summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--files/scripts/optimize_tables.rb4
-rw-r--r--lib/facter/mysql.rb5
-rw-r--r--lib/puppet/provider/mysql_database/mysql.rb100
-rw-r--r--lib/puppet/provider/mysql_grant/mysql.rb280
-rw-r--r--lib/puppet/provider/mysql_user/mysql.rb118
-rw-r--r--lib/puppet/type/mysql_database.rb15
-rw-r--r--lib/puppet/type/mysql_grant.rb134
-rw-r--r--lib/puppet/type/mysql_user.rb3
-rw-r--r--manifests/default_database.pp45
-rw-r--r--manifests/server.pp9
-rw-r--r--manifests/server/base.pp20
-rw-r--r--manifests/server/cron.pp2
-rw-r--r--manifests/server/cron/backup.pp19
-rw-r--r--manifests/server/cron/optimize.pp6
14 files changed, 406 insertions, 354 deletions
diff --git a/files/scripts/optimize_tables.rb b/files/scripts/optimize_tables.rb
index 52e726e..46e223e 100644
--- a/files/scripts/optimize_tables.rb
+++ b/files/scripts/optimize_tables.rb
@@ -5,8 +5,8 @@ ENV['HOME'] = '/root'
tables = %x{mysql -Bse "SELECT TABLE_SCHEMA,TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema','mysql') AND Data_free > 0 AND ENGINE IN ('MyISAM','InnoDB','ARCHIVE')"}
tables.each { |table|
tableitems = table.chomp.split(/\t/)
- system "mysql #{tableitems[0]} -Bse \"OPTIMIZE TABLE #{tableitems[1]}\" | grep -q OK"
+ system "mysql #{tableitems[0]} -Bse \"OPTIMIZE TABLE \\`#{tableitems[0]}\\`.\\`#{tableitems[1]}\\`\" | grep -q OK"
if $?.to_i > 0 then
- puts "error while optimizing #{tableitems[0]}. #{tableitems[1]}"
+ puts "error while optimizing #{tableitems[0]}.#{tableitems[1]}"
end
}
diff --git a/lib/facter/mysql.rb b/lib/facter/mysql.rb
index e262ec1..d08dabe 100644
--- a/lib/facter/mysql.rb
+++ b/lib/facter/mysql.rb
@@ -1,8 +1,5 @@
Facter.add("mysql_exists") do
- ENV["PATH"]="/bin:/sbin:/usr/bin:/usr/sbin"
-
setcode do
- mysqlexists = system "which mysql > /dev/null 2>&1"
- ($?.exitstatus == 0)
+ File.exist? '/usr/bin/mysql'
end
end
diff --git a/lib/puppet/provider/mysql_database/mysql.rb b/lib/puppet/provider/mysql_database/mysql.rb
index 2b70e04..18b0a5a 100644
--- a/lib/puppet/provider/mysql_database/mysql.rb
+++ b/lib/puppet/provider/mysql_database/mysql.rb
@@ -1,55 +1,55 @@
require 'puppet/provider/package'
Puppet::Type.type(:mysql_database).provide(:mysql,
- :parent => Puppet::Provider::Package) do
-
- desc "Use mysql as database."
- commands :mysqladmin => '/usr/bin/mysqladmin'
- commands :mysql => '/usr/bin/mysql'
-
- # retrieve the current set of mysql users
- def self.instances
- dbs = []
-
- cmd = "#{command(:mysql)} mysql -NBe 'show databases'"
- execpipe(cmd) do |process|
- process.each do |line|
- dbs << new( { :ensure => :present, :name => line.chomp } )
- end
- end
- return dbs
- end
-
- def query
- result = {
- :name => @resource[:name],
- :ensure => :absent
- }
-
- cmd = "#{command(:mysql)} mysql -NBe 'show databases'"
- execpipe(cmd) do |process|
- process.each do |line|
- if line.chomp.eql?(@resource[:name])
- result[:ensure] = :present
- end
- end
- end
- result
- end
-
- def create
- mysqladmin "create", @resource[:name]
- end
- def destroy
- mysqladmin "-f", "drop", @resource[:name]
- end
-
- def exists?
- if mysql("mysql", "-NBe", "show databases").match(/^#{@resource[:name]}$/)
- true
- else
- false
- end
- end
+ :parent => Puppet::Provider::Package) do
+
+ desc "Use mysql as database."
+ commands :mysqladmin => '/usr/bin/mysqladmin'
+ commands :mysql => '/usr/bin/mysql'
+
+ # retrieve the current set of mysql users
+ def self.instances
+ dbs = []
+
+ cmd = "#{command(:mysql)} mysql -NBe 'show databases'"
+ execpipe(cmd) do |process|
+ process.each do |line|
+ dbs << new( { :ensure => :present, :name => line.chomp } )
+ end
+ end
+ return dbs
+ end
+
+ def query
+ result = {
+ :name => @resource[:name],
+ :ensure => :absent
+ }
+
+ cmd = "#{command(:mysql)} mysql -NBe 'show databases'"
+ execpipe(cmd) do |process|
+ process.each do |line|
+ if line.chomp.eql?(@resource[:name])
+ result[:ensure] = :present
+ end
+ end
+ end
+ result
+ end
+
+ def create
+ mysqladmin "create", @resource[:name]
+ end
+ def destroy
+ mysqladmin "-f", "drop", @resource[:name]
+ end
+
+ def exists?
+ if mysql("mysql", "-NBe", "show databases").match(/^#{@resource[:name]}$/)
+ true
+ else
+ false
+ end
+ end
end
diff --git a/lib/puppet/provider/mysql_grant/mysql.rb b/lib/puppet/provider/mysql_grant/mysql.rb
index 61c32d9..2c44e0b 100644
--- a/lib/puppet/provider/mysql_grant/mysql.rb
+++ b/lib/puppet/provider/mysql_grant/mysql.rb
@@ -1,155 +1,155 @@
# A grant is either global or per-db. This can be distinguished by the syntax
# of the name:
-# user@host => global
-# user@host/db => per-db
+# user@host => global
+# user@host/db => per-db
require 'puppet/provider/package'
MYSQL_USER_PRIVS = [ :select_priv, :insert_priv, :update_priv, :delete_priv,
- :create_priv, :drop_priv, :reload_priv, :shutdown_priv, :process_priv,
- :file_priv, :grant_priv, :references_priv, :index_priv, :alter_priv,
- :show_db_priv, :super_priv, :create_tmp_table_priv, :lock_tables_priv,
- :execute_priv, :repl_slave_priv, :repl_client_priv, :create_view_priv,
- :show_view_priv, :create_routine_priv, :alter_routine_priv,
- :create_user_priv
+ :create_priv, :drop_priv, :reload_priv, :shutdown_priv, :process_priv,
+ :file_priv, :grant_priv, :references_priv, :index_priv, :alter_priv,
+ :show_db_priv, :super_priv, :create_tmp_table_priv, :lock_tables_priv,
+ :execute_priv, :repl_slave_priv, :repl_client_priv, :create_view_priv,
+ :show_view_priv, :create_routine_priv, :alter_routine_priv,
+ :create_user_priv
]
MYSQL_DB_PRIVS = [ :select_priv, :insert_priv, :update_priv, :delete_priv,
- :create_priv, :drop_priv, :grant_priv, :references_priv, :index_priv,
- :alter_priv, :create_tmp_table_priv, :lock_tables_priv, :create_view_priv,
- :show_view_priv, :create_routine_priv, :alter_routine_priv, :execute_priv
+ :create_priv, :drop_priv, :grant_priv, :references_priv, :index_priv,
+ :alter_priv, :create_tmp_table_priv, :lock_tables_priv, :create_view_priv,
+ :show_view_priv, :create_routine_priv, :alter_routine_priv, :execute_priv
]
Puppet::Type.type(:mysql_grant).provide(:mysql) do
- desc "Uses mysql as database."
-
- commands :mysql => '/usr/bin/mysql'
- commands :mysqladmin => '/usr/bin/mysqladmin'
-
- def mysql_flush
- mysqladmin "flush-privileges"
- end
-
- # this parses the
- def split_name(string)
- matches = /^([^@]*)@([^\/]*)(\/(.*))?$/.match(string).captures.compact
- case matches.length
- when 2
- {
- :type => :user,
- :user => matches[0],
- :host => matches[1]
- }
- when 4
- {
- :type => :db,
- :user => matches[0],
- :host => matches[1],
- :db => matches[3]
- }
- end
- end
-
- def create_row
- unless @resource.should(:privileges).empty?
- name = split_name(@resource[:name])
- case name[:type]
- when :user
- mysql "mysql", "-e", "INSERT INTO user (host, user) VALUES ('%s', '%s')" % [
- name[:host], name[:user],
- ]
- when :db
- mysql "mysql", "-e", "INSERT INTO db (host, user, db) VALUES ('%s', '%s', '%s')" % [
- name[:host], name[:user], name[:db],
- ]
- end
- mysql_flush
- end
- end
-
- def destroy
- mysql "mysql", "-e", "REVOKE ALL ON '%s'.* FROM '%s@%s'" % [ @resource[:privileges], @resource[:database], @resource[:name], @resource[:host] ]
- end
-
- def row_exists?
- name = split_name(@resource[:name])
- fields = [:user, :host]
- if name[:type] == :db
- fields << :db
- end
- not mysql( "mysql", "-NBe", 'SELECT "1" FROM %s WHERE %s' % [ name[:type], fields.map do |f| "%s = '%s'" % [f, name[f]] end.join(' AND ')]).empty?
- end
-
- def all_privs_set?
- all_privs = case split_name(@resource[:name])[:type]
- when :user
- MYSQL_USER_PRIVS
- when :db
- MYSQL_DB_PRIVS
- end
- all_privs = all_privs.collect do |p| p.to_s end.sort.join("|")
- privs = privileges.collect do |p| p.to_s end.sort.join("|")
-
- all_privs == privs
- end
-
- def privileges
- name = split_name(@resource[:name])
- privs = ""
-
- case name[:type]
- when :user
- privs = mysql "mysql", "-Be", 'select * from user where user="%s" and host="%s"' % [ name[:user], name[:host] ]
- when :db
- privs = mysql "mysql", "-Be", 'select * from db where user="%s" and host="%s" and db="%s"' % [ name[:user], name[:host], name[:db] ]
- end
-
- if privs.match(/^$/)
- privs = [] # no result, no privs
- else
- # returns a line with field names and a line with values, each tab-separated
- privs = privs.split(/\n/).map! do |l| l.chomp.split(/\t/) end
- # transpose the lines, so we have key/value pairs
- privs = privs[0].zip(privs[1])
- privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end
- end
-
- privs.collect do |p| symbolize(p[0].downcase) end
- end
-
- def privileges=(privs)
- unless row_exists?
- create_row
- end
-
- # puts "Setting privs: ", privs.join(", ")
- name = split_name(@resource[:name])
- stmt = ''
- where = ''
- all_privs = []
- case name[:type]
- when :user
- stmt = 'update user set '
- where = ' where user="%s" and host="%s"' % [ name[:user], name[:host] ]
- all_privs = MYSQL_USER_PRIVS
- when :db
- stmt = 'update db set '
- where = ' where user="%s" and host="%s"' % [ name[:user], name[:host] ]
- all_privs = MYSQL_DB_PRIVS
- end
-
- if privs[0] == :all
- privs = all_privs
- end
-
- # puts "stmt:", stmt
- set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p) ? 'Y' : 'N'] end.join(', ')
- # puts "set:", set
- stmt = stmt << set << where
-
- mysql "mysql", "-Be", stmt
- mysql_flush
- end
+ desc "Uses mysql as database."
+
+ commands :mysql => '/usr/bin/mysql'
+ commands :mysqladmin => '/usr/bin/mysqladmin'
+
+ def mysql_flush
+ mysqladmin "flush-privileges"
+ end
+
+ # this parses the
+ def split_name(string)
+ matches = /^([^@]*)@([^\/]*)(\/(.*))?$/.match(string).captures.compact
+ case matches.length
+ when 2
+ {
+ :type => :user,
+ :user => matches[0],
+ :host => matches[1]
+ }
+ when 4
+ {
+ :type => :db,
+ :user => matches[0],
+ :host => matches[1],
+ :db => matches[3]
+ }
+ end
+ end
+
+ def create_row
+ unless @resource.should(:privileges).empty?
+ name = split_name(@resource[:name])
+ case name[:type]
+ when :user
+ mysql "mysql", "-e", "INSERT INTO user (host, user) VALUES ('%s', '%s')" % [
+ name[:host], name[:user],
+ ]
+ when :db
+ mysql "mysql", "-e", "INSERT INTO db (host, user, db) VALUES ('%s', '%s', '%s')" % [
+ name[:host], name[:user], name[:db],
+ ]
+ end
+ mysql_flush
+ end
+ end
+
+ def destroy
+ mysql "mysql", "-e", "REVOKE ALL ON '%s'.* FROM '%s@%s'" % [ @resource[:privileges], @resource[:database], @resource[:name], @resource[:host] ]
+ end
+
+ def row_exists?
+ name = split_name(@resource[:name])
+ fields = [:user, :host]
+ if name[:type] == :db
+ fields << :db
+ end
+ not mysql( "mysql", "-NBe", 'SELECT "1" FROM %s WHERE %s' % [ name[:type], fields.map do |f| "%s = '%s'" % [f, name[f]] end.join(' AND ')]).empty?
+ end
+
+ def all_privs_set?
+ all_privs = case split_name(@resource[:name])[:type]
+ when :user
+ MYSQL_USER_PRIVS
+ when :db
+ MYSQL_DB_PRIVS
+ end
+ all_privs = all_privs.collect do |p| p.to_s end.sort.join("|")
+ privs = privileges.collect do |p| p.to_s end.sort.join("|")
+
+ all_privs == privs
+ end
+
+ def privileges
+ name = split_name(@resource[:name])
+ privs = ""
+
+ case name[:type]
+ when :user
+ privs = mysql "mysql", "-Be", 'select * from user where user="%s" and host="%s"' % [ name[:user], name[:host] ]
+ when :db
+ privs = mysql "mysql", "-Be", 'select * from db where user="%s" and host="%s" and db="%s"' % [ name[:user], name[:host], name[:db] ]
+ end
+
+ if privs.match(/^$/)
+ privs = [] # no result, no privs
+ else
+ # returns a line with field names and a line with values, each tab-separated
+ privs = privs.split(/\n/).map! do |l| l.chomp.split(/\t/) end
+ # transpose the lines, so we have key/value pairs
+ privs = privs[0].zip(privs[1])
+ privs = privs.select do |p| p[0].match(/_priv$/) and p[1] == 'Y' end
+ end
+
+ privs.collect do |p| symbolize(p[0].downcase) end
+ end
+
+ def privileges=(privs)
+ unless row_exists?
+ create_row
+ end
+
+ # puts "Setting privs: ", privs.join(", ")
+ name = split_name(@resource[:name])
+ stmt = ''
+ where = ''
+ all_privs = []
+ case name[:type]
+ when :user
+ stmt = 'update user set '
+ where = ' where user="%s" and host="%s"' % [ name[:user], name[:host] ]
+ all_privs = MYSQL_USER_PRIVS
+ when :db
+ stmt = 'update db set '
+ where = ' where user="%s" and host="%s"' % [ name[:user], name[:host] ]
+ all_privs = MYSQL_DB_PRIVS
+ end
+
+ if privs[0] == :all
+ privs = all_privs
+ end
+
+ # puts "stmt:", stmt
+ set = all_privs.collect do |p| "%s = '%s'" % [p, privs.include?(p) ? 'Y' : 'N'] end.join(', ')
+ # puts "set:", set
+ stmt = stmt << set << where
+
+ mysql "mysql", "-Be", stmt
+ mysql_flush
+ end
end
diff --git a/lib/puppet/provider/mysql_user/mysql.rb b/lib/puppet/provider/mysql_user/mysql.rb
index adc46c3..e3908be 100644
--- a/lib/puppet/provider/mysql_user/mysql.rb
+++ b/lib/puppet/provider/mysql_user/mysql.rb
@@ -1,76 +1,76 @@
require 'puppet/provider/package'
Puppet::Type.type(:mysql_user).provide(:mysql,
- # T'is funny business, this code is quite generic
- :parent => Puppet::Provider::Package) do
+ # T'is funny business, this code is quite generic
+ :parent => Puppet::Provider::Package) do
- desc "Use mysql as database."
- commands :mysql => '/usr/bin/mysql'
- commands :mysqladmin => '/usr/bin/mysqladmin'
+ desc "Use mysql as database."
+ commands :mysql => '/usr/bin/mysql'
+ commands :mysqladmin => '/usr/bin/mysqladmin'
- # retrieve the current set of mysql users
- def self.instances
- users = []
+ # retrieve the current set of mysql users
+ def self.instances
+ users = []
- cmd = "#{command(:mysql)} mysql -NBe 'select concat(user, \"@\", host), password from user'"
- execpipe(cmd) do |process|
- process.each do |line|
- users << new( query_line_to_hash(line) )
- end
- end
- return users
- end
+ cmd = "#{command(:mysql)} mysql -NBe 'select concat(user, \"@\", host), password from user'"
+ execpipe(cmd) do |process|
+ process.each do |line|
+ users << new( query_line_to_hash(line) )
+ end
+ end
+ return users
+ end
- def self.query_line_to_hash(line)
- fields = line.chomp.split(/\t/)
- {
- :name => fields[0],
- :password_hash => fields[1],
- :ensure => :present
- }
- end
+ def self.query_line_to_hash(line)
+ fields = line.chomp.split(/\t/)
+ {
+ :name => fields[0],
+ :password_hash => fields[1],
+ :ensure => :present
+ }
+ end
- def mysql_flush
- mysqladmin "flush-privileges"
- end
+ def mysql_flush
+ mysqladmin "flush-privileges"
+ end
- def query
- result = {}
+ def query
+ result = {}
- cmd = "#{command(:mysql)} -NBe 'select concat(user, \"@\", host), password from user where concat(user, \"@\", host) = \"%s\"'" % @resource[:name]
- execpipe(cmd) do |process|
- process.each do |line|
- unless result.empty?
- raise Puppet::Error,
- "Got multiple results for user '%s'" % @resource[:name]
- end
- result = query_line_to_hash(line)
- end
- end
- result
- end
+ cmd = "#{command(:mysql)} -NBe 'select concat(user, \"@\", host), password from user where concat(user, \"@\", host) = \"%s\"'" % @resource[:name]
+ execpipe(cmd) do |process|
+ process.each do |line|
+ unless result.empty?
+ raise Puppet::Error,
+ "Got multiple results for user '%s'" % @resource[:name]
+ end
+ result = query_line_to_hash(line)
+ end
+ end
+ result
+ end
- def create
- mysql "mysql", "-e", "create user '%s' identified by PASSWORD '%s'" % [ @resource[:name].sub("@", "'@'"), @resource.should(:password_hash) ]
- mysql_flush
- end
+ def create
+ mysql "mysql", "-e", "create user '%s' identified by PASSWORD '%s'" % [ @resource[:name].sub("@", "'@'"), @resource.should(:password_hash) ]
+ mysql_flush
+ end
- def destroy
- mysql "mysql", "-e", "drop user '%s'" % @resource[:name].sub("@", "'@'")
- mysql_flush
- end
+ def destroy
+ mysql "mysql", "-e", "drop user '%s'" % @resource[:name].sub("@", "'@'")
+ mysql_flush
+ end
- def exists?
- not mysql("mysql", "-NBe", "select '1' from user where CONCAT(user, '@', host) = '%s'" % @resource[:name]).empty?
- end
+ def exists?
+ not mysql("mysql", "-NBe", "select '1' from user where CONCAT(user, '@', host) = '%s'" % @resource[:name]).empty?
+ end
- def password_hash
- @property_hash[:password_hash]
- end
+ def password_hash
+ @property_hash[:password_hash]
+ end
- def password_hash=(string)
- mysql "mysql", "-e", "SET PASSWORD FOR '%s' = '%s'" % [ @resource[:name].sub("@", "'@'"), string ]
- mysql_flush
- end
+ def password_hash=(string)
+ mysql "mysql", "-e", "SET PASSWORD FOR '%s' = '%s'" % [ @resource[:name].sub("@", "'@'"), string ]
+ mysql_flush
+ end
end
diff --git a/lib/puppet/type/mysql_database.rb b/lib/puppet/type/mysql_database.rb
index bb25ffa..0ba929f 100644
--- a/lib/puppet/type/mysql_database.rb
+++ b/lib/puppet/type/mysql_database.rb
@@ -1,11 +1,14 @@
# This has to be a separate type to enable collecting
Puppet::Type.newtype(:mysql_database) do
- @doc = "Manage a database."
- ensurable
- newparam(:name) do
- desc "The name of the database."
+ @doc = "Manage a database."
- # TODO: only [[:alnum:]_] allowed
- end
+ ensurable
+ autorequire(:service) { 'mysql' }
+
+ newparam(:name) do
+ desc "The name of the database."
+
+ # TODO: only [[:alnum:]_] allowed
+ end
end
diff --git a/lib/puppet/type/mysql_grant.rb b/lib/puppet/type/mysql_grant.rb
index 415f5aa..6bc7533 100644
--- a/lib/puppet/type/mysql_grant.rb
+++ b/lib/puppet/type/mysql_grant.rb
@@ -1,77 +1,79 @@
# This has to be a separate type to enable collecting
Puppet::Type.newtype(:mysql_grant) do
- @doc = "Manage a database user's rights."
- #ensurable
+ @doc = "Manage a database user's rights."
- autorequire :mysql_db do
- # puts "Starting db autoreq for %s" % self[:name]
- reqs = []
- matches = self[:name].match(/^([^@]+)@([^\/]+)\/(.+)$/)
- unless matches.nil?
- reqs << matches[3]
- end
- # puts "Autoreq: '%s'" % reqs.join(" ")
- reqs
- end
+ #ensurable
+ autorequire(:service) { 'mysqld' }
- autorequire :mysql_user do
- # puts "Starting user autoreq for %s" % self[:name]
- reqs = []
- matches = self[:name].match(/^([^@]+)@([^\/]+).*$/)
- unless matches.nil?
- reqs << "%s@%s" % [ matches[1], matches[2] ]
- end
- # puts "Autoreq: '%s'" % reqs.join(" ")
- reqs
- end
+ autorequire :mysql_db do
+ # puts "Starting db autoreq for %s" % self[:name]
+ reqs = []
+ matches = self[:name].match(/^([^@]+)@([^\/]+)\/(.+)$/)
+ unless matches.nil?
+ reqs << matches[3]
+ end
+ # puts "Autoreq: '%s'" % reqs.join(" ")
+ reqs
+ end
- newparam(:name) do
- desc "The primary key: either user@host for global privilges or user@host/database for database specific privileges"
- end
- newproperty(:privileges, :array_matching => :all) do
- desc "The privileges the user should have. The possible values are implementation dependent."
- munge do |v|
- symbolize(v)
- end
+ autorequire :mysql_user do
+ # puts "Starting user autoreq for %s" % self[:name]
+ reqs = []
+ matches = self[:name].match(/^([^@]+)@([^\/]+).*$/)
+ unless matches.nil?
+ reqs << "%s@%s" % [ matches[1], matches[2] ]
+ end
+ # puts "Autoreq: '%s'" % reqs.join(" ")
+ reqs
+ end
- def should_to_s(newvalue = @should)
- if newvalue
- unless newvalue.is_a?(Array)
- newvalue = [ newvalue ]
- end
- newvalue.collect do |v| v.to_s end.sort.join ", "
- else
- nil
- end
- end
+ newparam(:name) do
+ desc "The primary key: either user@host for global privilges or user@host/database for database specific privileges"
+ end
+ newproperty(:privileges, :array_matching => :all) do
+ desc "The privileges the user should have. The possible values are implementation dependent."
+ munge do |v|
+ symbolize(v)
+ end
- def is_to_s(currentvalue = @is)
- if currentvalue
- unless currentvalue.is_a?(Array)
- currentvalue = [ currentvalue ]
- end
- currentvalue.collect do |v| v.to_s end.sort.join ", "
- else
- nil
- end
- end
+ def should_to_s(newvalue = @should)
+ if newvalue
+ unless newvalue.is_a?(Array)
+ newvalue = [ newvalue ]
+ end
+ newvalue.collect do |v| v.to_s end.sort.join ", "
+ else
+ nil
+ end
+ end
- # use the sorted outputs for comparison
- def insync?(is)
- if defined? @should and @should
- case self.should_to_s
- when "all"
- self.provider.all_privs_set?
- when self.is_to_s(is)
- true
- else
- false
- end
- else
- true
- end
- end
+ def is_to_s(currentvalue = @is)
+ if currentvalue
+ unless currentvalue.is_a?(Array)
+ currentvalue = [ currentvalue ]
+ end
+ currentvalue.collect do |v| v.to_s end.sort.join ", "
+ else
+ nil
+ end
+ end
- end
+ # use the sorted outputs for comparison
+ def insync?(is)
+ if defined? @should and @should
+ case self.should_to_s
+ when "all"
+ self.provider.all_privs_set?
+ when self.is_to_s(is)
+ true
+ else
+ false
+ end
+ else
+ true
+ end
+ end
+
+ end
end
diff --git a/lib/puppet/type/mysql_user.rb b/lib/puppet/type/mysql_user.rb
index 55d97b6..0b7e9af 100644
--- a/lib/puppet/type/mysql_user.rb
+++ b/lib/puppet/type/mysql_user.rb
@@ -1,7 +1,10 @@
# This has to be a separate type to enable collecting
Puppet::Type.newtype(:mysql_user) do
@doc = "Manage a database user."
+
ensurable
+ autorequire(:service) { 'mysqld' }
+
newparam(:name) do
desc "The name of the user. This uses the 'username@hostname' form."
diff --git a/manifests/default_database.pp b/manifests/default_database.pp
new file mode 100644
index 0000000..1c99af5
--- /dev/null
+++ b/manifests/default_database.pp
@@ -0,0 +1,45 @@
+# create default database
+# generate hashed password with:
+# ruby -r'digest/sha1' -e 'puts "*" + Digest::SHA1.hexdigest(Digest::SHA1.digest(ARGV[0])).upcase' PASSWORD
+define mysql::default_database(
+ $username = 'absent',
+ $password,
+ $password_is_encrypted = true,
+ $privileges = 'all',
+ $host = '127.0.0.1',
+ $ensure = 'present'
+) {
+ $real_username = $username ? {
+ 'absent' => $name,
+ default => $username
+ }
+ mysql_database{"$name":
+ ensure => $ensure
+ }
+ case $password {
+ 'absent': {
+ info("we don't create the user for database: ${name}")
+ $grant_require = Mysql_database["$name"]
+ }
+ default: {
+ mysql_user{"${real_username}@${host}":
+ password_hash => $password_is_encrypted ? {
+ true => "$password",
+ default => mysql_password("$password")
+ },
+ ensure => $ensure,
+ require => [
+ Mysql_database["$name"]
+ ],
+ }
+ $grant_require = [
+ Mysql_database["$name"],
+ Mysql_user["${real_username}@${host}"]
+ ]
+ }
+ }
+ mysql_grant{"${real_username}@${host}/${name}":
+ privileges => "$privileges",
+ require => $grant_require,
+ }
+}
diff --git a/manifests/server.pp b/manifests/server.pp
index 51324b5..e6e5fac 100644
--- a/manifests/server.pp
+++ b/manifests/server.pp
@@ -1,9 +1,5 @@
class mysql::server {
- include common::moduledir
- $mysql_moduledir = "${common::moduledir::module_dir_path}/mysql"
- module_dir { ['mysql', 'mysql/server']: }
-
case $operatingsystem {
gentoo: { include mysql::server::gentoo }
centos: { include mysql::server::centos }
@@ -19,7 +15,10 @@ class mysql::server {
}
if $use_nagios {
- include mysql::server::nagios
+ case $nagios_check_mysql {
+ false: { info("We don't do nagioschecks for mysql on ${fqdn}" ) }
+ default: { include mysql::server::nagios }
+ }
}
if $use_shorewall {
diff --git a/manifests/server/base.pp b/manifests/server/base.pp
index 43ce158..b14fa86 100644
--- a/manifests/server/base.pp
+++ b/manifests/server/base.pp
@@ -5,13 +5,13 @@ class mysql::server::base {
file { 'mysql_main_cnf':
path => '/etc/mysql/my.cnf',
source => [
- "puppet://$server/modules/site-mysql/${fqdn}/my.cnf",
- "puppet://$server/modules/site-mysql/my.cnf.${operatingsystem}.{lsbdistcodename}",
- "puppet://$server/modules/site-mysql/my.cnf.${operatingsystem}",
- "puppet://$server/modules/site-mysql/my.cnf",
- "puppet://$server/modules/mysql/config/my.cnf.${operatingsystem}.{lsbdistcodename}",
- "puppet://$server/modules/mysql/config/my.cnf.${operatingsystem}",
- "puppet://$server/modules/mysql/config/my.cnf"
+ "puppet://modules/site-mysql/${fqdn}/my.cnf",
+ "puppet://modules/site-mysql/my.cnf.${operatingsystem}.{lsbdistcodename}",
+ "puppet://modules/site-mysql/my.cnf.${operatingsystem}",
+ "puppet://modules/site-mysql/my.cnf",
+ "puppet://modules/mysql/config/my.cnf.${operatingsystem}.{lsbdistcodename}",
+ "puppet://modules/mysql/config/my.cnf.${operatingsystem}",
+ "puppet://modules/mysql/config/my.cnf"
],
ensure => file,
require => Package['mysql-server'],
@@ -40,8 +40,8 @@ class mysql::server::base {
}
file { 'mysql_setmysqlpass.sh':
- path => "${mysql_moduledir}/server/setmysqlpass.sh",
- source => "puppet://${server}/modules/mysql/scripts/${operatingsystem}/setmysqlpass.sh",
+ path => '/usr/local/sbin/setmysqlpass.sh',
+ source => "puppet:///modules/mysql/scripts/${operatingsystem}/setmysqlpass.sh",
require => Package['mysql-server'],
owner => root, group => 0, mode => 0500;
}
@@ -55,7 +55,7 @@ class mysql::server::base {
}
exec { 'mysql_set_rootpw':
- command => "${mysql_moduledir}/server/setmysqlpass.sh ${mysql_rootpw}",
+ command => "/user/local/sbin/setmysqlpass.sh ${mysql_rootpw}",
unless => "mysqladmin -uroot status > /dev/null",
require => [ File['mysql_setmysqlpass.sh'], Package['mysql-server'] ],
refreshonly => true,
diff --git a/manifests/server/cron.pp b/manifests/server/cron.pp
deleted file mode 100644
index 36a7a1f..0000000
--- a/manifests/server/cron.pp
+++ /dev/null
@@ -1,2 +0,0 @@
-class mysql::server::cron {
-}
diff --git a/manifests/server/cron/backup.pp b/manifests/server/cron/backup.pp
index 33b8f0f..c1e84d1 100644
--- a/manifests/server/cron/backup.pp
+++ b/manifests/server/cron/backup.pp
@@ -5,18 +5,23 @@ class mysql::server::cron::backup {
default => $mysql_backup_dir,
}
- file { 'mysql_backup_dir':
- path => $real_mysql_backup_dir,
- source => "puppet://${server}/modules/common/empty",
- ensure => directory,
- owner => root, group => 0, mode => 0700,
+ case $mysql_manage_backup_dir {
+ false: { info("We don't manage \$mysql_backup_dir ($mysql_backup_dir)") }
+ default: {
+ file { 'mysql_backup_dir':
+ path => $real_mysql_backup_dir,
+ ensure => directory,
+ before => Cron['mysql_backup_cron'],
+ owner => root, group => 0, mode => 0700;
+ }
+ }
}
cron { 'mysql_backup_cron':
- command => '/usr/bin/mysqldump --default-character-set=utf8 --all-databases --all --flush-logs --lock-tables --single-transaction | gzip > ${real_mysql_backup_dir}/mysqldump.sql.gz && chmod 600 ${real_mysql_backup_dir}/mysqldump.sql.gz',
+ command => "/usr/bin/mysqldump --default-character-set=utf8 --all-databases --all --flush-logs --lock-tables --single-transaction | gzip > ${real_mysql_backup_dir}/mysqldump.sql.gz && chmod 600 ${real_mysql_backup_dir}/mysqldump.sql.gz",
user => 'root',
minute => 0,
hour => 1,
- require => [ Exec['mysql_set_rootpw'], File['mysql_root_cnf'], File['mysql_backup_dir'] ],
+ require => [ Exec['mysql_set_rootpw'], File['mysql_root_cnf'] ],
}
}
diff --git a/manifests/server/cron/optimize.pp b/manifests/server/cron/optimize.pp
index 29ee66e..c238930 100644
--- a/manifests/server/cron/optimize.pp
+++ b/manifests/server/cron/optimize.pp
@@ -1,13 +1,13 @@
class mysql::server::cron::optimize {
file { 'mysql_optimize_script':
- path => "${mysql_moduledir}/server/optimize_tables.rb",
- source => "puppet://${server}/modules/mysql/scripts/optimize_tables.rb",
+ path => '/usr/local/sbin/optimize_mysql_tables.rb',
+ source => "puppet:///modules/mysql/scripts/optimize_tables.rb",
owner => root, group => 0, mode => 0700;
}
cron { 'mysql_optimize_cron':
- command => "${mysql_moduledir}/server/optimize_tables.rb",
+ command => '/usr/local/sbin/optimize_mysql_tables.rb',
user => 'root',
minute => 40,
hour => 6,