diff --git a/playbooks/db.yml b/playbooks/db.yml new file mode 100644 index 0000000..b0436c5 --- /dev/null +++ b/playbooks/db.yml @@ -0,0 +1,5 @@ +- name: Configure DB + hosts: all + tasks: + - import_role: + name: db diff --git a/roles/db/defaults/main.yaml b/roles/db/defaults/main.yaml new file mode 100644 index 0000000..85bc205 --- /dev/null +++ b/roles/db/defaults/main.yaml @@ -0,0 +1,38 @@ +mariadb_base_packages: + - mariadb-server + - mariadb-backup + - pmm2-client +mariadb_requeriments: + - curl + - apt-transport-https +certificates: + - { content: '{{ ca_company_deprecated }}', dest: '/etc/mysql/ca.pem', mode: 'u=rw,g=r,o=r' } + - { content: '{{ cert_mysql }}', dest: '/etc/mysql/cert.pem', mode: 'u=rw,g=r,o=r' } + - { content: '{{ cert_mysql_key }}', dest: '/etc/mysql/key.pem', mode: 'u=rw,g=,o=' } +required_directories: + - { path: /mnt/local-backup, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } + - { path: /mnt/mysqlbin, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } + - { path: /mnt/mysqltmp, owner: root, group: root, mode: 'u=rwx,g=rwx,o=rwxt' } + - { path: /mnt/mysqlbin/binlog, owner: mysql, group: mysql, mode: 'u=rwx,g=,o=' } + - { path: /root/scripts, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } + - { path: /root/mariabackup, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } + - { path: /mnt/mysqldata/mysql, owner: mysql, group: mysql, mode: 'u=rwx,g=rx,o=rx' } + - { path: /etc/systemd/system/mariadb.service.d, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } +required_files_and_mariabackup_files_and_root_scripts: + - { src: "mariadb_override.conf", dest: "/etc/systemd/system/mariadb.service.d/override.conf", mode: "u=rw,g=r,o=r" } + - { src: "mysql-flush.sh", dest: "/etc/qemu/fsfreeze-hook.d/mysql-flush.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/mariabackup/bacula-before.sh", dest: "/root/mariabackup/bacula-before.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/mariabackup/config.sh", dest: "/root/mariabackup/config.sh", mode: "u=rwx,g=rx,o=x" } + - { src: "files/mariabackup/inc-backup.sh", dest: "/root/mariabackup/inc-backup.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/mariabackup/restore-backup.sh", dest: "/root/mariabackup/restore-backup.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/scripts/check-memory.sh", dest: "/root/scripts/check-memory.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/scripts/export-privs.sh", dest: "/root/scripts/export-privs.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/scripts/mysqltuner.pl", dest: "/root/scripts/mysqltuner.pl", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/scripts/promote-master.sh", dest: "/root/scripts/promote-master.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/scripts/promote-slave.sh", dest: "/root/scripts/promote-slave.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/scripts/README.md", dest: "/root/scripts/README.md", mode: "u=rw,g=r,o=r" } + - { src: "files/scripts/scheduler-log.sh", dest: "/root/scripts/scheduler-log.sh", mode: "u=rwx,g=rx,o=rx" } + - { src: "files/marianrpe/95-mariadb.cfg", dest: "/etc/nagios/nrpe.d/95-mariadb.cfg", mode: "u=rw,g=r,o=r" } +downloads: + - { url: "https://r.mariadb.com/downloads/mariadb_repo_setup", dest: "/tmp/mariadb_repo_setup", mode: "u=rwx,g=rx,o=rx" } + - { url: "https://repo.percona.com/apt/percona-release_latest.generic_all.deb", dest: "/tmp/percona-release_latest.generic_all.deb", mode: "u=rw,g=r,o=r" } diff --git a/roles/services/files/mariabackup/bacula-before.sh b/roles/db/files/mariabackup/bacula-before.sh similarity index 100% rename from roles/services/files/mariabackup/bacula-before.sh rename to roles/db/files/mariabackup/bacula-before.sh diff --git a/roles/services/files/mariabackup/config.sh b/roles/db/files/mariabackup/config.sh similarity index 100% rename from roles/services/files/mariabackup/config.sh rename to roles/db/files/mariabackup/config.sh diff --git a/roles/services/files/mariabackup/inc-backup.sh b/roles/db/files/mariabackup/inc-backup.sh similarity index 100% rename from roles/services/files/mariabackup/inc-backup.sh rename to roles/db/files/mariabackup/inc-backup.sh diff --git a/roles/services/files/mariabackup/restore-backup.sh b/roles/db/files/mariabackup/restore-backup.sh similarity index 98% rename from roles/services/files/mariabackup/restore-backup.sh rename to roles/db/files/mariabackup/restore-backup.sh index 0673526..f8b612f 100644 --- a/roles/services/files/mariabackup/restore-backup.sh +++ b/roles/db/files/mariabackup/restore-backup.sh @@ -44,6 +44,7 @@ mariabackup \ --target-dir="$restoreDir" \ 2>> "$logFile" chown -R mysql:mysql "$dataDir" +chmod 755 "$dataDir" rm "$dataDir/mysql/slow_log."* rm "$dataDir/mysql/general_log."* diff --git a/roles/services/files/mariabackupdev/apply.sql b/roles/db/files/mariabackupdev/apply.sql similarity index 100% rename from roles/services/files/mariabackupdev/apply.sql rename to roles/db/files/mariabackupdev/apply.sql diff --git a/roles/services/files/mariabackupdev/bacula-after.sh b/roles/db/files/mariabackupdev/bacula-after.sh similarity index 100% rename from roles/services/files/mariabackupdev/bacula-after.sh rename to roles/db/files/mariabackupdev/bacula-after.sh diff --git a/roles/services/files/mariabackuptest/apply.sql b/roles/db/files/mariabackuptest/apply.sql similarity index 100% rename from roles/services/files/mariabackuptest/apply.sql rename to roles/db/files/mariabackuptest/apply.sql diff --git a/roles/services/files/mariabackuptest/bacula-after.sh b/roles/db/files/mariabackuptest/bacula-after.sh similarity index 100% rename from roles/services/files/mariabackuptest/bacula-after.sh rename to roles/db/files/mariabackuptest/bacula-after.sh diff --git a/roles/services/files/mariaconfigfiles/z90-vn.cnf b/roles/db/files/mariaconfigfiles/z90-vn.cnf similarity index 100% rename from roles/services/files/mariaconfigfiles/z90-vn.cnf rename to roles/db/files/mariaconfigfiles/z90-vn.cnf diff --git a/roles/services/files/mariaconfigfiles/z92-testing_dev.cnf b/roles/db/files/mariaconfigfiles/z92-testing_dev.cnf similarity index 100% rename from roles/services/files/mariaconfigfiles/z92-testing_dev.cnf rename to roles/db/files/mariaconfigfiles/z92-testing_dev.cnf diff --git a/roles/services/files/mariaconfigfiles/z95-production.cnf b/roles/db/files/mariaconfigfiles/z95-production.cnf similarity index 100% rename from roles/services/files/mariaconfigfiles/z95-production.cnf rename to roles/db/files/mariaconfigfiles/z95-production.cnf diff --git a/roles/services/files/mariadb_override.conf b/roles/db/files/mariadb_override.conf similarity index 100% rename from roles/services/files/mariadb_override.conf rename to roles/db/files/mariadb_override.conf diff --git a/roles/services/files/marianrpe/95-mariadb.cfg b/roles/db/files/marianrpe/95-mariadb.cfg similarity index 100% rename from roles/services/files/marianrpe/95-mariadb.cfg rename to roles/db/files/marianrpe/95-mariadb.cfg diff --git a/roles/services/files/mysql-flush.sh b/roles/db/files/mysql-flush.sh similarity index 100% rename from roles/services/files/mysql-flush.sh rename to roles/db/files/mysql-flush.sh diff --git a/roles/services/files/scripts/README.md b/roles/db/files/scripts/README.md similarity index 100% rename from roles/services/files/scripts/README.md rename to roles/db/files/scripts/README.md diff --git a/roles/services/files/scripts/check-memory.sh b/roles/db/files/scripts/check-memory.sh similarity index 100% rename from roles/services/files/scripts/check-memory.sh rename to roles/db/files/scripts/check-memory.sh diff --git a/roles/services/files/scripts/export-privs.sh b/roles/db/files/scripts/export-privs.sh similarity index 100% rename from roles/services/files/scripts/export-privs.sh rename to roles/db/files/scripts/export-privs.sh diff --git a/roles/services/files/scripts/mysqltuner.pl b/roles/db/files/scripts/mysqltuner.pl similarity index 100% rename from roles/services/files/scripts/mysqltuner.pl rename to roles/db/files/scripts/mysqltuner.pl diff --git a/roles/services/files/scripts/promote-master.sh b/roles/db/files/scripts/promote-master.sh similarity index 100% rename from roles/services/files/scripts/promote-master.sh rename to roles/db/files/scripts/promote-master.sh diff --git a/roles/services/files/scripts/promote-slave.sh b/roles/db/files/scripts/promote-slave.sh similarity index 100% rename from roles/services/files/scripts/promote-slave.sh rename to roles/db/files/scripts/promote-slave.sh diff --git a/roles/services/files/scripts/scheduler-log.sh b/roles/db/files/scripts/scheduler-log.sh similarity index 100% rename from roles/services/files/scripts/scheduler-log.sh rename to roles/db/files/scripts/scheduler-log.sh diff --git a/roles/db/handlers/main.yml b/roles/db/handlers/main.yml new file mode 100644 index 0000000..0ed2a4d --- /dev/null +++ b/roles/db/handlers/main.yml @@ -0,0 +1,7 @@ +- name: reload-systemd + command: + cmd: systemctl daemon-reload +- name: restart-mariadb + systemd: + name: mariadb + state: restarted diff --git a/roles/db/tasks/main.yml b/roles/db/tasks/main.yml new file mode 100644 index 0000000..9bd454d --- /dev/null +++ b/roles/db/tasks/main.yml @@ -0,0 +1 @@ +- import_tasks: mariadb.yml diff --git a/roles/services/tasks/mariadb.yml b/roles/db/tasks/mariadb.yml similarity index 99% rename from roles/services/tasks/mariadb.yml rename to roles/db/tasks/mariadb.yml index 0ee6e98..a8709fa 100644 --- a/roles/services/tasks/mariadb.yml +++ b/roles/db/tasks/mariadb.yml @@ -81,7 +81,7 @@ loop: "{{ certificates }}" notify: restart-mariadb -- when: db.branch == 'production' +- when: db.branch == 'master' block: - name: Set MariaDB custom configuration Production copy: diff --git a/roles/services/templates/cron_mariadb b/roles/db/templates/cron_mariadb similarity index 100% rename from roles/services/templates/cron_mariadb rename to roles/db/templates/cron_mariadb diff --git a/roles/services/templates/my.cnf b/roles/db/templates/my.cnf similarity index 100% rename from roles/services/templates/my.cnf rename to roles/db/templates/my.cnf diff --git a/roles/services/templates/test-db_dev/apply.config.sh b/roles/db/templates/test-db_dev/apply.config.sh similarity index 93% rename from roles/services/templates/test-db_dev/apply.config.sh rename to roles/db/templates/test-db_dev/apply.config.sh index 8d15118..d42f5f7 100755 --- a/roles/services/templates/test-db_dev/apply.config.sh +++ b/roles/db/templates/test-db_dev/apply.config.sh @@ -7,7 +7,7 @@ baculaDir=/mnt/mysqldata/bacula-restore dbBranch={{ db.branch }} # Database environment -dbEnvironment={{ dbEnvironment }} +dbEnvironment={{ db.environment }} # MariaDB cluster sibling node hostnames dbClusterSiblings=() diff --git a/roles/services/templates/z99-local.cnf b/roles/db/templates/z99-local.cnf similarity index 100% rename from roles/services/templates/z99-local.cnf rename to roles/db/templates/z99-local.cnf diff --git a/roles/services/defaults/main.yaml b/roles/services/defaults/main.yaml index ae9c01e..2b79c21 100644 --- a/roles/services/defaults/main.yaml +++ b/roles/services/defaults/main.yaml @@ -15,43 +15,4 @@ dcsamba_base_packages: - ldb-tools - samba-dsdb-modules - samba-vfs-modules -mariadb_base_packages: - - mariadb-server - - mariadb-backup - - pmm2-client -mariadb_requeriments: - - curl - - apt-transport-https -certificates: - - { content: '{{ ca_company_deprecated }}', dest: '/etc/mysql/ca.pem', mode: 'u=rw,g=r,o=r' } - - { content: '{{ cert_mysql }}', dest: '/etc/mysql/cert.pem', mode: 'u=rw,g=r,o=r' } - - { content: '{{ cert_mysql_key }}', dest: '/etc/mysql/key.pem', mode: 'u=rw,g=,o=' } -required_directories: - - { path: /mnt/local-backup, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } - - { path: /mnt/mysqlbin, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } - - { path: /mnt/mysqltmp, owner: root, group: root, mode: 'u=rwx,g=rwx,o=rwxt' } - - { path: /mnt/mysqlbin/binlog, owner: mysql, group: mysql, mode: 'u=rwx,g=,o=' } - - { path: /root/scripts, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } - - { path: /root/mariabackup, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } - - { path: /mnt/mysqldata/mysql, owner: mysql, group: mysql, mode: 'u=rwx,g=rx,o=rx' } - - { path: /etc/systemd/system/mariadb.service.d, owner: root, group: root, mode: 'u=rwx,g=rx,o=rx' } - -required_files_and_mariabackup_files_and_root_scripts: - - { src: "mariadb_override.conf", dest: "/etc/systemd/system/mariadb.service.d/override.conf", mode: "u=rw,g=r,o=r" } - - { src: "mysql-flush.sh", dest: "/etc/qemu/fsfreeze-hook.d/mysql-flush.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/mariabackup/bacula-before.sh", dest: "/root/mariabackup/bacula-before.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/mariabackup/config.sh", dest: "/root/mariabackup/config.sh", mode: "u=rwx,g=rx,o=x" } - - { src: "files/mariabackup/inc-backup.sh", dest: "/root/mariabackup/inc-backup.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/mariabackup/restore-backup.sh", dest: "/root/mariabackup/restore-backup.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/check-memory.sh", dest: "/root/scripts/check-memory.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/export-privs.sh", dest: "/root/scripts/export-privs.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/mysqltuner.pl", dest: "/root/scripts/mysqltuner.pl", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/promote-master.sh", dest: "/root/scripts/promote-master.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/promote-slave.sh", dest: "/root/scripts/promote-slave.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/README.md", dest: "/root/scripts/README.md", mode: "u=rw,g=r,o=r" } - - { src: "files/scripts/scheduler-log.sh", dest: "/root/scripts/scheduler-log.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/scripts/sync-conf.sh", dest: "/root/scripts/sync-conf.sh", mode: "u=rwx,g=rx,o=rx" } - - { src: "files/marianrpe/95-mariadb.cfg", dest: "/etc/nagios/nrpe.d/95-mariadb.cfg", mode: "u=rw,g=r,o=r" } -downloads: - - { url: "https://r.mariadb.com/downloads/mariadb_repo_setup", dest: "/tmp/mariadb_repo_setup", mode: "u=rwx,g=rx,o=rx" } - - { url: "https://repo.percona.com/apt/percona-release_latest.generic_all.deb", dest: "/tmp/percona-release_latest.generic_all.deb", mode: "u=rw,g=r,o=r" } + \ No newline at end of file diff --git a/roles/services/handlers/main.yml b/roles/services/handlers/main.yml index aa291cc..2727cca 100644 --- a/roles/services/handlers/main.yml +++ b/roles/services/handlers/main.yml @@ -5,9 +5,3 @@ - name: reload-systemd command: cmd: systemctl daemon-reload -- name: restart-mariadb - systemd: - name: mariadb - state: restarted - - diff --git a/roles/services/tasks/main.yml b/roles/services/tasks/main.yml index abb6d16..c86c5c8 100644 --- a/roles/services/tasks/main.yml +++ b/roles/services/tasks/main.yml @@ -1,6 +1,4 @@ - import_tasks: timeserver.yml tags: timeserver -- import_tasks: mariadb.yml - tags: mariadb - import_tasks: adsamba.yml tags: adsamba