diff --git a/defaults/main.yml b/defaults/main.yml index c5d4b7d..48f148d 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -32,6 +32,29 @@ mysql_mariadb_pkgs: - "{% if ansible_distribution_version is version_compare('20.04', '>=') %}python3-pymysql{% else %}python-pymysql{% endif %}" - "{% if ansible_distribution_version is version_compare('20.04', '>=') %}python3-mysql.connector{% else %}python-mysql.connector{% endif %}" +mariadb_server_conf_file: /etc/mysql/mariadb.conf.d/50-server.cnf +mariadb_server_conf_params: + - section: mysqld + option: bind-address + value: '{% if mysql_listen_on_ext_int %}0.0.0.0{% else %}127.0.0.1{% endif %}' + state: present + - section: mysqld + option: port + value: '{{ mysql_db_port }}' + state: present + - section: mysqld + option: socket + value: '{{ mysql_socket }}' + state: present + - section: mysqld + option: datadir + value: '{{ mysql_data_dir }}' + state: present + - section: mysqld + option: max-connections + value: '{{ mysql_db_max_connections }}' + state: present + mysql_db_name: db_name mysql_db_user: db_user mysql_db_pwd: "We cannot save the password into the repository. Use another variable and change pgpass.j2 accordingly. Encrypt the file that contains the variable with ansible-vault" diff --git a/tasks/mysql-conf.yml b/tasks/mysql-conf.yml index 68f8897..4c58f15 100644 --- a/tasks/mysql-conf.yml +++ b/tasks/mysql-conf.yml @@ -1,7 +1,7 @@ --- -- name: mysql-conf | Manage the MySQL configuration files +- name: mysql-conf | Manage the MySQL data directory if not the default one when: mysql_enabled | bool - tags: ['mysql', 'mariadb', 'mysql_conf'] + tags: ['mysql', 'mariadb', 'mysql_data_dir'] block: - name: mysql-conf | Check if the new mysql data directory exists ansible.builtin.stat: @@ -37,6 +37,31 @@ group: adm mode: "1750" + - name: mysql-conf | Add AppArmor alias + ansible.builtin.lineinfile: + path: /etc/apparmor.d/tunables/alias + line: 'alias /var/lib/mysql/ -> {{ mysql_data_dir }}/,' + insertafter: EOF + when: my_data_dir.stat.isdir is not defined + + - name: mysql-conf | Restart the AppArmor service + ansible.builtin.service: + name: apparmor + state: restarted + when: my_data_dir.stat.isdir is not defined + + - name: mysql-conf | Start the mysql service with the new the data directory + ansible.builtin.service: + name: "{{ mysql_service_name }}" + state: started + when: my_data_dir.stat.isdir is not defined + +- name: mysql-conf | Manage the MySQL configuration files + when: + - mysql_enabled | bool + - not mysql_installs_mariadb + tags: ['mysql', 'mariadb', 'mysql_conf'] + block: - name: mysql-conf | Install the main configuration files. ansible.builtin.template: src: "{{ item }}.cnf.j2" @@ -60,21 +85,18 @@ - server notify: Restart mysql - - name: mysql-conf | Add AppArmor alias - ansible.builtin.lineinfile: - path: /etc/apparmor.d/tunables/alias - line: 'alias /var/lib/mysql/ -> {{ mysql_data_dir }}/,' - insertafter: EOF - when: my_data_dir.stat.isdir is not defined - - - name: mysql-conf | Restart the AppArmor service - ansible.builtin.service: - name: apparmor - state: restarted - when: my_data_dir.stat.isdir is not defined - - - name: mysql-conf | Start the mysql service with the new the data directory - ansible.builtin.service: - name: "{{ mysql_service_name }}" - state: started - when: my_data_dir.stat.isdir is not defined +- name: mysql-conf | Manage the MariaDB configuration files + when: + - mysql_enabled | bool + - mysql_installs_mariadb + tags: ['mysql', 'mariadb', 'mysql_conf'] + block: + - name: mysql-conf | Configure MariaDB server options + ansible.builtin.ini_file: + - section: "{{ item.section }}" + option: "{{ item.option }}" + value: "{{ item.value }}" + state: "{{ item.state }}" + dest: "{{ mariadb_server_conf_file }}" + backup: false + loop: "{{ mariadb_server_conf_params }}"