From d31940e3f0422fe17037354dbe9407a018427585 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 25 Feb 2011 17:27:19 +0100 Subject: Remove other default accounts due to security reasons --- manifests/server/base.pp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'manifests/server/base.pp') diff --git a/manifests/server/base.pp b/manifests/server/base.pp index 5031876..bb05fc4 100644 --- a/manifests/server/base.pp +++ b/manifests/server/base.pp @@ -76,6 +76,8 @@ class mysql::server::base { require => Package['mysql-server'], } + include mysql::server::account_security + # Collect all databases and users Mysql_database<<| tag == "mysql_${fqdn}" |>> Mysql_user<<| tag == "mysql_${fqdn}" |>> -- cgit v1.2.3 From 4ac736951588128005348a48f6bf20092000a2ea Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 10 Feb 2012 14:35:19 +0100 Subject: migrate everything to hiera/trocla and use the new scoping style --- manifests/server/base.pp | 40 ++++++++++++++++++---------------------- 1 file changed, 18 insertions(+), 22 deletions(-) (limited to 'manifests/server/base.pp') diff --git a/manifests/server/base.pp b/manifests/server/base.pp index bb05fc4..eb66b43 100644 --- a/manifests/server/base.pp +++ b/manifests/server/base.pp @@ -5,12 +5,12 @@ class mysql::server::base { file { 'mysql_main_cnf': path => '/etc/mysql/my.cnf', source => [ - "puppet:///modules/site-mysql/${fqdn}/my.cnf", - "puppet:///modules/site-mysql/my.cnf.${operatingsystem}.{lsbdistcodename}", - "puppet:///modules/site-mysql/my.cnf.${operatingsystem}", + "puppet:///modules/site-mysql/${::fqdn}/my.cnf", + "puppet:///modules/site-mysql/my.cnf.${::operatingsystem}.{lsbdistcodename}", + "puppet:///modules/site-mysql/my.cnf.${::operatingsystem}", "puppet:///modules/site-mysql/my.cnf", - "puppet:///modules/mysql/config/my.cnf.${operatingsystem}.{lsbdistcodename}", - "puppet:///modules/mysql/config/my.cnf.${operatingsystem}", + "puppet:///modules/mysql/config/my.cnf.${::operatingsystem}.{lsbdistcodename}", + "puppet:///modules/mysql/config/my.cnf.${::operatingsystem}", "puppet:///modules/mysql/config/my.cnf" ], ensure => file, @@ -18,7 +18,7 @@ class mysql::server::base { notify => Service['mysql'], owner => root, group => 0, mode => 0644; } - + file { 'mysql_data_dir': path => '/var/lib/mysql/data', ensure => directory, @@ -35,17 +35,13 @@ class mysql::server::base { owner => mysql, group => mysql, mode => 0660; } - case $mysql_rootpw { - '': { fail("You need to define a mysql root password! Please set \$mysql_rootpw in your site.pp or host config") } - } - file { 'mysql_setmysqlpass.sh': path => '/usr/local/sbin/setmysqlpass.sh', - source => "puppet:///modules/mysql/scripts/${operatingsystem}/setmysqlpass.sh", + source => "puppet:///modules/mysql/scripts/${::operatingsystem}/setmysqlpass.sh", require => Package['mysql-server'], owner => root, group => 0, mode => 0500; - } - + } + file { 'mysql_root_cnf': path => '/root/.my.cnf', content => template('mysql/root/my.cnf.erb'), @@ -53,22 +49,22 @@ class mysql::server::base { owner => root, group => 0, mode => 0400, notify => Exec['mysql_set_rootpw'], } - + exec { 'mysql_set_rootpw': command => '/usr/local/sbin/setmysqlpass.sh', unless => "mysqladmin -uroot status > /dev/null", require => [ File['mysql_setmysqlpass.sh'], Package['mysql-server'] ], refreshonly => true, } - - if ($mysql_backup_cron) { + + if hiera('mysql_backup_cron',false) { include mysql::server::cron::backup } - - if ($mysql_optimize_cron) { + + if hiera('mysql_optimize_cron',false) { include mysql::server::cron::optimize } - + service { 'mysql': ensure => running, enable => true, @@ -79,7 +75,7 @@ class mysql::server::base { include mysql::server::account_security # Collect all databases and users - Mysql_database<<| tag == "mysql_${fqdn}" |>> - Mysql_user<<| tag == "mysql_${fqdn}" |>> - Mysql_grant<<| tag == "mysql_${fqdn}" |>> + Mysql_database<<| tag == "mysql_${::fqdn}" |>> + Mysql_user<<| tag == "mysql_${::fqdn}" |>> + Mysql_grant<<| tag == "mysql_${::fqdn}" |>> } -- cgit v1.2.3