diff options
| author | mh <mh@immerda.ch> | 2012-12-09 15:52:34 +0100 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2012-12-09 15:52:34 +0100 |
| commit | de7cb43faa01ea83dce6e2ad433694b0d000832c (patch) | |
| tree | 36d581871482647b84b2c186a0ac7ae3bd671673 | |
| parent | 828d52e667a99432d55ee36f52b3430ca699a3a6 (diff) | |
fix dependency issues
| -rw-r--r-- | manifests/admin_user.pp | 22 | ||||
| -rw-r--r-- | manifests/default_database.pp | 32 | ||||
| -rw-r--r-- | manifests/server/account_security.pp | 10 | ||||
| -rw-r--r-- | manifests/server/base.pp | 2 | ||||
| -rw-r--r-- | manifests/server/munin/default.pp | 11 |
5 files changed, 39 insertions, 38 deletions
diff --git a/manifests/admin_user.pp b/manifests/admin_user.pp index 52d01fc..66e0cc1 100644 --- a/manifests/admin_user.pp +++ b/manifests/admin_user.pp @@ -1,17 +1,21 @@ +# add an admin user that has +# access to all databases define mysql::admin_user( + $password, $ensure = present, - $host = '127.0.0.1', - $password + $host = '127.0.0.1' ){ + $password_hash = $password ? { + 'trocla' => trocla("mysql_admin-user_${name}",'mysql'), + default => $password, + } mysql_user{"${name}@${host}": - ensure => $ensure, - password_hash => $password ? { - 'trocla' => trocla("mysql_admin-user_${name}",'mysql'), - default => $password, - }, + ensure => $ensure, + password_hash => $password_hash, + require => Exec['mysql_set_rootpw'], } mysql_grant{"${name}@${host}": - privileges => 'all', - require => Mysql_user["${name}@${host}"], + privileges => 'all', + require => Mysql_user["${name}@${host}"], } } diff --git a/manifests/default_database.pp b/manifests/default_database.pp index cfa1132..0afc542 100644 --- a/manifests/default_database.pp +++ b/manifests/default_database.pp @@ -12,38 +12,38 @@ define mysql::default_database( default => $username } mysql_database{$name: - ensure => $ensure + ensure => $ensure } if $password == 'absent' and $ensure != 'absent' { info("we don't create the user for database: ${name}") - $grant_require = Mysql_database[$name] + $grant_require = [ Mysql_database[$name], Exec['mysql_set_rootpw'] ] } else { mysql_user{"${real_username}@${host}": - ensure => $ensure, - require => [ - Mysql_database[$name] - ], + ensure => $ensure, + require => Mysql_database[$name], } $grant_require = [ Mysql_database[$name], - Mysql_user["${real_username}@${host}"] + Mysql_user["${real_username}@${host}"], + Exec['mysql_set_rootpw'] ] if $ensure == 'present' { - Mysql_user["${real_username}@${host}"]{ - password_hash => $password ? { - 'trocla' => trocla("mysql_${real_username}",'mysql'), - default => $password_is_encrypted ? { - true => $password, - default => mysql_password("$password") + $password_hash = $password ? { + 'trocla' => trocla("mysql_${real_username}",'mysql'), + default => $password_is_encrypted ? { + true => $password, + default => mysql_password($password) }, - }, + } + Mysql_user["${real_username}@${host}"]{ + password_hash => $password_hash } } } if $ensure == 'present' { mysql_grant{"${real_username}@${host}/${name}": - privileges => $privileges, - require => $grant_require, + privileges => $privileges, + require => $grant_require, } } } diff --git a/manifests/server/account_security.pp b/manifests/server/account_security.pp index b5d75ca..a17f0b3 100644 --- a/manifests/server/account_security.pp +++ b/manifests/server/account_security.pp @@ -1,8 +1,8 @@ +# some installations have some default users which are not required. +# We remove them here. You can subclass this class to overwrite this behavior. class mysql::server::account_security { - # some installations have some default users which are not required. - # We remove them here. You can subclass this class to overwrite this behavior. - mysql_user{ [ "root@${::fqdn}", "root@127.0.0.1", "@${::fqdn}", "@localhost", "@%" ]: - ensure => 'absent', - require => Service['mysql'], + mysql_user{ [ "root@${::fqdn}", 'root@127.0.0.1', "@${::fqdn}", '@localhost', '@%' ]: + ensure => 'absent', + require => Exec['mysql_set_rootpw'], } } diff --git a/manifests/server/base.pp b/manifests/server/base.pp index 0709a54..23d2f35 100644 --- a/manifests/server/base.pp +++ b/manifests/server/base.pp @@ -58,7 +58,7 @@ class mysql::server::base { exec { 'mysql_set_rootpw': command => '/usr/local/sbin/setmysqlpass.sh', unless => 'mysqladmin -uroot status > /dev/null', - require => [ File['mysql_setmysqlpass.sh'], Package['mysql-server'] ], + require => [ File['mysql_setmysqlpass.sh'], Service['mysql'] ], refreshonly => true, } diff --git a/manifests/server/munin/default.pp b/manifests/server/munin/default.pp index 04902b2..acdaabb 100644 --- a/manifests/server/munin/default.pp +++ b/manifests/server/munin/default.pp @@ -2,27 +2,24 @@ class mysql::server::munin::default { mysql_user{'munin@localhost': password_hash => trocla("mysql_munin_${::fqdn}",'mysql','length: 32'), - require => Package['mysql'], + require => Exec['mysql_set_rootpw'], } mysql_grant{'munin@localhost': privileges => 'select_priv', - require => [ Mysql_user['munin@localhost'], Package['mysql'] ], + require => Mysql_user['munin@localhost'], } $munin_mysql_password = trocla("mysql_munin_${::fqdn}",'plain', 'length: 32') munin::plugin { [mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads]: config => "env.mysqlopts --user=munin --password='${munin_mysql_password}' -h localhost", - require => [ Mysql_grant['munin@localhost'], Mysql_user['munin@localhost'], Package['mysql'] ] + require => Mysql_grant['munin@localhost'], } Munin::Plugin::Deploy{ config => "env.mysqlopts --user=munin --password='${munin_mysql_password}' -h localhost", - require => - [ Mysql_grant['munin@localhost'], - Mysql_user['munin@localhost'], - Package['mysql'] ] + require => Mysql_grant['munin@localhost'], } munin::plugin::deploy{ 'mysql_connections': |