class mysql {
$dbpassword = "password"
define seed_package($ensure = latest) {
$seedpath = "/tmp"
file { "$seedpath/$name.seed":
source => "puppet:///mysql/$name.seed",
mode => 0600,
owner => root,
group => root
}
package { $name:
ensure => $ensure,
responsefile => "$seedpath/$name.seed",
require => File["$seedpath/$name.seed"],
}
}
package { "mysql-client": ensure => installed }
seed_package { "mysql-server": ensure => installed }
exec { "Set MySQL server root password":
subscribe => [Package["mysql-server"], Package["mysql-client"]],
refreshonly => true,
unless => "mysqladmin -uroot -p$dbpassword status",
path => "/bin:/usr/bin:/usr/sbin",
command => "mysqladmin -uroot password $dbpassword",
require => Package["mysql-server"],
}
service { apparmor:
ensure => "running",
enable => true,
}
file { "/etc/apparmor.d/usr.sbin.mysqld":
owner => "root",
group => "root",
mode => "0644",
replace => true,
source => "puppet:///mysql/usr.sbin.mysqld",
notify => Service[apparmor],
require => Package["mysql-server"],
}
file { "/etc/mysql/conf.d/myconfig.cnf":
owner => "root",
group => "root",
mode => "0644",
replace => true,
content => template("mysql/myconfig.cnf.erb"),
require => Package["mysql-server"],
}
file { "/root/.my.cnf":
owner => "root",
group => "root",
mode => "0400",
replace => true,
content => template("mysql/root.my.cnf.erb"),
require => Package["mysql-server"],
}
file { "/etc/mysql/my.cnf":
owner => "root",
group => "root",
mode => "0644",
replace => true,
source => "puppet:///mysql/my.cnf",
}
file { "/srv/mysql":
owner => "mysql",
group => "mysql",
mode => "0755",
ensure => directory,
require => Package["mysql-server"],
}
file { "/srv/mysql/lib":
owner => "mysql",
group => "mysql",
mode => "0755",
ensure => directory,
require => Package["mysql-server"],
}
file { "/srv/mysql/lib/mysql":
ensure => "/var/lib/mysql/mysql",
require => Package["mysql-server"],
}
service { mysql:
enable => "true",
ensure => "running",
require => File["/etc/mysql/conf.d/myconfig.cnf"],
require => File["/etc/mysql/my.cnf"],
}
# Replication slave user
mysql_user { "myuser@%.mydomain":
password_hash => "passwordhere",
ensure => present,
require => Service[mysql],
}
mysql_grant { "myuser@%.mydomain":
privileges => ["repl_slave_priv"],
require => Service[mysql],
}
}
Pastie << self Blog
