diff --git a/mysql/apparmor.sls b/mysql/apparmor.sls index 41f3748c..1cc542d7 100644 --- a/mysql/apparmor.sls +++ b/mysql/apparmor.sls @@ -1,4 +1,4 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} {%- if "apparmor" in mysql.config %} diff --git a/mysql/client.sls b/mysql/client.sls index 92f9ee3a..927f170b 100644 --- a/mysql/client.sls +++ b/mysql/client.sls @@ -1,7 +1,7 @@ include: - .config -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} mysql: pkg.installed: diff --git a/mysql/config.sls b/mysql/config.sls index 1d3d343a..440120ed 100644 --- a/mysql/config.sls +++ b/mysql/config.sls @@ -1,100 +1,100 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} -{% set os_family = salt['grains.get']('os_family', None) %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} +{%- set os_family = salt['grains.get']('os_family', None) %} -{% if "config_directory" in mysql %} +{%- if "config_directory" in mysql %} mysql_config_directory: file.directory: - name: {{ mysql.config_directory }} - {% if os_family in ['Debian', 'Gentoo', 'RedHat'] %} + {%- if os_family in ['Debian', 'Gentoo', 'RedHat'] %} - user: root - group: root - mode: 755 - {% endif %} + {%- endif %} - makedirs: True -{% if "server_config" in mysql %} +{%- if "server_config" in mysql %} mysql_server_config: file.managed: - name: {{ mysql.config_directory + mysql.server_config.file }} - template: jinja - source: salt://{{ tpldir }}/files/server.cnf - {% if os_family in ['Debian', 'Gentoo', 'RedHat'] %} + {%- if os_family in ['Debian', 'Gentoo', 'RedHat'] %} - context: tpldir: {{ tpldir }} - user: root - group: root - mode: 644 - {% endif %} + {%- endif %} - require: - file: mysql_config_directory -{% endif %} +{%- endif %} -{% if "galera_config" in mysql %} +{%- if "galera_config" in mysql %} mysql_galera_config: file.managed: - name: {{ mysql.config_directory + mysql.galera_config.file }} - template: jinja - source: salt://{{ tpldir }}/files/galera.cnf - {% if os_family in ['Debian', 'Gentoo', 'RedHat'] %} + {%- if os_family in ['Debian', 'Gentoo', 'RedHat'] %} - context: tpldir: {{ tpldir }} - user: root - group: root - mode: 644 - {% endif %} + {%- endif %} - require: - file: mysql_config_directory -{% endif %} +{%- endif %} -{% if "library_config" in mysql %} +{%- if "library_config" in mysql %} mysql_library_config: file.managed: - name: {{ mysql.config_directory + mysql.library_config.file }} - template: jinja - source: salt://{{ tpldir }}/files/client.cnf - {% if os_family in ['Debian', 'Gentoo', 'RedHat'] %} + {%- if os_family in ['Debian', 'Gentoo', 'RedHat'] %} - context: tpldir: {{ tpldir }} - user: root - group: root - mode: 644 - {% endif %} + {%- endif %} - require: - file: mysql_config_directory -{% endif %} +{%- endif %} -{% if "clients_config" in mysql %} +{%- if "clients_config" in mysql %} mysql_clients_config: file.managed: - name: {{ mysql.config_directory + mysql.clients_config.file }} - template: jinja - source: salt://{{ tpldir }}/files/mysql-clients.cnf - {% if os_family in ['Debian', 'Gentoo', 'RedHat'] %} + {%- if os_family in ['Debian', 'Gentoo', 'RedHat'] %} - context: tpldir: {{ tpldir }} - user: root - group: root - mode: 644 - {% endif %} + {%- endif %} - require: - file: mysql_config_directory -{% endif %} +{%- endif %} -{% endif %} +{%- endif %} mysql_config: file.managed: - name: {{ mysql.config.file }} - template: jinja -{% if "config_directory" in mysql %} +{%- if "config_directory" in mysql %} - source: salt://{{ tpldir }}/files/my-include.cnf -{% else %} +{%- else %} - source: salt://{{ tpldir }}/files/my.cnf -{% endif %} +{%- endif %} - context: tpldir: {{ tpldir }} - {% if os_family in ['Debian', 'Gentoo', 'RedHat'] %} + {%- if os_family in ['Debian', 'Gentoo', 'RedHat'] %} - user: root - group: root - mode: 644 - {% endif %} + {%- endif %} diff --git a/mysql/database.sls b/mysql/database.sls index 9a517ef5..5d9cce0b 100644 --- a/mysql/database.sls +++ b/mysql/database.sls @@ -1,46 +1,46 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} -{% set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} -{% set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} -{% set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} -{% set db_states = [] %} +{%- set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} +{%- set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} +{%- set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} +{%- set db_states = [] %} -{% set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} -{% set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_pass) %} +{%- set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} +{%- set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_pass) %} include: - .python -{% for database_obj in salt['pillar.get']('mysql:database', []) %} -{% set state_id = 'mysql_db_' ~ loop.index0 %} -{% if not database_obj %}{# in case database_obj == [] #} -{% continue %} -{% elif database_obj is mapping %} -{% set database = database_obj.get('name') %} -{% set present = database_obj.get('present', True) %} -{% else %} -{% set database = database_obj %} -{% set present = True %} -{% endif %} +{%- for database_obj in salt['pillar.get']('mysql:database', []) %} +{%- set state_id = 'mysql_db_' ~ loop.index0 %} +{%- if not database_obj %}{# in case database_obj == [] #} +{%- continue %} +{%- elif database_obj is mapping %} +{%- set database = database_obj.get('name') %} +{%- set present = database_obj.get('present', True) %} +{%- else %} +{%- set database = database_obj %} +{%- set present = True %} +{%- endif %} {{ state_id }}: {%- if present %} mysql_database.present: - {% if database_obj is mapping %} + {%- if database_obj is mapping %} - character_set: {{ database_obj.get('character_set', '') }} - collate: {{ database_obj.get('collate', '') }} - {% endif %} - {% else %} + {%- endif %} + {%- else %} mysql_database.absent: - {% endif %} + {%- endif %} - name: {{ database }} - connection_host: '{{ mysql_host }}' - connection_user: '{{ mysql_salt_user }}' - {% if mysql_salt_pass %} + {%- if mysql_salt_pass %} - connection_pass: '{{ mysql_salt_pass }}' - {% endif %} + {%- endif %} - connection_charset: utf8 -{% if salt['pillar.get'](['mysql', 'schema', database, 'load']|join(':'), False) %} +{%- if salt['pillar.get'](['mysql', 'schema', database, 'load']|join(':'), False) %} {{ state_id }}_schema: file.managed: - name: /etc/mysql/{{ database }}.schema @@ -50,17 +50,17 @@ include: {%- if template_type %} - template: {{ template_type }} - context: {{ template_context|yaml }} -{% endif %} +{%- endif %} - user: {{ salt['pillar.get']('mysql:server:user', 'mysql') }} - makedirs: True {{ state_id }}_load: cmd.wait: - - name: mysql -u {{ mysql_salt_user }} -h{{ mysql_host }} {% if mysql_salt_pass %}-p{% endif %}{{ mysql_salt_pass }} {{ database }} < /etc/mysql/{{ database }}.schema + - name: mysql -u {{ mysql_salt_user }} -h{{ mysql_host }} {%- if mysql_salt_pass %}-p{%- endif %}{{ mysql_salt_pass }} {{ database }} < /etc/mysql/{{ database }}.schema - watch: - file: {{ state_id }}_schema - mysql_database: {{ state_id }} -{% endif %} +{%- endif %} -{% do db_states.append(state_id) %} -{% endfor %} +{%- do db_states.append(state_id) %} +{%- endfor %} diff --git a/mysql/dev.sls b/mysql/dev.sls index e1dd90be..4f7e19f8 100644 --- a/mysql/dev.sls +++ b/mysql/dev.sls @@ -1,4 +1,4 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} mysql_dev: pkg: diff --git a/mysql/disabled.sls b/mysql/disabled.sls index fde04786..7466d47c 100644 --- a/mysql/disabled.sls +++ b/mysql/disabled.sls @@ -1,4 +1,4 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} mysql: service.dead: diff --git a/mysql/init.sls b/mysql/init.sls index a84c016c..3c3ee926 100644 --- a/mysql/init.sls +++ b/mysql/init.sls @@ -1,32 +1,32 @@ -{% from tpldir ~ '/database.sls' import db_states with context %} -{% from tpldir ~ '/user.sls' import user_states with context %} +{%- from tpldir ~ '/database.sls' import db_states with context %} +{%- from tpldir ~ '/user.sls' import user_states with context %} -{% macro requisites(type, states) %} +{%- macro requisites(type, states) %} {%- for state in states %} - {{ type }}: {{ state }} {%- endfor -%} -{% endmacro %} +{%- endmacro %} -{% set mysql_dev = salt['pillar.get']('mysql:dev:install', False) %} -{% set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', False) %} +{%- set mysql_dev = salt['pillar.get']('mysql:dev:install', False) %} +{%- set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', False) %} include: - .server -{% if mysql_salt_user %} +{%- if mysql_salt_user %} - .salt-user -{% endif %} +{%- endif %} - .database - .user -{% if mysql_dev %} +{%- if mysql_dev %} - .dev -{% endif %} +{%- endif %} -{% if (db_states|length() + user_states|length()) > 0 %} +{%- if (db_states|length() + user_states|length()) > 0 %} extend: mysqld-service-running: service: - require_in: {{ requisites('mysql_database', db_states) }} {{ requisites('mysql_user', user_states) }} -{% endif %} +{%- endif %} diff --git a/mysql/macos/install.sls b/mysql/macos/install.sls index f57cd715..be74678c 100644 --- a/mysql/macos/install.sls +++ b/mysql/macos/install.sls @@ -21,13 +21,13 @@ mysql-macos-download-{{ product }}-archive: cmd.run: - name: curl {{ dl.opts }} -o {{ dl.tmpdir }}/{{ archivefile }} {{ data.url }} - unless: test -f {{ dl.tmpdir }}/{{ archivefile }} - {% if grains['saltversioninfo'] >= [2017, 7, 0] %} + {%- if grains['saltversioninfo'] >= [2017, 7, 0] %} - retry: attempts: {{ dl.retries }} interval: {{ dl.interval }} until: True splay: 10 - {% endif %} + {%- endif %} - require: - mysql-macos-extract-dirs @@ -93,4 +93,4 @@ mysql-macos-{{ product }}-desktop-shortcut-add: - file: mysql-macos-{{ product }}-desktop-shortcut-add {%- endif %} - {% endfor %} + {%- endfor %} diff --git a/mysql/python.sls b/mysql/python.sls index cecc83fd..c7aec15d 100644 --- a/mysql/python.sls +++ b/mysql/python.sls @@ -1,4 +1,4 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} mysql_python: pkg.installed: diff --git a/mysql/remove_test_database.sls b/mysql/remove_test_database.sls index bb3204f8..1286558d 100644 --- a/mysql/remove_test_database.sls +++ b/mysql/remove_test_database.sls @@ -1,8 +1,8 @@ -{% set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} -{% set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} -{% set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} -{% set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} -{% set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_pass) %} +{%- set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} +{%- set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} +{%- set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} +{%- set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} +{%- set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_pass) %} include: - .python @@ -13,7 +13,7 @@ mysql remove test database: - host: '{{ mysql_host }}' - connection_user: '{{ mysql_salt_user }}' - connection_host: '{{ mysql_host }}' - {% if mysql_salt_pass %} + {%- if mysql_salt_pass %} - connection_pass: '{{ mysql_salt_pass }}' - {% endif %} + {%- endif %} - connection_charset: utf8 diff --git a/mysql/repo.sls b/mysql/repo.sls index 63d01ec0..dde0099e 100644 --- a/mysql/repo.sls +++ b/mysql/repo.sls @@ -1,24 +1,24 @@ include: - .config -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} # Completely ignore non-RHEL based systems # TODO: Add Debian and Suse systems. # TODO: Allow user to specify MySQL version and alter yum repo file accordingly. -{% if grains['os_family'] == 'RedHat' and 'osmajorrelease' in grains %} - {% if grains['osmajorrelease']|int == 5 %} - {% set rpm_source = "http://repo.mysql.com/mysql57-community-release-el5.rpm" %} - {% elif grains['osmajorrelease']|int == 6 %} - {% set rpm_source = "http://repo.mysql.com/mysql57-community-release-el6.rpm" %} - {% elif grains['osmajorrelease']|int == 7 %} - {% set rpm_source = "http://repo.mysql.com/mysql57-community-release-el7.rpm" %} - {% endif %} -{% endif %} +{%- if grains['os_family'] == 'RedHat' and 'osmajorrelease' in grains %} + {%- if grains['osmajorrelease']|int == 5 %} + {%- set rpm_source = "http://repo.mysql.com/mysql57-community-release-el5.rpm" %} + {%- elif grains['osmajorrelease']|int == 6 %} + {%- set rpm_source = "http://repo.mysql.com/mysql57-community-release-el6.rpm" %} + {%- elif grains['osmajorrelease']|int == 7 %} + {%- set rpm_source = "http://repo.mysql.com/mysql57-community-release-el7.rpm" %} + {%- endif %} +{%- endif %} -{% set mysql57_community_release = salt['pillar.get']('mysql:release', false) %} +{%- set mysql57_community_release = salt['pillar.get']('mysql:release', false) %} # A lookup table for MySQL Repo GPG keys & RPM URLs for various RedHat releases - {% set pkg = { + {%- set pkg = { 'key': 'http://repo.mysql.com/RPM-GPG-KEY-mysql', 'key_hash': 'md5=162ec8cb41add661b357e926a083b0cc', 'rpm': rpm_source @@ -38,12 +38,12 @@ mysql57_community_release: - require: - file: install_pubkey_mysql - require_in: - {% if "server_config" in mysql %} + {%- if "server_config" in mysql %} - pkg: {{ mysql.serverpkg }} - {% endif %} - {% if "clients_config" in mysql %} + {%- endif %} + {%- if "clients_config" in mysql %} - pkg: {{ mysql.clientpkg }} - {% endif %} + {%- endif %} set_pubkey_mysql: file.replace: diff --git a/mysql/salt-user.sls b/mysql/salt-user.sls index ed569dfe..8e886185 100644 --- a/mysql/salt-user.sls +++ b/mysql/salt-user.sls @@ -1,20 +1,20 @@ include: - .server -{% set os_family = salt['grains.get']('os_family', None) %} -{% set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', 'salt') %} -{% set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', salt['grains.get']('server_id')) %} -{% set mysql_salt_grants = salt['pillar.get']('mysql:salt_user:grants', []) %} -{% set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} -{% set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} -{% set mysql_root_hash = salt['pillar.get']('mysql:server:root_password_hash', None) %} +{%- set os_family = salt['grains.get']('os_family', None) %} +{%- set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', 'salt') %} +{%- set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', salt['grains.get']('server_id')) %} +{%- set mysql_salt_grants = salt['pillar.get']('mysql:salt_user:grants', []) %} +{%- set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} +{%- set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} +{%- set mysql_root_hash = salt['pillar.get']('mysql:server:root_password_hash', None) %} -{% set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} -{% if mysql_host == 'localhost' %} -{% set host = 'localhost' %} -{% else %} -{% set host = grains['fqdn'] %} -{% endif %} +{%- set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} +{%- if mysql_host == 'localhost' %} +{%- set host = 'localhost' %} +{%- else %} +{%- set host = grains['fqdn'] %} +{%- endif %} mysql_salt_user_with_salt_user: mysql_user.present: @@ -28,10 +28,10 @@ mysql_salt_user_with_salt_user: # - onlyif: # - mysql --user {{ mysql_salt_user }} --password='{{ mysql_salt_pass|replace("'", "'\"'\"'") }}' -h {{ mysql_host }} --execute="SELECT 1;" # - VALUE=$(mysql --user {{ mysql_salt_user }} --password='{{ mysql_salt_pass|replace("'", "'\"'\"'") }}' -ss -e "SELECT Grant_priv FROM mysql.user WHERE user = '{{ mysql_salt_user }}' AND host = '{{ host }}';"); if [ "$VALUE" = 'Y' ]; then /bin/true; else /bin/false; fi -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} - require_in: - mysql_user: mysql_root_password -{% endif %} +{%- endif %} {%- if mysql_salt_grants != [] %} mysql_salt_user_with_salt_user_grants: @@ -51,11 +51,11 @@ mysql_salt_user_with_salt_user_grants: - VALUE=$(mysql --user {{ mysql_salt_user }} --password='{{ mysql_salt_pass|replace("'", "'\"'\"'") }}' -ss -e "SELECT Grant_priv FROM mysql.user WHERE user = '{{ mysql_salt_user }}' AND host = '{{ host }}';"); if [ "$VALUE" = 'Y' ]; then /bin/true; else /bin/false; fi - require: - mysql_user: mysql_salt_user_with_salt_user -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} - require_in: - mysql_user: mysql_root_password -{% endif %} -{% endif %} +{%- endif %} +{%- endif %} mysql_salt_user_with_root_user: mysql_user.present: @@ -69,10 +69,10 @@ mysql_salt_user_with_root_user: - onlyif: - mysql --user {{ mysql_root_user }} --password='{{ mysql_root_pass|replace("'", "'\"'\"'") }}' -h {{ mysql_host }} --execute="SELECT 1;" - VALUE=$(mysql --user {{ mysql_root_user }} --password='{{ mysql_root_pass|replace("'", "'\"'\"'") }}' -ss -e "SELECT Grant_priv FROM mysql.user WHERE user = '{{ mysql_salt_user }}' AND host = '{{ host }}';"); if [ "$VALUE" = 'N' -o -z "$VALUE" ]; then /bin/true; else /bin/false; fi -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} - require_in: - mysql_user: mysql_root_password -{% endif %} +{%- endif %} {%- if mysql_salt_grants != [] %} mysql_salt_user_with_root_user_grants: @@ -92,11 +92,11 @@ mysql_salt_user_with_root_user_grants: - VALUE=$(mysql --user {{ mysql_root_user }} --password='{{ mysql_root_pass|replace("'", "'\"'\"'") }}' -ss -e "SELECT Grant_priv FROM mysql.user WHERE user = '{{ mysql_salt_user }}' AND host = '{{ host }}';"); if [ "$VALUE" = 'N' -o -z "$VALUE" ]; then /bin/true; else /bin/false; fi - require: - mysql_user: mysql_salt_user_with_root_user -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} - require_in: - mysql_user: mysql_root_password -{% endif %} -{% endif %} +{%- endif %} +{%- endif %} mysql_salt_user_with_passwordless_root_user: mysql_user.present: @@ -109,10 +109,10 @@ mysql_salt_user_with_passwordless_root_user: - onlyif: - mysql --user {{ mysql_root_user }} -h {{ mysql_host }} --execute="SELECT 1;" - VALUE=$(mysql --user {{ mysql_root_user }} -ss -e "SELECT Grant_priv FROM mysql.user WHERE user = '{{ mysql_salt_user }}' AND host = '{{ host }}';"); if [ "$VALUE" = 'N' -o -z "$VALUE" ]; then /bin/true; else /bin/false; fi -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} - require_in: - mysql_user: mysql_root_password -{% endif %} +{%- endif %} {%- if mysql_salt_grants != [] %} mysql_salt_user_with_passwordless_root_user_grants: @@ -131,13 +131,13 @@ mysql_salt_user_with_passwordless_root_user_grants: - VALUE=$(mysql --user {{ mysql_root_user }} -ss -e "SELECT Grant_priv FROM mysql.user WHERE user = '{{ mysql_salt_user }}' AND host = '{{ host }}';"); if [ "$VALUE" = 'N' -o -z "$VALUE" ]; then /bin/true; else /bin/false; fi - require: - mysql_user: mysql_salt_user_with_passwordless_root_user -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} - require_in: - mysql_user: mysql_root_password -{% endif %} -{% endif %} +{%- endif %} +{%- endif %} -{% if os_family in ['RedHat', 'Suse'] %} +{%- if os_family in ['RedHat', 'Suse'] %} extend: mysql_root_password: cmd.run: @@ -157,4 +157,4 @@ extend: - connection_user: '{{ mysql_salt_user }}' - connection_pass: '{{ mysql_salt_pass }}' - connection_charset: utf8 -{% endif %} +{%- endif %} diff --git a/mysql/server.sls b/mysql/server.sls index a517b8c9..564555ea 100644 --- a/mysql/server.sls +++ b/mysql/server.sls @@ -2,19 +2,19 @@ include: - .config - .python -{% from tpldir ~ "/map.jinja" import mysql with context %} - -{% set os = salt['grains.get']('os', None) %} -{% set os_family = salt['grains.get']('os_family', None) %} -{% set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} -{% set mysql_root_password = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} -{% set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} -{% set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} -{% set mysql_salt_password = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_password) %} -{% set mysql_datadir = salt['pillar.get']('mysql:server:mysqld:datadir', '/var/lib/mysql') %} - -{% if mysql_root_password %} -{% if os_family == 'Debian' %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} + +{%- set os = salt['grains.get']('os', None) %} +{%- set os_family = salt['grains.get']('os_family', None) %} +{%- set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} +{%- set mysql_root_password = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} +{%- set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} +{%- set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} +{%- set mysql_salt_password = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_password) %} +{%- set mysql_datadir = salt['pillar.get']('mysql:server:mysqld:datadir', '/var/lib/mysql') %} + +{%- if mysql_root_password %} +{%- if os_family == 'Debian' %} mysql_debconf_utils: pkg.installed: - name: {{ mysql.debconf_utils }} @@ -29,7 +29,7 @@ mysql_debconf: - require: - pkg: mysql_debconf_utils - {% if 'osmajorrelease' in grains and salt['grains.get']('osmajorrelease')|int < 9 or not salt['grains.get']('os')|lower == 'debian' %} + {%- if 'osmajorrelease' in grains and salt['grains.get']('osmajorrelease')|int < 9 or not salt['grains.get']('os')|lower == 'debian' %} mysql_password_debconf: debconf.set: @@ -42,9 +42,9 @@ mysql_password_debconf: - require: - pkg: mysql_debconf_utils - {% endif %} + {%- endif %} -{% elif os_family in ['RedHat', 'Suse', 'FreeBSD'] %} +{%- elif os_family in ['RedHat', 'Suse', 'FreeBSD'] %} mysql_root_password: cmd.run: - name: mysqladmin --host "{{ mysql_host }}" --user {{ mysql_root_user }} password '{{ mysql_root_password|replace("'", "'\"'\"'") }}' @@ -52,7 +52,7 @@ mysql_root_password: - require: - service: mysqld-service-running -{% for host in {'localhost': '', 'localhost.localdomain': '', salt['grains.get']('fqdn'): ''}.keys() %} +{%- for host in {'localhost': '', 'localhost.localdomain': '', salt['grains.get']('fqdn'): ''}.keys() %} mysql_delete_anonymous_user_{{ host }}: mysql_user: - absent @@ -60,9 +60,9 @@ mysql_delete_anonymous_user_{{ host }}: - name: '' - connection_host: '{{ mysql_host }}' - connection_user: '{{ mysql_salt_user }}' - {% if mysql_salt_password %} + {%- if mysql_salt_password %} - connection_pass: '{{ mysql_salt_password }}' - {% endif %} + {%- endif %} - connection_charset: utf8 - require: - service: mysqld-service-running @@ -73,19 +73,19 @@ mysql_delete_anonymous_user_{{ host }}: {%- if (mysql_salt_user != mysql_root_user) %} - sls: mysql.salt-user {%- endif %} -{% endfor %} -{% endif %} -{% endif %} +{%- endfor %} +{%- endif %} +{%- endif %} -{% if os_family == 'Arch' %} +{%- if os_family == 'Arch' %} # on arch linux: inital mysql datadirectory is not created mysql_install_datadir: cmd.run: -{% if mysql.version is defined and mysql.version >= 5.7 %} +{%- if mysql.version is defined and mysql.version >= 5.7 %} - name: mysqld --initialize-insecure --user=mysql --basedir=/usr --datadir={{ mysql_datadir }} -{% else %} +{%- else %} - name: mysql_install_db --user=mysql --basedir=/usr --datadir={{ mysql_datadir }} -{% endif %} +{%- endif %} - runas: root - creates: {{ mysql_datadir }}/mysql/user.frm - env: @@ -95,22 +95,22 @@ mysql_install_datadir: - file: mysql_config - require_in: - service: mysqld-service-running -{% endif %} +{%- endif %} mysqld-packages: pkg.installed: - name: {{ mysql.serverpkg }} -{% if os_family == 'Debian' and mysql_root_password %} +{%- if os_family == 'Debian' and mysql_root_password %} - require: - debconf: mysql_debconf -{% endif %} +{%- endif %} - require_in: - file: mysql_config -{% if "config_directory" in mysql %} +{%- if "config_directory" in mysql %} - file: mysql_config_directory -{% endif %} +{%- endif %} -{% if os_family in ['RedHat', 'Suse'] and mysql.version is defined and mysql.version >= 5.7 and mysql.serverpkg.lower() != 'mariadb-server' %} +{%- if os_family in ['RedHat', 'Suse'] and mysql.version is defined and mysql.version >= 5.7 and mysql.serverpkg.lower() != 'mariadb-server' %} # Initialize mysql database with --initialize-insecure option before starting service so we don't get locked out. mysql_initialize: cmd.run: @@ -119,9 +119,9 @@ mysql_initialize: - creates: {{ mysql_datadir }}/mysql/ - require: - pkg: {{ mysql.serverpkg }} -{% endif %} +{%- endif %} -{% if os_family in ['RedHat', 'Suse'] and mysql.serverpkg.lower() == 'mariadb-server' %} +{%- if os_family in ['RedHat', 'Suse'] and mysql.serverpkg.lower() == 'mariadb-server' %} # For MariaDB it's enough to only create the datadir mysql_initialize: file.directory: @@ -131,9 +131,9 @@ mysql_initialize: - makedirs: True - require: - pkg: {{ mysql.serverpkg }} -{% endif %} +{%- endif %} -{% if os_family in ['Gentoo'] %} +{%- if os_family in ['Gentoo'] %} mysql_initialize: cmd.run: - name: emerge --config {{ mysql.serverpkg }} @@ -141,7 +141,7 @@ mysql_initialize: - creates: {{ mysql_datadir }}/mysql/ - require: - pkg: {{ mysql.serverpkg }} -{% endif %} +{%- endif %} mysqld-service-running: service.running: @@ -149,17 +149,17 @@ mysqld-service-running: - enable: True - require: - pkg: {{ mysql.serverpkg }} -{% if (os_family in ['RedHat', 'Suse'] and mysql.version is defined and mysql.version >= 5.7 and mysql.serverpkg.lower() != 'mariadb-server') or (os_family in ['Gentoo']) %} +{%- if (os_family in ['RedHat', 'Suse'] and mysql.version is defined and mysql.version >= 5.7 and mysql.serverpkg.lower() != 'mariadb-server') or (os_family in ['Gentoo']) %} - cmd: mysql_initialize -{% elif os_family in ['RedHat', 'Suse'] and mysql.serverpkg.lower() == 'mariadb-server' %} +{%- elif os_family in ['RedHat', 'Suse'] and mysql.serverpkg.lower() == 'mariadb-server' %} - file: {{ mysql_datadir }} -{% endif %} +{%- endif %} - watch: - pkg: {{ mysql.serverpkg }} - file: mysql_config -{% if "config_directory" in mysql and "server_config" in mysql %} +{%- if "config_directory" in mysql and "server_config" in mysql %} - file: mysql_server_config -{% endif %} +{%- endif %} mysql_what_is_status_of_{{ mysql.service }}: cmd.run: diff --git a/mysql/user.sls b/mysql/user.sls index c31ef0e2..5c7e98b0 100644 --- a/mysql/user.sls +++ b/mysql/user.sls @@ -1,38 +1,38 @@ -{% from tpldir ~ "/map.jinja" import mysql with context %} +{%- from tpldir ~ "/map.jinja" import mysql with context %} {%- set mysql_root_user = salt['pillar.get']('mysql:server:root_user', 'root') %} {%- set mysql_root_pass = salt['pillar.get']('mysql:server:root_password', salt['grains.get']('server_id')) %} {%- set mysql_host = salt['pillar.get']('mysql:server:host', 'localhost') %} -{% set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} -{% set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_pass) %} +{%- set mysql_salt_user = salt['pillar.get']('mysql:salt_user:salt_user_name', mysql_root_user) %} +{%- set mysql_salt_pass = salt['pillar.get']('mysql:salt_user:salt_user_password', mysql_root_pass) %} -{% set user_states = [] %} -{% set user_hosts = [] %} +{%- set user_states = [] %} +{%- set user_hosts = [] %} include: - .python -{% for name, user in salt['pillar.get']('mysql:user', {}).items() %} +{%- for name, user in salt['pillar.get']('mysql:user', {}).items() %} -{% set user_host = salt['pillar.get']('mysql:user:%s:host'|format(name)) %} -{% if user_host != '' %} - {% set user_hosts = [user_host] %} -{% else %} - {% set user_hosts = salt['pillar.get']('mysql:user:%s:hosts'|format(name)) %} -{% endif %} +{%- set user_host = salt['pillar.get']('mysql:user:%s:host'|format(name)) %} +{%- if user_host != '' %} + {%- set user_hosts = [user_host] %} +{%- else %} + {%- set user_hosts = salt['pillar.get']('mysql:user:%s:hosts'|format(name)) %} +{%- endif %} -{% if not user_hosts %} - {% set mine_target = salt['pillar.get']('mysql:user:%s:mine_hosts:target'|format(name)) %} - {% set mine_function = salt['pillar.get']('mysql:user:%s:mine_hosts:function'|format(name)) %} - {% set mine_expression_form = salt['pillar.get']('mysql:user:%s:mine_hosts:expr_form'|format(name)) %} +{%- if not user_hosts %} + {%- set mine_target = salt['pillar.get']('mysql:user:%s:mine_hosts:target'|format(name)) %} + {%- set mine_function = salt['pillar.get']('mysql:user:%s:mine_hosts:function'|format(name)) %} + {%- set mine_expression_form = salt['pillar.get']('mysql:user:%s:mine_hosts:expr_form'|format(name)) %} - {% if mine_target and mine_function and mine_expression_form %} - {% set user_hosts = salt['mine.get'](mine_target, mine_function, mine_expression_form).values() %} - {% endif %} -{% endif %} + {%- if mine_target and mine_function and mine_expression_form %} + {%- set user_hosts = salt['mine.get'](mine_target, mine_function, mine_expression_form).values() %} + {%- endif %} +{%- endif %} -{% for host in user_hosts %} +{%- for host in user_hosts %} -{% set state_id = 'mysql_user_' ~ name ~ '_' ~ host %} +{%- set state_id = 'mysql_user_' ~ name ~ '_' ~ host %} {{ state_id }}: {%- if user.get('present', True) %} mysql_user.present: @@ -64,72 +64,72 @@ include: - grant: {{ user['grants']|join(",") }} - database: '*.*' - grant_option: {{ user['grant_option'] | default(False) }} - {% if 'ssl' in user or 'ssl-X509' in user %} + {%- if 'ssl' in user or 'ssl-X509' in user %} - ssl_option: - SSL: {{ user['ssl'] | default(False) }} - {% if user['ssl-X509'] is defined %} + {%- if user['ssl-X509'] is defined %} - X509: {{ user['ssl-X509'] }} - {% endif %} - {% if user['ssl-SUBJECT'] is defined %} + {%- endif %} + {%- if user['ssl-SUBJECT'] is defined %} - SUBJECT: {{ user['ssl-SUBJECT'] }} - {% endif %} - {% if user['ssl-ISSUER'] is defined %} + {%- endif %} + {%- if user['ssl-ISSUER'] is defined %} - ISSUER: {{ user['ssl-ISSUER'] }} - {% endif %} - {% if user['ssl-CIPHER'] is defined %} + {%- endif %} + {%- if user['ssl-CIPHER'] is defined %} - CIPHER: {{ user['ssl-CIPHER'] }} - {% endif %} - {% endif %} + {%- endif %} + {%- endif %} - user: {{ name }} - host: '{{ host }}' - connection_host: '{{ mysql_host }}' - connection_user: '{{ mysql_salt_user }}' - {% if mysql_salt_pass -%} + {%- if mysql_salt_pass %} - connection_pass: '{{ mysql_salt_pass }}' - {% endif %} + {%- endif %} - connection_charset: utf8 - require: - mysql_user: {{ state_id }} -{% endif %} +{%- endif %} {%- if 'databases' in user %} -{% for db in user['databases'] %} +{%- for db in user['databases'] %} {{ state_id ~ '_' ~ loop.index0 }}: mysql_grants.present: - name: {{ name ~ '_' ~ db['database'] ~ '_' ~ db['table'] | default('all') }} - grant: {{ db['grants']|join(",") }} - database: '{{ db['database'] }}.{{ db['table'] | default('*') }}' - grant_option: {{ db['grant_option'] | default(False) }} - {% if 'ssl' in user or 'ssl-X509' in user %} + {%- if 'ssl' in user or 'ssl-X509' in user %} - ssl_option: - SSL: {{ user['ssl'] | default(False) }} - {% if user['ssl-X509'] is defined %} + {%- if user['ssl-X509'] is defined %} - X509: {{ user['ssl-X509'] }} - {% endif %} - {% if user['ssl-SUBJECT'] is defined %} + {%- endif %} + {%- if user['ssl-SUBJECT'] is defined %} - SUBJECT: {{ user['ssl-SUBJECT'] }} - {% endif %} - {% if user['ssl-ISSUER'] is defined %} + {%- endif %} + {%- if user['ssl-ISSUER'] is defined %} - ISSUER: {{ user['ssl-ISSUER'] }} - {% endif %} - {% if user['ssl-CIPHER'] is defined %} + {%- endif %} + {%- if user['ssl-CIPHER'] is defined %} - CIPHER: {{ user['ssl-CIPHER'] }} - {% endif %} - {% endif %} + {%- endif %} + {%- endif %} - user: {{ name }} - host: '{{ host }}' - escape: {{ db['escape'] | default(True) }} - connection_host: '{{ mysql_host }}' - connection_user: '{{ mysql_salt_user }}' - {% if mysql_salt_pass -%} + {%- if mysql_salt_pass %} - connection_pass: '{{ mysql_salt_pass }}' - {% endif %} + {%- endif %} - connection_charset: utf8 - require: - mysql_user: {{ state_id }} -{% endfor %} -{% endif %} +{%- endfor %} +{%- endif %} -{% do user_states.append(state_id) %} -{% endfor %} -{% endfor %} +{%- do user_states.append(state_id) %} +{%- endfor %} +{%- endfor %}