Eerste grote update:

- Wissen standaard accounts
 - Zetten root password
 - Aanmaken databases
 - Aanmaken gebruikers per database
 - Lege files klaar zetten voor backup, slave, config
This commit is contained in:
Marcel Nijenhof
2021-05-06 14:46:09 +02:00
parent bf1c4d86e7
commit cff00f04c7
18 changed files with 143 additions and 89 deletions

View File

@@ -0,0 +1,49 @@
---
mysql_root_password: TODO-Vault
nfsdir: /var/backup/mysql
db_clients:
- h1
- localhost
nodes:
- node: h112
slaves:
- h235:
db:
- name: db1
users:
- name: db1_admin
password: TODO-Vault
priv: ALL
- name: db1_user
password: TODO-Vault
priv: "select,insert,update,delete"
- name: db1_read
password: TODO-Vault
priv: "select"
- name: db1_absent
password: TODO-Vault
priv: "select"
state: absent
- name: db2
users:
- name: db2_admin
password: TODO-Vault
priv: ALL
- node: h235
slaves:
- h112:
db:
- name: db3
users:
- name: db3_admin
password: TODO-Vault
priv: ALL
- name: db4
state: absent
users:
- name: db4_admin
password: TODO-Vault
priv: ALL

7
inventory/hosts Normal file
View File

@@ -0,0 +1,7 @@
---
mysql_dev:
hosts:
h112:
ansible_user: root
h235:
ansible_user: root

View File

@@ -1,2 +1,2 @@
---
# defaults file for dbnode
# defaults file for mysql

View File

@@ -1,5 +1,2 @@
---
- name: Restart MariaDB service
service:
name: mariadb
state: restarted
# handlers file for mysql

View File

@@ -50,6 +50,4 @@ galaxy_info:
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
collections:
- community.mysql

View File

@@ -1,28 +0,0 @@
---
- name: Create volume group vgdata
lvg:
vg: vgdata
pvs: /dev/sdc
- name: "Create a logical volume lv_var_lib_mysql of size: {{ disk_var_lib_mysql_size }}"
lvol:
vg: vgdata
lv: lv_var_lib_mysql
size: "{{ disk_var_lib_mysql_size }}"
- name: Create a xfs filesystem on /dev/vgdata/lv_var_lib_mysql
filesystem:
fstype: xfs
dev: /dev/vgdata/lv_var_lib_mysql
- name: Create directory /var/lib/mysql
file:
path: /var/lib/mysql
state: directory
- name: Mount /var/lib/mysql
mount:
path: /var/lib/mysql
src: /dev/vgdata/lv_var_lib_mysql
fstype: xfs
state: mounted

View File

@@ -1,12 +1,7 @@
---
- name: Install the MariaDB packages
dnf:
name: [mariadb-server, python3-pip]
name:
- mariadb-server
- python3-PyMySQL
state: present
- name: "Install python packages"
pip:
name: "{{ python_packages }}"
environment:
HTTP_PROXY: "{{ webproxy }}"
HTTPS_PROXY: "{{ webproxy }}"

View File

@@ -1,6 +1,9 @@
---
- include_tasks: filesystem.yml
- include_tasks: install.yml
- include_tasks: service.yml
- include_tasks: mysql_user.yml
- include_tasks: mysql_db.yml
#- include_tasks: install.yml
#- include_tasks: mysql_config.yml
#- include_tasks: service.yml
#- include_tasks: mysql_user.yml
- include_tasks: mysql_nodes.yml
#- include_tasks: mysql_db.yml
#- include_tasks: mysql_slaves.yml
#- include_tasks: mysql_backup.yml

View File

@@ -0,0 +1,4 @@
---
- name: todo backup
debug:
msg: "todo backup"

View File

@@ -0,0 +1,4 @@
---
- name: todo config
debug:
msg: "todo config"

View File

@@ -1,18 +1,14 @@
---
- name: Create a database with name 'lavs_alfresco'
- name: Create databases
community.mysql.mysql_db:
check_implicit_admin: yes
name: lavs_alfresco
state: present
- name: Create a database with name 'lavs_zm'
community.mysql.mysql_db:
check_implicit_admin: yes
name: lavs_zm
state: present
- name: Create a database with name 'lavs_systeem'
community.mysql.mysql_db:
check_implicit_admin: yes
name: lavs_systeem
state: present
name: "{{ db.name }}"
state: "{{ db.state|default('present') }}"
loop: "{{ node.db }}"
loop_control:
loop_var: db
- name: Create users for db
include_tasks: mysql_db_users.yml
loop: "{{ node.db }}"
loop_control:
loop_var: db

View File

@@ -0,0 +1,11 @@
---
- name: Create users
community.mysql.mysql_user:
name: "{{ user[0].name }}"
password: "{{ user[0].password }}"
state: "{{ user[0].state|default(db.state)|default('present') }}"
host: "{{ user[1] }}"
priv: "{{db.name}}.*:{{ user[0].priv|default('ALL') }}"
loop: "{{ db.users|product(db_clients)|list }}"
loop_control:
loop_var: user

View File

@@ -0,0 +1,7 @@
---
- name: Loop over nodes to create db
include_tasks: mysql_db.yml
with_items: "{{ nodes }}"
loop_control:
loop_var: node
when: (ansible_nodename == node.node)

View File

@@ -0,0 +1,4 @@
---
- name: todo slaves
debug:
msg: "todo slaves"

View File

@@ -4,30 +4,26 @@
name: root
host: "{{ ansible_fqdn }}"
state: absent
- name: "Create lavs user for {{ ansible_fqdn }}"
- name: Remove remote root account (::1)
community.mysql.mysql_user:
name: lavs
password: "{{ db_lavs_password }}"
host: "{{ db_remote_host }}"
state: present
priv:
'lavs_alfresco.*': 'ALL'
- name: "Create zm_user user for {{ ansible_fqdn }}"
name: root
host: ::1
state: absent
- name: Remove remote root account (127.0.0.1)
community.mysql.mysql_user:
name: zm_user
password: "{{ db_zm_user_password }}"
host: "{{ db_remote_host }}"
state: present
priv:
'lavs_zm.*': 'ALL'
- name: "Create lars_user user for {{ ansible_fqdn }}"
name: root
host: 127.0.0.1
state: absent
- name: Set root password for root@localhost
community.mysql.mysql_user:
name: lars_user
password: "{{ db_lars_user_password }}"
host: "{{ db_remote_host }}"
name: root
host: localhost
password: "{{ mysql_root_password }}"
state: present
priv:
'lavs_systeem.*': 'ALL'
- name: Create my.cnf
ansible.builtin.template:
src: my.cnf.j2
dest: /root/.my.cnf
owner: root
group: root
mode: 0600

View File

@@ -0,0 +1,11 @@
[client]
user=root
password={{ mysql_root_password }}
[mysql]
user=root
password={{ mysql_root_password }}
[mariabackup]
user=root
password={{ mysql_root_password }}

View File

@@ -2,4 +2,4 @@
- hosts: localhost
remote_user: root
roles:
- dbnode
- mysql

View File

@@ -1,2 +1,2 @@
---
python_packages: [pymysql >= 1.0.2]
# vars file for mysql