[
  {
    "path": "README.md",
    "content": "MySQL Server\n============\n\nThis roles helps to install MySQL Server across RHEL and Ubuntu variants.\nApart from installing the MySQL Server, it applies basic hardening, like\nsecuring the root account with password, and removing test databases. The role\ncan also be used to add databases to the MySQL server and create users in the\ndatabase. It also supports configuring the databases for replication--both\nmaster and slave can be configured via this role.\n\nRequirements\n------------\n\nThis role requires Ansible 1.4 or higher, and platform requirements are listed\nin the metadata file.\n\nRole Variables\n--------------\n\nThe variables that can be passed to this role and a brief description about\nthem are as follows:\n\n      mysql_port: 3306                 # The port for mysql server to listen\n      mysql_bind_address: \"0.0.0.0\"    # The bind address for mysql server\n      mysql_root_db_pass: foobar       # The root DB password\n\n      # A list that has all the databases to be\n      # created and their replication status:\n      mysql_db:                                 \n           - name: foo\n             replicate: yes\n           - name: bar\n             replicate: no\n\n      # A list of the mysql users to be created\n      # and their password and privileges:\n      mysql_users:                              \n           - name: benz\n             pass: foobar\n             priv: \"*.*:ALL\"\n\n      # If the database is replicated the users\n      # to be used for replication:\n      mysql_repl_user:                          \n        - name: repl\n          pass: foobar\n\n      # The role of this server in replication:\n      mysql_repl_role: master\n\n      # A unique id for the mysql server (used in replication):\n      mysql_db_id: 7\n\nExamples\n--------\n\n1) Install MySQL Server and set the root password, but don't create any\ndatabase or users.\n\n      - hosts: all\n        roles:\n        - {role: mysql, mysql_root_db_pass: foobar, mysql_db: none, mysql_users: none }\n\n2) Install MySQL Server and create 2 databases and 2 users.\n\n      - hosts: all\n        roles:\n         - {role: mysql, mysql_db: [{name: benz},\n                                    {name: benz2}],\n            mysql_users: [{name: ben3, pass: foobar, priv: \"*.*:ALL\"},\n                          {name: ben2, pass: foo}] }\n\nNote: If users are specified and password/privileges are not specified, then\ndefault values are set.\n\n3) Install MySQL Server and create 2 databases and 2 users and configure the\ndatabase as replication master with one database configured for replication.\n\n      - hosts: all\n        roles:\n         - {role: mysql, mysql_db: [{name: benz, replicate: yes },\n                                    { name: benz2, replicate: no}], \n                         mysql_users: [{name: ben3, pass: foobar, priv: \"*.*:ALL\"},\n                                       {name: ben2, pass: foo}],\n                         mysql_repl_user: [{name: repl, pass: foobar}] }\n\n4) A fully installed/configured MySQL Server with master and slave\nreplication.\n\n      - hosts: master\n        roles:\n         - {role: mysql, mysql_db: [{name: benz}, {name: benz2}],\n                         mysql_users: [{name: ben3, pass: foobar, priv: \"*.*:ALL\"},\n                                       {name: ben2, pass: foo}],\n                         mysql_db_id: 8 }\n\n      - hosts: slave\n        roles:\n         - {role: mysql, mysql_db: none, mysql_users: none,\n                  mysql_repl_role: slave, mysql_repl_master: vm2,\n                  mysql_db_id: 9, mysql_repl_user: [{name: repl, pass: foobar}] }\n\nNote: When configuring the full replication please make sure the master is\nconfigured via this role and the master is available in inventory and facts\nhave been gathered for master. The replication tasks assume the database is\nnew and has no data.\n\n\nDependencies\n------------\n\nNone\n\nLicense\n-------\n\nBSD\n\nAuthor Information\n------------------\n\nBenno Joy\n \n\n"
  },
  {
    "path": "defaults/main.yml",
    "content": "---\n\nmysql_port: 3306\nmysql_bind_address: \"0.0.0.0\"\nmysql_root_db_pass: foobar\n\nmysql_db:\n     - name: foo\n       replicate: yes\n     - name: bar\n       replicate: no\n\nmysql_users:\n     - name: benz\n       pass: foobar\n       priv: \"*.*:ALL\"\n\nmysql_repl_user:\n  - name: repl\n    pass: foobar\n\nmysql_repl_role: master\nmysql_db_id: 7\n\nmysql_sql_mode: STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
  },
  {
    "path": "handlers/main.yml",
    "content": "---\n- name: restart mysql\n  service: name={{ mysql_service }} state=restarted \n"
  },
  {
    "path": "meta/main.yml",
    "content": "---\ngalaxy_info:\n  author: \"Benno Joy\"\n  company: AnsibleWorks\n  license: license (BSD)\n  min_ansible_version: 1.4 \n  platforms:\n   - name: EL\n     versions:\n      - 5\n      - 6\n   - name: Fedora\n     versions:\n      - 16\n      - 17\n      - 18\n   - name: Ubuntu\n     versions:\n      - precise\n      - quantal\n      - raring\n      - saucy\n  categories:\n   - database:sql\ndependencies: []\n  \n"
  },
  {
    "path": "tasks/main.yml",
    "content": "---\n- name: Add the OS specific variables\n  include_vars: \"{{ ansible_os_family }}.yml\"\n\n- name: Install the mysql packages in Redhat derivatives\n  yum: name={{ item }} state=installed\n  with_items:\n    - \"{{ mysql_pkgs }}\"\n  when: ansible_os_family == 'RedHat'\n\n- name: Install the mysql packages in Debian derivatives\n  apt: name={{ item }} state=installed update_cache=yes\n  with_items:\n    - \"{{ mysql_pkgs }}\"\n  environment: \"{{ env }}\"\n  when: ansible_os_family == 'Debian'\n\n- name: Copy the my.cnf file\n  template: src=my.cnf.{{ ansible_os_family }}.j2 dest={{ mysql_conf_dir }}/my.cnf\n  notify:\n   - restart mysql\n\n- name: Create the directory /etc/mysql/conf.d\n  file: path=/etc/mysql/conf.d state=directory\n  notify:\n   - restart mysql\n\n- name: Deploy mysql config to conf.d\n  template: src=mysql.cnf.j2 dest=/etc/mysql/conf.d/mysql.cnf\n  notify:\n    - restart mysql\n\n- name: Start the mysql services\n  service: name={{ mysql_service }} state=started enabled=yes\n\n- name: update mysql root password for all root accounts\n  mysql_user: name=root host={{ item }} password={{ mysql_root_db_pass }}\n  with_items:\n   - \"{{ ansible_hostname }}\"\n   - 127.0.0.1\n   - ::1\n   - localhost\n  when: ansible_hostname != 'localhost'\n\n- name: update mysql root password for all root accounts\n  mysql_user: name=root host={{ item }} password={{ mysql_root_db_pass }}\n  with_items:\n   - 127.0.0.1\n   - ::1\n   - localhost\n  when: ansible_hostname == 'localhost'\n\n- name: copy .my.cnf file with root password credentials\n  template: src=.my.cnf.j2 dest=~/.my.cnf mode=0600\n\n- name: ensure anonymous users are not in the database\n  mysql_user: name='' host={{ item }} state=absent\n  with_items:\n   - localhost\n   - \"{{ ansible_hostname }}\"\n\n- name: remove the test database\n  mysql_db: name=test state=absent\n\n- name: Create the database's\n  mysql_db: name={{ item.name }} state=present\n  with_items:\n    - \"{{ mysql_db }}\"\n  when: mysql_db|lower() != 'none'\n\n- name: Create the database users\n  mysql_user: name={{ item.name }}  password={{ item.pass|default(\"foobar\") }}\n                priv={{ item.priv|default(\"*.*:ALL\") }} state=present host={{ item.host | default(\"localhost\") }}\n  with_items:\n    - \"{{ mysql_users }}\"\n  when: mysql_users|lower() != 'none'\n\n- name: Create the replication users\n  mysql_user: name={{ item.name }}  host=\"%\" password={{ item.pass|default(\"foobar\") }}\n                priv=\"*.*:REPLICATION SLAVE\" state=present\n  with_items:\n    - \"{{ mysql_repl_user }}\"\n  when: mysql_repl_role == 'master'\n\n- name: Check if slave is already configured for replication\n  mysql_replication: mode=getslave\n  ignore_errors: true\n  register: slave\n  when: mysql_repl_role == 'slave'\n\n- name: Ensure the hostname entry for master is available for the client.\n  lineinfile: dest=/etc/hosts regexp=\"{{ mysql_repl_master }}\" line=\"{{ hostvars[mysql_repl_master].ansible_default_ipv4.address + \"   \" + mysql_repl_master }}\" state=present\n  when: slave|failed and mysql_repl_role == 'slave' and mysql_repl_master is defined\n\n- name: Get the current master servers replication status\n  mysql_replication: mode=getmaster\n  delegate_to: \"{{ mysql_repl_master }}\"\n  register: repl_stat\n  when: slave|failed and mysql_repl_role == 'slave' and mysql_repl_master is defined\n\n- name: Change the master in slave to start the replication\n  mysql_replication: mode=changemaster master_host={{ mysql_repl_master }} master_log_file={{ repl_stat.File }} master_log_pos={{ repl_stat.Position }} master_user={{ mysql_repl_user[0].name }} master_password={{ mysql_repl_user[0].pass }}\n  when: slave|failed and mysql_repl_role == 'slave' and mysql_repl_master is defined\n\n\n"
  },
  {
    "path": "templates/.my.cnf.j2",
    "content": "[client]\nuser=root\npassword={{ mysql_root_db_pass }}\n"
  },
  {
    "path": "templates/my.cnf.Debian.j2",
    "content": "#\n# The MySQL database server configuration file.\n#\n[client]\nport\t\t= {{ mysql_port }}\nsocket\t\t= /var/run/mysqld/mysqld.sock\n\n# This was formally known as [safe_mysqld]. Both versions are currently parsed.\n[mysqld_safe]\nsocket\t\t= /var/run/mysqld/mysqld.sock\nnice\t\t= 0\n\n[mysqld]\nuser\t\t= mysql\npid-file\t= /var/run/mysqld/mysqld.pid\nsocket\t\t= /var/run/mysqld/mysqld.sock\nport\t\t= {{ mysql_port }}\nbasedir\t\t= /usr\ndatadir\t\t= /var/lib/mysql\ntmpdir\t\t= /tmp\nlc-messages-dir\t= /usr/share/mysql\nskip-external-locking\n\nbind-address\t\t= {{ mysql_bind_address }}\n\n#key_buffer\t\t= 16M\nmax_allowed_packet\t= 16M\nthread_stack\t\t= 192K\nthread_cache_size       = 8\n\nquery_cache_limit\t= 1M\nquery_cache_size        = 16M\nlog_error = /var/log/mysql/error.log\nserver-id               = {{ mysql_db_id }}\n\n{% if mysql_repl_role == 'master' %}\nlog_bin                 = mysql-bin\nexpire_logs_days        = 10\nmax_binlog_size         = 100M\n\n{% if mysql_db is iterable and mysql_db is not string %}\n{% for i in mysql_db %}\n{% if i.replicate|default(1) %}\nbinlog_do_db            = {{ i.name }}\n{% endif %}\n{% endfor %}\n\n{% for i in mysql_db %}\n{% if not i.replicate|default(1) %}\nbinlog_ignore_db        = {{ i.name }}\n{% endif %}\n{% endfor %}\n{% endif %}\n{% endif %}\n\n!includedir /etc/mysql/conf.d/\n"
  },
  {
    "path": "templates/my.cnf.RedHat.j2",
    "content": "[mysqld]\ndatadir=/var/lib/mysql\nsocket=/var/lib/mysql/mysql.sock\nuser=mysql\n# Disabling symbolic-links is recommended to prevent assorted security risks\nsymbolic-links=0\nport={{ mysql_port }}\nbind-address={{ mysql_bind_address }}\nserver-id               = {{ mysql_db_id }}\n\n{% if mysql_repl_role == 'master' %}\nlog_bin                 = mysql-bin\nexpire_logs_days        = 10\nmax_binlog_size         = 100M\n\n{% for i in mysql_db %}\n{% if i.replicate|default(1) %}\nbinlog_do_db            = {{ i.name }}\n{% endif %}\n{% endfor %}\n\n{% for i in mysql_db %}\n{% if not i.replicate|default(1) %}\nbinlog_ignore_db        = {{ i.name }}\n{% endif %}\n{% endfor %}\n{% endif %}\n\n[mysqld_safe]\nlog-error=/var/log/mysqld.log\npid-file=/var/run/mysqld/mysqld.pid\n\n!includedir /etc/mysql/conf.d/\n"
  },
  {
    "path": "templates/mysql.cnf.j2",
    "content": "[mysqld]\nsql_mode={{ mysql_sql_mode }}"
  },
  {
    "path": "vars/Debian.yml",
    "content": "---\n\nmysql_pkgs:\n  - python-selinux\n  - mysql-server\n  - python-mysqldb\n\nmysql_service: mysql\nmysql_conf_dir: \"/etc/mysql/\"\n"
  },
  {
    "path": "vars/RedHat.yml",
    "content": "---\nmysql_pkgs:\n  - libselinux-python\n  - mysql-server\n  - MySQL-python\n\nmysql_service: mysqld\n\nmysql_conf_dir: \"/etc/\"\n"
  },
  {
    "path": "vars/main.yml",
    "content": "---\nenv:\n RUNLEVEL: 1\n\n"
  }
]