diff --git a/roles/mariadb/tasks/configure.yml b/roles/mariadb/tasks/configure.yml index 5eec907..638629a 100644 --- a/roles/mariadb/tasks/configure.yml +++ b/roles/mariadb/tasks/configure.yml @@ -1,125 +1,130 @@ --- # Configure MariaDB - stat: path=/var/local/mysql_reset register: mysql_reset - name: Copy phabricator stop words copy: src=stopwords.txt dest=/srv/stopwords.txt - name: Copy minimal mysql config template: src=my-mini.cnf dest=/etc/my.cnf when: not mysql_reset.stat.exists notify: stop mysql - name: Reset MySQL root password shell: /etc/init.d/mysql start --skip-grant-tables; mysql -u root -e 'flush privileges; SET PASSWORD FOR 'root'@'localhost' = PASSWORD("");'; touch /var/local/mysql_reset; service mariadb stop when: not mysql_reset.stat.exists args: creates: /var/local/mysql_reset - name: Copy mysql config template: src=my.cnf dest=/etc/my.cnf notify: restart mysql +# Service +- name: mariadb service + template: src=mariadb.service dest=/etc/systemd/system/mariadb.service + notify: reload systemctl + - name: Start mysql server service: name=mariadb state=started enabled=true # Tweaks - name: Open files and proc limits for mysql user copy: dest: /etc/security/limits.d/10-mysql.conf content: | mysql hard nofile 100000 mysql soft nofile 100000 mysql soft nproc 10000 mysql hard nproc 10000 # Configure replication - name: Create database replication user mysql_user: state=present user={{ mysql_repl_user }} password={{ mysql_repl_pass }} priv="*.*:REPLICATION SLAVE" host={{ mysql_host }} run_once: yes - name: Check slave replication status mysql_replication: mode=getslave ignore_errors: true register: slave when: inventory_hostname != groups.dbs[0] - name: Check master replication status mysql_replication: mode=getmaster delegate_to: "{{ groups.dbs[0] }}" register: master when: > inventory_hostname != groups.dbs[0] and slave|failed - name: Configure replication on the slave mysql_replication: mode: changemaster master_host: "{{ groups.dbs[0] }}" master_user: "{{ mysql_repl_user }}" master_password: "{{ mysql_repl_pass }}" master_log_file: "{{ master.File }}" master_log_pos: "{{ master.Position }}" ignore_errors: True when: > inventory_hostname != groups.dbs[0] and slave|failed - name: Start replication mysql_replication: mode=startslave when: > inventory_hostname != groups.dbs[0] and slave|failed # Users - name: Create database app user mysql_user: state=present user={{ mysql_app_user }} password={{ mysql_app_pass }} priv=*.*:ALL host={{ mysql_host }} run_once: yes - name: Create Shibboleth user mysql_user: state=present user={{ mysql_shib_user }} password={{ mysql_shib_pass }} priv={{ mysql_shib_db }}.*:ALL host={{ mysql_host }} run_once: yes # Shibboleth database - name: Copy Shibboleth db schema copy: src: "install_shib.sql" dest: "/tmp/install_shib.sql" run_once: yes - name: Create Shibboleth db mysql_db: name: "{{ mysql_shib_db }}" run_once: yes - name: Check if Shibboleth tables exist shell: "mysql {{ mysql_shib_db }} -e 'show tables' | grep strings" register: tablestatus ignore_errors: yes run_once: yes - name: Populate Shibboleth db mysql_db: name: "{{ mysql_shib_db }}" target: /tmp/install_shib.sql state: import when: "'{{ inventory_hostname }}' == '{{ groups.dbs[0] }}' and tablestatus.rc != 0" diff --git a/roles/mariadb/templates/mariadb.service b/roles/mariadb/templates/mariadb.service new file mode 100644 index 0000000..bc64732 --- /dev/null +++ b/roles/mariadb/templates/mariadb.service @@ -0,0 +1,20 @@ +[Unit] +Description=MariaDB database server +After=syslog.target +After=network.target + +[Service] +Type=simple +User=mysql +Group=mysql +LimitNOFILE=100000 # c4science custo + +ExecStartPre=/usr/libexec/mariadb-prepare-db-dir %n +ExecStart=/usr/bin/mysqld_safe --basedir=/usr +ExecStartPost=/usr/libexec/mariadb-wait-ready $MAINPID +TimeoutSec=300 +PrivateTmp=true + +[Install] +WantedBy=multi-user.target +