summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--files/backup/CentOS/mysql_backup.cron1
l---------files/backup/mysql_backup.cron1
-rw-r--r--files/config/CentOS/my.cnf16
-rw-r--r--files/config/CentOS/setmysqlpass.sh13
-rw-r--r--files/config/Gentoo/my.cnf146
l---------files/config/my.cnf1
-rw-r--r--manifests/init.pp110
-rw-r--r--manifests/munin.pp22
-rw-r--r--manifests/selinux.pp2
-rw-r--r--templates/root/my.cnf.erb4
10 files changed, 299 insertions, 17 deletions
diff --git a/files/backup/CentOS/mysql_backup.cron b/files/backup/CentOS/mysql_backup.cron
new file mode 100644
index 0000000..fed14fb
--- /dev/null
+++ b/files/backup/CentOS/mysql_backup.cron
@@ -0,0 +1 @@
+00 01 * * * root /usr/bin/mysqldump --all-databases --all | gzip > /var/lib/mysql/mysqldump.sql.gz && chmod 600 /var/lib/mysql/mysqldump.sql.gz
diff --git a/files/backup/mysql_backup.cron b/files/backup/mysql_backup.cron
new file mode 120000
index 0000000..7241624
--- /dev/null
+++ b/files/backup/mysql_backup.cron
@@ -0,0 +1 @@
+CentOS/mysql_backup.cron \ No newline at end of file
diff --git a/files/config/CentOS/my.cnf b/files/config/CentOS/my.cnf
new file mode 100644
index 0000000..6d3efc6
--- /dev/null
+++ b/files/config/CentOS/my.cnf
@@ -0,0 +1,16 @@
+[mysqld]
+datadir=/var/lib/mysql
+socket=/var/lib/mysql/mysql.sock
+# Default to using old password format for compatibility with mysql 3.x
+# clients (those using the mysqlclient10 compatibility package).
+old_passwords=0
+
+bind-address=127.0.0.1
+
+[mysql.server]
+user=mysql
+basedir=/var/lib
+
+[mysqld_safe]
+log-error=/var/log/mysqld.log
+pid-file=/var/run/mysqld/mysqld.pid
diff --git a/files/config/CentOS/setmysqlpass.sh b/files/config/CentOS/setmysqlpass.sh
new file mode 100644
index 0000000..8199292
--- /dev/null
+++ b/files/config/CentOS/setmysqlpass.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+test $# -gt 0 || exit 1
+
+/sbin/service mysqld stop
+
+/usr/libexec/mysqld --skip-grant-tables --user=root &
+sleep 5
+echo "USE mysql; UPDATE user SET Password=PASSWORD('$1') WHERE User='root' AND Host='localhost';" | mysql -u root
+killall mysqld
+
+/sbin/service mysqld start
+
diff --git a/files/config/Gentoo/my.cnf b/files/config/Gentoo/my.cnf
new file mode 100644
index 0000000..b51ec21
--- /dev/null
+++ b/files/config/Gentoo/my.cnf
@@ -0,0 +1,146 @@
+# /etc/mysql/my.cnf: The global mysql configuration file.
+# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-4.1,v 1.3 2006/05/05 19:51:40 chtekk Exp $
+
+# The following options will be passed to all MySQL clients
+[client]
+#password = your_password
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+
+[mysql]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqladmin]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqlcheck]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqldump]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqlimport]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqlshow]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[myisamchk]
+character-sets-dir=/usr/share/mysql/charsets
+
+[myisampack]
+character-sets-dir=/usr/share/mysql/charsets
+
+# use [safe_mysqld] with mysql-3
+[mysqld_safe]
+err-log = /var/log/mysql/mysql.err
+
+# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations
+[mysqld]
+character-set-server = utf8
+default-character-set = utf8
+user = mysql
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+pid-file = /var/run/mysqld/mysqld.pid
+log-error = /var/log/mysql/mysqld.err
+basedir = /usr
+datadir = /var/lib/mysql
+skip-locking
+key_buffer = 16M
+max_allowed_packet = 1M
+table_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+language = /usr/share/mysql/english
+
+# security:
+# using "localhost" in connects uses sockets by default
+# skip-networking
+bind-address = 127.0.0.1
+
+log-bin
+server-id = 1
+
+# point the following paths to different dedicated disks
+tmpdir = /tmp/
+#log-update = /path-to-dedicated-directory/hostname
+
+# you need the debug USE flag enabled to use the following directives,
+# if needed, uncomment them, start the server and issue
+# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace
+# this will show you *exactly* what's happening in your server ;)
+
+#log = /tmp/mysqld.sql
+#gdb
+#debug = d:t:i:o,/tmp/mysqld.trace
+#one-thread
+
+# uncomment the following directives if you are using BDB tables
+#bdb_cache_size = 4M
+#bdb_max_lock = 10000
+
+# the following is the InnoDB configuration
+# if you wish to disable innodb instead
+# uncomment just the next line
+#skip-innodb
+#
+# the rest of the innodb config follows:
+# don't eat too much memory, we're trying to be safe on 64Mb boxes
+# you might want to bump this up a bit on boxes with more RAM
+innodb_buffer_pool_size = 16M
+# this is the default, increase it if you have lots of tables
+innodb_additional_mem_pool_size = 2M
+#
+# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-(
+# and upstream wants things to be under /var/lib/mysql/, so that's the route
+# we have to take for the moment
+#innodb_data_home_dir = /var/lib/mysql/
+#innodb_log_arch_dir = /var/lib/mysql/
+#innodb_log_group_home_dir = /var/lib/mysql/
+# you may wish to change this size to be more suitable for your system
+# the max is there to avoid run-away growth on your machine
+innodb_data_file_path = ibdata1:10M:autoextend:max:128M
+# we keep this at around 25% of of innodb_buffer_pool_size
+# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size)
+innodb_log_file_size = 5M
+# this is the default, increase it if you have very large transactions going on
+innodb_log_buffer_size = 8M
+# this is the default and won't hurt you
+# you shouldn't need to tweak it
+set-variable = innodb_log_files_in_group=2
+# see the innodb config docs, the other options are not always safe
+innodb_flush_log_at_trx_commit = 1
+innodb_lock_wait_timeout = 50
+
+[mysqldump]
+quick
+max_allowed_packet = 16M
+
+[mysql]
+# uncomment the next directive if you are not familiar with SQL
+#safe-updates
+
+[isamchk]
+key_buffer = 20M
+sort_buffer_size = 20M
+read_buffer = 2M
+write_buffer = 2M
+
+[myisamchk]
+key_buffer = 20M
+sort_buffer_size = 20M
+read_buffer = 2M
+write_buffer = 2M
+
+[mysqlhotcopy]
+interactive-timeout
diff --git a/files/config/my.cnf b/files/config/my.cnf
new file mode 120000
index 0000000..2892fbd
--- /dev/null
+++ b/files/config/my.cnf
@@ -0,0 +1 @@
+CentOS/my.cnf \ No newline at end of file
diff --git a/manifests/init.pp b/manifests/init.pp
index d21176a..fee8219 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,57 +1,135 @@
-# mysql.pp
+#
+# mysql module
+#
# Copyright (C) 2007 David Schmitt <david@schmitt.edv-bus.at>
-# See LICENSE for the full license granted to you.
-# changed by immerda project group (admin(at)immerda.ch)
+# Copyright 2008, admin(at)immerda.ch
+# Copyright 2008, Puzzle ITC GmbH
+# Marcel Härry haerry+puppet(at)puzzle.ch
+# Simon Josi josi+puppet(at)puzzle.ch
+#
+# This program is free software; you can redistribute
+# it and/or modify it under the terms of the GNU
+# General Public License version 3 as published by
+# the Free Software Foundation.
+#
+
+# modules_dir { "mysql": }
class mysql::server {
case $operatingsystem {
gentoo: { include mysql::server::gentoo }
+ centos: { include mysql::server::centos }
default: { include mysql::server::base }
}
if $selinux {
include mysql::selinux
}
+
+ if $use_munin {
+ include mysql::munin
+ }
}
class mysql::server::base {
- package { mysql:
+
+ package { mysql-server:
ensure => present,
}
- file{
- "/etc/mysql/my.cnf":
+ file{'/etc/mysql/my.cnf':
source => [
"puppet://$server/files/mysql/${fqdn}/my.cnf",
"puppet://$server/files/mysql/my.cnf",
- "puppet://$server/mysql/my.cnf"
+ "puppet://$server/mysql/config/${operatingsystem}/my.cnf",
+ "puppet://$server/mysql/config/my.cnf"
],
ensure => file,
- owner => root,
- group => 0,
- mode => 0444,
- require => Package[mysql],
+ require => Package[mysql-server],
notify => Service[mysql],
+ owner => root, group => 0, mode => 0644;
+ }
+
+ case $mysql_rootpw {
+ '': { fail("You need to define a mysql root password! Please set \$mysql_rootpw in your site.pp or host config") }
+ }
+
+ file{'/opt/bin/setmysqlpass.sh':
+ source => "puppet://$server/mysql/config/${operatingsystem}/setmysqlpass.sh",
+ require => Package[mysql-server],
+ owner => root, group => 0, mode => 0500;
+ }
+
+ file {'/root/.my.cnf':
+ content => template('mysql/root/my.cnf.erb'),
+ require => [ Package[mysql-server] ],
+ owner => root, group => 0, mode => 0400;
+ }
+
+ exec{'set_mysql_rootpw':
+ command => "/opt/bin/setmysqlpass.sh $mysql_rootpw",
+ unless => "mysqladmin -uroot status > /dev/null",
+ require => [ File['/opt/bin/setmysqlpass.sh'], Package[mysql-server] ],
}
- service { mysql:
+ file{'/etc/cron.d/mysql_backup.cron':
+ source => [ "puppet://$server/mysql/backup/${operatingsystem}/mysql_backup.cron",
+ "puppet://$server/mysql/backup/mysql_backup.cron" ],
+ require => [ Exec[set_mysql_rootpw], File['/root/.my.cnf'] ],
+ owner => root, group => 0, mode => 0600;
+ }
+
+ service {mysql:
ensure => running,
+ enable => true,
hasstatus => true,
require => Package[mysql],
}
munin::plugin {
[mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads]:
+ require => [ Package[mysql-server], Exec['set_mysql_rootpw'] ],
}
# Collect all databases and users
- Mysql_database<<||>>
- Mysql_user<<||>>
- Mysql_grant<<||>>
+ Mysql_database<<| tag == "mysql_${fqdn}" |>>
+ Mysql_user<<| tag == "mysql_${fqdn}" |>>
+ Mysql_grant<<| tag == "mysql_${fqdn}" |>>
}
class mysql::server::gentoo inherits mysql::server::base {
- Package[mysql] {
+ Package[mysql-server] {
+ alias => 'mysql',
category => 'dev-db',
}
}
+
+class mysql::server::clientpackage inherits mysql::server::base {
+ package{mysql:
+ ensure => present,
+ }
+
+ File['/opt/bin/setmysqlpass.sh']{
+ require +> Package[mysql],
+ }
+
+ File['/root/.my.cnf']{
+ require +> Package[mysql],
+ }
+
+ Exec['set_mysql_rootpw']{
+ require +> Package[mysql],
+ }
+ File['/etc/cron.d/mysql_backup.cron']{
+ require +> Package[mysql],
+ }
+}
+
+class mysql::server::centos inherits mysql::server::clientpackage {
+ Service[mysql]{
+ name => 'mysqld',
+ }
+ File['/etc/mysql/my.cnf']{
+ path => '/etc/my.cnf',
+ }
+}
diff --git a/manifests/munin.pp b/manifests/munin.pp
new file mode 100644
index 0000000..a7a862e
--- /dev/null
+++ b/manifests/munin.pp
@@ -0,0 +1,22 @@
+# manifests/munin.pp
+
+class mysql::munin {
+ case $munin_mysql_password {
+ '': { fail("please specify \$munin_mysql_password to enable mysql munin plugin")}
+ }
+
+ mysql_user{'munin@localhost':
+ password_hash => mysql_password("$munin_mysql_password"),
+ }
+
+ mysql_grant{'munin@localhost':
+ privileges => 'select_priv',
+ require => Mysql_user['munin@localhost'],
+ }
+
+ munin::plugin {
+ [mysql_bytes, mysql_queries, mysql_slowqueries, mysql_threads]:
+ config => "env.mysqlopts --user=munin --password=\"${munin_mysql_password}\" -h localhost",
+ require => [ Mysql_grant['munin@localhost'], Mysql_user['munin@localhost'] ]
+ }
+}
diff --git a/manifests/selinux.pp b/manifests/selinux.pp
index 14115c7..1ec2e03 100644
--- a/manifests/selinux.pp
+++ b/manifests/selinux.pp
@@ -12,5 +12,5 @@ class mysql::selinux::gentoo {
category => 'sec-policy',
require => Package[mysql],
}
- selinux::loadmodule {"mysql": }
+ selinux::loadmodule {'mysql': }
}
diff --git a/templates/root/my.cnf.erb b/templates/root/my.cnf.erb
new file mode 100644
index 0000000..7800843
--- /dev/null
+++ b/templates/root/my.cnf.erb
@@ -0,0 +1,4 @@
+[client]
+user=root
+host=localhost
+password=<%= mysql_rootpw %>