||||
| mariadb_branch | str | no | 10.3 | the branch version to install |
|
||||
| mariadb_user | str | no | root | login to connect on mariadb |
|
||||
| mariadb_password | str | yes | | password to connect on mariadb |
|
||||
| mariadb_master | bool | no | false | the server is master |
|
||||
| mariadb_autorestart | bool | no | false | restart mariadb when the config change |
|
||||
| mariadb_users | array | no | | the users to manage |
|
||||
| mariadb_databases | array | no | | the databases to manage |
|
||||
| mariadb_config | hash | no | | extra options for configuration |
|
||||
|
||||
### mariadb_users
|
||||
|
||||
| Name | Type | Required |Default | Comment |
|
||||
|------------|-------|----------|---------|-----------------------------------------------------------|
|
||||
| Name | Type | Required | Default | Comment |
|
||||
| ---------- | ----- | -------- | ------- | --------------------------------------------------------- |
|
||||
| name | str | yes | | the username |
|
||||
| host | str | yes | | the mysql user host |
|
||||
| password | str | yes | | the user password |
|
||||
|
@ -48,10 +50,10 @@ Example:
|
|||
|
||||
### mariadb_databases
|
||||
|
||||
| Name | Type | Required |Default | Comment |
|
||||
|------------|-------|----------|---------|-----------------------------------------------------------|
|
||||
| name | str | yes | | the dabase name |
|
||||
| state | str | no | present | if state is `absent` the database is deleted |
|
||||
| Name | Type | Required | Default | Comment |
|
||||
| ----- | ---- | -------- | ------- | -------------------------------------------- |
|
||||
| name | str | yes | | the dabase name |
|
||||
| state | str | no | present | if state is `absent` the database is deleted |
|
||||
|
||||
Example:
|
||||
|
||||
|
@ -83,8 +85,8 @@ Example:
|
|||
privileges:
|
||||
- 'myappli.*:ALL'
|
||||
mariadb_databases:
|
||||
- myappli
|
||||
mariadb_config:
|
||||
- name: myappli
|
||||
mariadb_config:
|
||||
server-id: 1
|
||||
bind-address: 0.0.0.0
|
||||
roles:
|
||||
|
@ -95,10 +97,10 @@ Example:
|
|||
|
||||
### Test with molecule and docker
|
||||
|
||||
* install [docker](https://docs.docker.com/engine/installation/)
|
||||
* install `python3` and `python3-pip`
|
||||
* install molecule and dependencies `pip3 install molecule 'molecule[docker]' docker ansible-lint testinfra yamllint`
|
||||
* run `molecule test`
|
||||
- install [docker](https://docs.docker.com/engine/installation/)
|
||||
- install `python3` and `python3-pip`
|
||||
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
|
||||
- run `molecule test`
|
||||
|
||||
## License
|
||||
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
mariadb_use_official_repository: yes
|
||||
mariadb_branch: 10.3
|
||||
mariadb_use_official_repository: true
|
||||
mariadb_branch: 10.6
|
||||
mariadb_repository: |
|
||||
deb http://mariadb.mirrors.ovh.net/MariaDB/repo/{{ mariadb_branch }}/debian {{ ansible_distribution_release }} main
|
||||
mariadb_repository_key_id: '0xF1656F24C74CD1D8'
|
||||
mariadb_repository_key_server: keyserver.ubuntu.com
|
||||
mariadb_repository_key_server: hkp://keyserver.ubuntu.com:80
|
||||
mariadb_user: root
|
||||
mariadb_master: no
|
||||
mariadb_autorestart: no
|
||||
mariadb_master: false
|
||||
mariadb_autorestart: false
|
||||
mariadb_users: []
|
||||
mariadb_databases: []
|
||||
mariadb_config: {}
|
||||
|
@ -47,4 +47,4 @@ mariadb_default_config:
|
|||
max_binlog_size: 100M
|
||||
character-set-server: utf8mb4
|
||||
collation-server: utf8mb4_general_ci
|
||||
mariadb_full_config: '{{ mariadb_default_config|combine(mariadb_config, recursive=True) }}'
|
||||
mariadb_full_config: '{{ mariadb_default_config | combine(mariadb_config, recursive=True) }}'
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: restart mariadb
|
||||
service:
|
||||
- name: Restart mariadb
|
||||
ansible.builtin.service:
|
||||
name: mysql
|
||||
state: restarted
|
||||
when: mariadb_autorestart|bool
|
||||
|
|
|
@ -1,17 +1,18 @@
|
|||
---
|
||||
galaxy_info:
|
||||
role_name: mariadb
|
||||
namespace: nishiki
|
||||
author: Adrien Waksberg
|
||||
company: Adrien Waksberg
|
||||
description: Install and configure mariadb
|
||||
license: Apache2
|
||||
min_ansible_version: 2.8
|
||||
min_ansible_version: "2.9"
|
||||
|
||||
platforms:
|
||||
- name: Debian
|
||||
versions:
|
||||
- stretch
|
||||
- buster
|
||||
- bullseye
|
||||
- bookworm
|
||||
|
||||
galaxy_tags:
|
||||
- database
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
roles:
|
||||
- ansible-role-mariadb
|
||||
vars:
|
||||
mariadb_password: secret
|
||||
mariadb_autorestart: yes
|
||||
|
@ -19,5 +21,8 @@
|
|||
password: test
|
||||
privileges:
|
||||
- 'test.*:ALL'
|
||||
roles:
|
||||
- ansible-role-mariadb
|
||||
|
||||
pre_tasks:
|
||||
- name: update apt cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
|
|
|
@ -2,17 +2,23 @@
|
|||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: debian10
|
||||
image: nishiki/debian10:molecule
|
||||
- name: debian12
|
||||
image: code.waks.be/nishiki/molecule:debian12
|
||||
privileged: true
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
cgroupns_mode: host
|
||||
command: /bin/systemd
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
provisioner:
|
||||
inventory:
|
||||
host_vars:
|
||||
debian12:
|
||||
mariadb_use_official_repository: false
|
||||
lint: |
|
||||
set -e
|
||||
yamllint .
|
||||
ansible-lint
|
||||
ansible-lint .
|
||||
verifier:
|
||||
name: testinfra
|
||||
|
|
|
@ -2,7 +2,7 @@ import os, re
|
|||
import testinfra.utils.ansible_runner
|
||||
|
||||
def test_packages(host):
|
||||
for package_name in ['mariadb-server', 'python-mysqldb']:
|
||||
for package_name in ['mariadb-server', 'python3-mysqldb']:
|
||||
package = host.package(package_name)
|
||||
assert package.is_installed
|
||||
|
||||
|
@ -42,7 +42,7 @@ def test_root_user(host):
|
|||
|
||||
def test_grant_access(host):
|
||||
result = host.check_output('mysql -uroot -psecret -e "show grants for toto@\'%\'"')
|
||||
assert "GRANT ALL PRIVILEGES ON `test`.* TO 'toto'@'%'" in result
|
||||
assert "GRANT ALL PRIVILEGES ON `test`.* TO `toto`@`%`" in result
|
||||
|
||||
def test_logbin_enabled(host):
|
||||
result = host.check_output('mysql -uroot -psecret -e "show variables where variable_name = \'log_bin\'"')
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: create the data directory
|
||||
file:
|
||||
- name: Create the data directory
|
||||
ansible.builtin.file:
|
||||
path: '{{ mariadb_full_config.mysqld.datadir }}'
|
||||
owner: '{{ mariadb_full_config.mysqld.user }}'
|
||||
group: root
|
||||
|
@ -8,8 +8,8 @@
|
|||
state: directory
|
||||
tags: mariadb
|
||||
|
||||
- name: initialize database
|
||||
command:
|
||||
- name: Initialize database # noqa no-changed-when
|
||||
ansible.builtin.command:
|
||||
args:
|
||||
argv:
|
||||
- mysql_install_db
|
||||
|
@ -17,37 +17,34 @@
|
|||
- '--user={{ mariadb_full_config.mysqld.user }}'
|
||||
- '--skip-name-resolve'
|
||||
- '--no-defaults'
|
||||
when: True
|
||||
tags: mariadb
|
||||
|
||||
- name: start mariadb
|
||||
systemd:
|
||||
- name: Start mariadb
|
||||
ansible.builtin.service:
|
||||
name: mysql
|
||||
state: started
|
||||
tags: mariadb
|
||||
|
||||
- name: wait mysql start
|
||||
pause:
|
||||
- name: Wait mysql start
|
||||
ansible.builtin.pause:
|
||||
seconds: 5
|
||||
tags: mariadb
|
||||
|
||||
- name: set root password
|
||||
command: 'mysqladmin -u root password {{ mariadb_password }}'
|
||||
when: True
|
||||
- name: Set root password # noqa no-changed-when
|
||||
ansible.builtin.command: 'mysqladmin -u root password {{ mariadb_password }}'
|
||||
tags: mariadb
|
||||
|
||||
- name: remove anonymous users
|
||||
mysql_user:
|
||||
- name: Remove anonymous users
|
||||
community.mysql.mysql_user:
|
||||
name: ''
|
||||
host_all: yes
|
||||
host_all: true
|
||||
state: absent
|
||||
login_user: '{{ mariadb_user }}'
|
||||
login_password: '{{ mariadb_password }}'
|
||||
no_log: true
|
||||
tags: mariadb
|
||||
|
||||
- name: remove root user without password
|
||||
mysql_user:
|
||||
- name: Remove root user without password
|
||||
community.mysql.mysql_user:
|
||||
name: root
|
||||
host: '{{ item }}'
|
||||
state: absent
|
||||
|
@ -57,5 +54,4 @@
|
|||
- 127.0.0.1
|
||||
- '::1'
|
||||
- '{{ ansible_nodename }}'
|
||||
no_log: true
|
||||
tags: mariadb
|
||||
|
|
|
@ -1,69 +1,79 @@
|
|||
---
|
||||
- import_tasks: repo.yml
|
||||
when: mariadb_use_official_repository|bool
|
||||
|
||||
- name: install package
|
||||
package:
|
||||
name: '{{ packages }}'
|
||||
vars:
|
||||
packages:
|
||||
- mariadb-server
|
||||
- python-mysqldb
|
||||
- name: Install dependencies packages
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- gpg
|
||||
- python3-mysqldb
|
||||
retries: 2
|
||||
register: result
|
||||
until: result is succeeded
|
||||
tags: mariadb
|
||||
|
||||
- name: copy configuration file
|
||||
template:
|
||||
- name: Install official repository
|
||||
ansible.builtin.import_tasks: repo.yml
|
||||
when: mariadb_use_official_repository|bool
|
||||
|
||||
- name: Install package
|
||||
ansible.builtin.package:
|
||||
name:
|
||||
- mariadb-server
|
||||
retries: 2
|
||||
register: result
|
||||
until: result is succeeded
|
||||
tags: mariadb
|
||||
|
||||
- name: Copy configuration file
|
||||
ansible.builtin.template:
|
||||
src: my.cnf.j2
|
||||
dest: /etc/mysql/my.cnf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: restart mariadb
|
||||
notify: Restart mariadb
|
||||
tags: mariadb
|
||||
|
||||
- name: check if datadir exist
|
||||
stat:
|
||||
path: '{{ mariadb_full_config.mysqld.datadir }}'
|
||||
- name: Check if datadir exist
|
||||
ansible.builtin.stat:
|
||||
path: "{{ mariadb_full_config.mysqld.datadir }}"
|
||||
register: st
|
||||
tags: mariadb
|
||||
|
||||
- import_tasks: initdb.yml
|
||||
- name: Initialize the database
|
||||
ansible.builtin.import_tasks: initdb.yml
|
||||
when: not st.stat.exists
|
||||
|
||||
- name: enable and start the service
|
||||
service:
|
||||
- name: Enable and start the service
|
||||
ansible.builtin.service:
|
||||
name: mysql
|
||||
state: started
|
||||
enabled: yes
|
||||
enabled: true
|
||||
tags: mariadb
|
||||
|
||||
- name: manage users
|
||||
mysql_user:
|
||||
name: '{{ item.name }}'
|
||||
host: '{{ item.host }}'
|
||||
password: '{{ item.password }}'
|
||||
priv: '{{ item.privileges|default("")|join(",") }}'
|
||||
state: '{{ item.state|default("present") }}'
|
||||
login_user: '{{ mariadb_user }}'
|
||||
login_password: '{{ mariadb_password }}'
|
||||
loop: '{{ mariadb_users }}'
|
||||
- name: Manage users
|
||||
community.mysql.mysql_user:
|
||||
name: "{{ item.name }}"
|
||||
host: "{{ item.host }}"
|
||||
password: "{{ item.password }}"
|
||||
priv: "{{ item.privileges | default('') | join('/') }}"
|
||||
state: "{{ item.state | default('present') }}"
|
||||
login_user: "{{ mariadb_user }}"
|
||||
login_password: "{{ mariadb_password }}"
|
||||
loop: "{{ mariadb_users }}"
|
||||
loop_control:
|
||||
label: "{{ item.name }}@{{ item.host }}"
|
||||
run_once: true
|
||||
no_log: true
|
||||
when: mariadb_master|bool
|
||||
tags: mariadb
|
||||
|
||||
- name: manage databases
|
||||
mysql_db:
|
||||
name: '{{ item.name }}'
|
||||
state: '{{ item.state|default("present") }}'
|
||||
login_user: '{{ mariadb_user }}'
|
||||
login_password: '{{ mariadb_password }}'
|
||||
loop: '{{ mariadb_databases }}'
|
||||
- name: Manage databases
|
||||
community.mysql.mysql_db:
|
||||
name: "{{ item.name }}"
|
||||
state: "{{ item.state | default('present') }}"
|
||||
login_user: "{{ mariadb_user }}"
|
||||
login_password: "{{ mariadb_password }}"
|
||||
loop: "{{ mariadb_databases }}"
|
||||
loop_control:
|
||||
label: "{{ item.name }}"
|
||||
run_once: true
|
||||
no_log: true
|
||||
when: mariadb_master|bool
|
||||
tags: mariadb
|
||||
|
|
|
@ -1,14 +1,10 @@
|
|||
---
|
||||
- name: add gpg key for mariadb repository
|
||||
apt_key:
|
||||
keyserver: '{{ mariadb_repository_key_server }}'
|
||||
id: '{{ mariadb_repository_key_id }}'
|
||||
retries: 2
|
||||
register: result
|
||||
until: result is succeeded
|
||||
- name: Add gpg key for mariadb repository
|
||||
ansible.builtin.apt_key:
|
||||
url: https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY
|
||||
tags: mariadb
|
||||
|
||||
- name: add official repo
|
||||
apt_repository:
|
||||
repo: '{{ mariadb_repository }}'
|
||||
- name: Add official repo
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "{{ mariadb_repository }}"
|
||||
tags: mariadb
|
||||
|
|
Loading…
Reference in a new issue