From d82e3021a4fac6cd32f9a34b7fbe7d3b7f438ba5 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Fri, 15 Jan 2016 13:30:50 +0200
Subject: [PATCH] mariadb: Initial version of mariadb module.

---
 mariadb/files/mariadb.logrotate           |  38 ++++++
 mariadb/files/my.cnf                      |  11 ++
 mariadb/manifests/init.pp                 | 157 ++++++++++++++++++++++
 mariadb/templates/mariadb-backup.cron.erb |  32 +++++
 4 files changed, 238 insertions(+)
 create mode 100644 mariadb/files/mariadb.logrotate
 create mode 100644 mariadb/files/my.cnf
 create mode 100644 mariadb/manifests/init.pp
 create mode 100644 mariadb/templates/mariadb-backup.cron.erb

diff --git a/mariadb/files/mariadb.logrotate b/mariadb/files/mariadb.logrotate
new file mode 100644
index 0000000..d4869f2
--- /dev/null
+++ b/mariadb/files/mariadb.logrotate
@@ -0,0 +1,38 @@
+# This logname can be set in /etc/my.cnf
+# by setting the variable "log-error"
+# in the [mysqld_safe] section as follows:
+#
+# [mysqld_safe]
+# log-error=/var/log/mariadb/mariadb.log
+#
+# If the root user has a password you have to create a
+# /root/.my.cnf configuration file with the following
+# content:
+#
+# [mysqladmin]
+# password = <secret> 
+# user= root
+#
+# where "<secret>" is the password. 
+#
+# ATTENTION: This /root/.my.cnf should be readable ONLY
+# for root !
+
+# Then, un-comment the following lines to enable rotation of mysql's log file:
+
+/var/log/mariadb/mariadb.log {
+        create 640 mysql mysql
+        notifempty
+	daily
+        rotate 3
+        missingok
+        compress
+    postrotate
+	# just if mysqld is really running
+	if test -x /usr/bin/mysqladmin && \
+	   /usr/bin/mysqladmin ping &>/dev/null
+	then
+	   /usr/bin/mysqladmin flush-logs
+	fi
+    endscript
+}
diff --git a/mariadb/files/my.cnf b/mariadb/files/my.cnf
new file mode 100644
index 0000000..253cc25
--- /dev/null
+++ b/mariadb/files/my.cnf
@@ -0,0 +1,11 @@
+[mysqld]
+datadir=/srv/mariadb
+socket=/var/lib/mysql/mysql.sock
+user=mysql
+# Default to using old password format for compatibility with mysql 3.x
+# clients.
+old_passwords=1
+
+[mysqld_safe]
+log-error=/var/log/mariadb/mariadb.log
+pid-file=/var/run/mariadb/mariadb.pid
diff --git a/mariadb/manifests/init.pp b/mariadb/manifests/init.pp
new file mode 100644
index 0000000..5fde4f6
--- /dev/null
+++ b/mariadb/manifests/init.pp
@@ -0,0 +1,157 @@
+
+# Install MariaDB client utilities.
+#
+class mariadb::client {
+
+    package { "mariadb":
+        ensure => installed,
+    }
+
+}
+
+
+# Install MariaDB server
+#
+# === Parameters
+#
+#   $datadir:
+#       Directory where MariaDB databases are stored.
+#
+#   $root_password:
+#       Password for MariaDB server root user.
+#
+class mariadb::server($datadir="/srv/mariadb", $config=undef, $root_password=undef) {
+
+    package { "mariadb-server":
+        ensure => installed,
+    }
+
+    if $datadir != "/srv/mariadb" {
+        file { $datadir:
+            ensure  => directory,
+            mode    => "0755",
+            owner   => "mysql",
+            group   => "mysql",
+            seltype => "mysqld_db_t",
+            require => Package["mariadb-server"],
+        }
+        file { "/srv/mariadb":
+            ensure  => link,
+            target  => $datadir,
+            seltype => "mysqld_db_t",
+            require => File[$datadir],
+        }
+    } else {
+        file { "/srv/mariadb":
+            ensure  => directory,
+            mode    => "0755",
+            owner   => "mysql",
+            group   => "mysql",
+            seltype => "mysqld_db_t",
+            require => Package["mariadb-server"],
+        }
+    }
+
+    selinux::manage_fcontext { "/srv/mariadb(/.*)?":
+        type   => "mysqld_db_t",
+        before => File["/srv/mariadb"],
+    }
+    if $datadir {
+        selinux::manage_fcontext { "${datadir}(/.*)?":
+            type   => "mysqld_db_t",
+            before => File[$datadir],
+        }
+    }
+
+    service { "mariadb":
+        ensure  => running,
+        enable  => true,
+        require => File["/srv/mariadb"],
+    }
+
+    file { "/etc/my.cnf":
+        ensure  => present,
+        source  => $config ? {
+            undef   => "puppet:///modules/mariadb/my.cnf",
+            default => $config,
+        },
+        mode    => "0644",
+        owner   => "root",
+        group   => "root",
+        require => Package["mariadb-server"],
+        notify  => Service["mariadb"],
+    }
+
+    file { "/etc/logrotate.d/mariadb":
+        ensure  => present,
+        source  => "puppet:///modules/mariadb/mariadb.logrotate",
+        mode    => "0644",
+        owner   => "root",
+        group   => "root",
+        require => Package["mariadb-server"],
+    }
+
+    case $root_password {
+        undef: {
+            file { "/var/lib/mysql":
+                ensure  => directory,
+                mode    => "0700",
+                owner   => "mysql",
+                group   => "mysql",
+                require => Package["mariadb-server"],
+            }
+        }
+        default: {
+            file { "/root/.my.cnf":
+                ensure  => present,
+                content => "[client]\nuser=\"root\"\npassword=\"${root_password}\"\n",
+                mode    => "0600",
+                owner   => "root",
+                group   => "root",
+            }
+        }
+    }
+
+}
+
+
+# Install MariaDB daily backup job
+#
+# === Global variables
+#
+#   $datadir:
+#       Directory where MariaDB backups are stored. Defaults
+#       to /srv/mariadb-backup
+#
+#   $maxage:
+#       How long to keep MariaDB backups. Defaults to 7 days.
+#
+class mariadb::server::backup($datadir="/srv/mariadb-backup", $maxage="7") {
+
+    require mariadb::client
+
+    file { $datadir:
+        ensure  => directory,
+        mode    => "0700",
+        owner   => "root",
+        group   => "root",
+    }
+
+    file { "/usr/local/sbin/mariadb-backup":
+        ensure  => present,
+        content => template("mariadb/mariadb-backup.cron.erb"),
+        mode    => "0755",
+        owner   => "root",
+        group   => "root",
+        require => File[$datadir],
+    }
+
+    cron { "mariadb-backup":
+        command     => "/usr/local/sbin/mariadb-backup",
+        user        => "root",
+        hour        => "0",
+        minute      => "30",
+        require     => File["/usr/local/sbin/mariadb-backup"],
+    }
+
+}
diff --git a/mariadb/templates/mariadb-backup.cron.erb b/mariadb/templates/mariadb-backup.cron.erb
new file mode 100644
index 0000000..4a895ee
--- /dev/null
+++ b/mariadb/templates/mariadb-backup.cron.erb
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+umask 077
+
+DESTDIR="<%= @datadir %>"
+MAXAGE="<%= @maxage %>"
+
+DATE=`date "+%Y-%m-%d"`
+HOME="`getent passwd ${USER} | cut -d : -f 6`"
+OPTS=""
+
+if [ ! -d ${DESTDIR} ]; then
+    echo "ERR: MariaDB backup directory [${DESTDIR}] does not exist" 1>&2
+    exit 1
+fi
+
+cd ${DESTDIR} && {
+    find . -xdev -mindepth 2 -maxdepth 2 -type f -mtime +<%= @maxage %> -execdir rm -f -- {} \;
+    find . -xdev -depth -mindepth 1 -maxdepth 1 -type d -empty -execdir rmdir -- {} \;
+}
+
+DESTDIR=${DESTDIR}/${DATE}
+mkdir -p ${DESTDIR}
+
+for db in `mysql -e 'show databases' -s` ; do
+    case ${db} in
+        Database|information_schema|performance_schema)
+            continue
+            ;;
+    esac
+    mysqldump -E --add-drop-table ${OPTS} ${db} | gzip > ${DESTDIR}/${db}.${DATE}.gz
+done