Mercurial > repos > other > Puppet
comparison modules/mysql/manifests/server.pp @ 443:c6c9a2cfcfbd
Update MySQL module
Fixes a problem with MariaDB and blank certificate paths
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Mon, 08 May 2023 11:48:41 +0100 |
| parents | 668df4711671 |
| children | adf6fe9bbc17 |
comparison
equal
deleted
inserted
replaced
| 442:2879e2d4148e | 443:c6c9a2cfcfbd |
|---|---|
| 15 # The MySQL configuration file's permissions mode. | 15 # The MySQL configuration file's permissions mode. |
| 16 # @param includedir | 16 # @param includedir |
| 17 # The location, as a path, of !includedir for custom configuration overrides. | 17 # The location, as a path, of !includedir for custom configuration overrides. |
| 18 # @param install_options | 18 # @param install_options |
| 19 # Passes [install_options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) array to managed package resources. You must pass the appropriate options for the specified package manager | 19 # Passes [install_options](https://docs.puppetlabs.com/references/latest/type.html#package-attribute-install_options) array to managed package resources. You must pass the appropriate options for the specified package manager |
| 20 # @param install_secret_file | |
| 21 # Path to secret file containing temporary root password. | |
| 22 # @param manage_config_file | 20 # @param manage_config_file |
| 23 # Whether the MySQL configuration file should be managed. Valid values are `true`, `false`. Defaults to `true`. | 21 # Whether the MySQL configuration file should be managed. Valid values are `true`, `false`. Defaults to `true`. |
| 24 # @param options | 22 # @param options |
| 25 # A hash of options structured like the override_options, but not merged with the default options. Use this if you don't want your options merged with the default options. | 23 # A hash of options structured like the override_options, but not merged with the default options. |
| 24 # Use this if you don't want your options merged with the default options. | |
| 26 # @param override_options | 25 # @param override_options |
| 27 # Specifies override options to pass into MySQL. Structured like a hash in the my.cnf file: See above for usage details. | 26 # Specifies override options to pass into MySQL. Structured like a hash in the my.cnf file: See above for usage details. |
| 28 # @param package_ensure | 27 # @param package_ensure |
| 29 # Whether the package exists or should be a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Defaults to 'present'. | 28 # Whether the package exists or should be a specific version. Valid values are 'present', 'absent', or 'x.y.z'. Defaults to 'present'. |
| 30 # @param package_manage | 29 # @param package_manage |
| 41 # Specifies whether to automatically include `mysql::server::account_security`. Valid values are `true`, `false`. Defaults to `false`. | 40 # Specifies whether to automatically include `mysql::server::account_security`. Valid values are `true`, `false`. Defaults to `false`. |
| 42 # @param restart | 41 # @param restart |
| 43 # Whether the service should be restarted when things change. Valid values are `true`, `false`. Defaults to `false`. | 42 # Whether the service should be restarted when things change. Valid values are `true`, `false`. Defaults to `false`. |
| 44 # @param root_group | 43 # @param root_group |
| 45 # The name of the group used for root. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). | 44 # The name of the group used for root. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). |
| 45 # @param managed_dirs | |
| 46 # An array containing all directories to be managed. | |
| 46 # @param mysql_group | 47 # @param mysql_group |
| 47 # The name of the group of the MySQL daemon user. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). | 48 # The name of the group of the MySQL daemon user. Can be a group name or a group ID. See more about the [group](https://docs.puppetlabs.com/references/latest/type.html#file-attribute-group). |
| 48 # @param mycnf_owner | 49 # @param mycnf_owner |
| 49 # Name or user-id who owns the mysql-config-file. | 50 # Name or user-id who owns the mysql-config-file. |
| 50 # @param mycnf_group | 51 # @param mycnf_group |
| 51 # Name or group-id which owns the mysql-config-file. | 52 # Name or group-id which owns the mysql-config-file. |
| 52 # @param root_password | 53 # @param root_password |
| 53 # The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. This is required if `create_root_user` or `create_root_my_cnf` are true. If `root_password` is 'UNSET', then `create_root_user` and `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. | 54 # The MySQL root password. Puppet attempts to set the root password and update `/root/.my.cnf` with it. This is required |
| 55 # if `create_root_user` or `create_root_my_cnf` are true. If `root_password` is 'UNSET', then `create_root_user` and | |
| 56 # `create_root_my_cnf` are assumed to be false --- that is, the MySQL root user and `/root/.my.cnf` are not created. | |
| 57 # Password changes are supported; however, the old password must be set in `/root/.my.cnf`. Effectively, Puppet uses the old | |
| 58 # password, configured in `/root/my.cnf`, to set the new password in MySQL, and then updates `/root/.my.cnf` with the new password. | |
| 54 # @param service_enabled | 59 # @param service_enabled |
| 55 # Specifies whether the service should be enabled. Valid values are `true`, `false`. Defaults to `true`. | 60 # Specifies whether the service should be enabled. Valid values are `true`, `false`. Defaults to `true`. |
| 56 # @param service_manage | 61 # @param service_manage |
| 57 # Specifies whether the service should be managed. Valid values are `true`, `false`. Defaults to `true`. | 62 # Specifies whether the service should be managed. Valid values are `true`, `false`. Defaults to `true`. |
| 58 # @param service_name | 63 # @param service_name |
| 59 # The name of the MySQL server service. Defaults are OS dependent, defined in 'params.pp'. | 64 # The name of the MySQL server service. Defaults are OS dependent, defined in 'params.pp'. |
| 60 # @param service_provider | 65 # @param service_provider |
| 61 # The provider to use to manage the service. For Ubuntu, defaults to 'upstart'; otherwise, default is undefined. | 66 # The provider to use to manage the service. For Ubuntu, defaults to 'upstart'; otherwise, default is undefined. |
| 62 # @param create_root_user | 67 # @param create_root_user |
| 63 # Whether root user should be created. Valid values are `true`, `false`. Defaults to `true`. This is useful for a cluster setup with Galera. The root user has to be created only once. You can set this parameter true on one node and set it to false on the remaining nodes. | 68 # Whether root user should be created. Valid values are `true`, `false`. Defaults to `true`. |
| 69 # This is useful for a cluster setup with Galera. The root user has to be created only once. | |
| 70 # You can set this parameter true on one node and set it to false on the remaining nodes. | |
| 64 # @param create_root_my_cnf | 71 # @param create_root_my_cnf |
| 65 # Whether to create `/root/.my.cnf`. Valid values are `true`, `false`. Defaults to `true`. `create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. You can use this for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. | 72 # Whether to create `/root/.my.cnf`. Valid values are `true`, `false`. Defaults to `true`. |
| 73 # `create_root_my_cnf` allows creation of `/root/.my.cnf` independently of `create_root_user`. | |
| 74 # You can use this for a cluster setup with Galera where you want `/root/.my.cnf` to exist on all nodes. | |
| 75 # @param create_root_login_file | |
| 76 # Whether to create a login file for root. Valid values are 'true', 'false'. | |
| 77 # @param login_file | |
| 78 # Specify the login file. | |
| 66 # @param users | 79 # @param users |
| 67 # Optional hash of users to create, which are passed to [mysql_user](#mysql_user). | 80 # Optional hash of users to create, which are passed to [mysql_user](#mysql_user). |
| 68 # @param grants | 81 # @param grants |
| 69 # Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). | 82 # Optional hash of grants, which are passed to [mysql_grant](#mysql_grant). |
| 70 # @param databases | 83 # @param databases |
| 72 # @param enabled | 85 # @param enabled |
| 73 # _Deprecated_ | 86 # _Deprecated_ |
| 74 # @param manage_service | 87 # @param manage_service |
| 75 # _Deprecated_ | 88 # _Deprecated_ |
| 76 # @param old_root_password | 89 # @param old_root_password |
| 77 # This parameter no longer does anything. It exists only for backwards compatibility. See the `root_password` parameter above for details on changing the root password. | 90 # This parameter no longer does anything. It exists only for backwards compatibility. |
| 91 # See the `root_password` parameter above for details on changing the root password. | |
| 78 # | 92 # |
| 79 class mysql::server ( | 93 class mysql::server ( |
| 80 $config_file = $mysql::params::config_file, | 94 String[1] $config_file = $mysql::params::config_file, |
| 81 $config_file_mode = $mysql::params::config_file_mode, | 95 String[1] $config_file_mode = $mysql::params::config_file_mode, |
| 82 $includedir = $mysql::params::includedir, | 96 Optional[String] $includedir = $mysql::params::includedir, |
| 83 $install_options = undef, | 97 Optional[Array[String[1]]] $install_options = undef, |
| 84 $install_secret_file = $mysql::params::install_secret_file, | 98 Variant[Boolean, String[1]] $manage_config_file = $mysql::params::manage_config_file, |
| 85 $manage_config_file = $mysql::params::manage_config_file, | 99 Mysql::Options $options = {}, |
| 86 Mysql::Options $options = {}, | 100 Hash $override_options = {}, |
| 87 $override_options = {}, | 101 Variant[Enum['present','absent'], Pattern[/(\d+)[\.](\d+)[\.](\d+)/]] $package_ensure = $mysql::params::server_package_ensure, |
| 88 $package_ensure = $mysql::params::server_package_ensure, | 102 Boolean $package_manage = $mysql::params::server_package_manage, |
| 89 $package_manage = $mysql::params::server_package_manage, | 103 String[1] $package_name = $mysql::params::server_package_name, |
| 90 $package_name = $mysql::params::server_package_name, | 104 Optional[String[1]] $package_provider = undef, |
| 91 $package_provider = undef, | 105 Optional[String[1]] $package_source = undef, |
| 92 $package_source = undef, | 106 Variant[Boolean, String[1]] $purge_conf_dir = $mysql::params::purge_conf_dir, |
| 93 $purge_conf_dir = $mysql::params::purge_conf_dir, | 107 Variant[Boolean, String[1]] $remove_default_accounts = false, |
| 94 $remove_default_accounts = false, | 108 Variant[Boolean, String[1]] $restart = $mysql::params::restart, |
| 95 $restart = $mysql::params::restart, | 109 String[1] $root_group = $mysql::params::root_group, |
| 96 $root_group = $mysql::params::root_group, | 110 Optional[Array[String[1]]] $managed_dirs = $mysql::params::managed_dirs, |
| 97 $managed_dirs = $mysql::params::managed_dirs, | 111 String[1] $mysql_group = $mysql::params::mysql_group, |
| 98 $mysql_group = $mysql::params::mysql_group, | 112 Optional[String[1]] $mycnf_owner = $mysql::params::mycnf_owner, |
| 99 $mycnf_owner = $mysql::params::mycnf_owner, | 113 Optional[String[1]] $mycnf_group = $mysql::params::mycnf_group, |
| 100 $mycnf_group = $mysql::params::mycnf_group, | 114 Variant[String, Sensitive[String]] $root_password = $mysql::params::root_password, |
| 101 Variant[String, Sensitive[String]] $root_password = $mysql::params::root_password, | 115 Variant[Boolean, String[1]] $service_enabled = $mysql::params::server_service_enabled, |
| 102 $service_enabled = $mysql::params::server_service_enabled, | 116 Variant[Boolean, String[1]] $service_manage = $mysql::params::server_service_manage, |
| 103 $service_manage = $mysql::params::server_service_manage, | 117 String[1] $service_name = $mysql::params::server_service_name, |
| 104 $service_name = $mysql::params::server_service_name, | 118 Optional[String[1]] $service_provider = $mysql::params::server_service_provider, |
| 105 $service_provider = $mysql::params::server_service_provider, | 119 Boolean $create_root_user = $mysql::params::create_root_user, |
| 106 $create_root_user = $mysql::params::create_root_user, | 120 Boolean $create_root_my_cnf = $mysql::params::create_root_my_cnf, |
| 107 $create_root_my_cnf = $mysql::params::create_root_my_cnf, | 121 Boolean $create_root_login_file = $mysql::params::create_root_login_file, |
| 108 $create_root_login_file = $mysql::params::create_root_login_file, | 122 Optional[String[1]] $login_file = $mysql::params::login_file, |
| 109 $login_file = $mysql::params::login_file, | 123 Hash $users = {}, |
| 110 $users = {}, | 124 Hash $grants = {}, |
| 111 $grants = {}, | 125 Hash $databases = {}, |
| 112 $databases = {}, | |
| 113 # Deprecated parameters | 126 # Deprecated parameters |
| 114 $enabled = undef, | 127 Optional[Variant[String[1], Boolean]] $enabled = undef, |
| 115 $manage_service = undef, | 128 Optional[Variant[String[1], Boolean]] $manage_service = undef, |
| 116 $old_root_password = undef | 129 Optional[Variant[String, Sensitive[String]]] $old_root_password = undef |
| 117 ) inherits mysql::params { | 130 ) inherits mysql::params { |
| 118 # Deprecated parameters. | 131 # Deprecated parameters. |
| 119 if $enabled { | 132 if $enabled { |
| 120 crit('This parameter has been renamed to service_enabled.') | 133 crit('This parameter has been renamed to service_enabled.') |
| 121 $real_service_enabled = $enabled | 134 $real_service_enabled = $enabled |
| 165 if $restart { | 178 if $restart { |
| 166 Class['mysql::server::config'] | 179 Class['mysql::server::config'] |
| 167 ~> Class['mysql::server::service'] | 180 ~> Class['mysql::server::service'] |
| 168 } | 181 } |
| 169 | 182 |
| 183 if $_options['mysqld']['ssl-disable'] { | |
| 184 notify { 'ssl-disable': | |
| 185 message => 'Disabling SSL is evil! You should never ever do this except | |
| 186 if you are forced to use a mysql version compiled without SSL support', | |
| 187 } | |
| 188 } | |
| 189 | |
| 170 Anchor['mysql::server::start'] | 190 Anchor['mysql::server::start'] |
| 171 -> Class['mysql::server::config'] | 191 -> Class['mysql::server::config'] |
| 172 -> Class['mysql::server::install'] | 192 -> Class['mysql::server::install'] |
| 173 -> Class['mysql::server::managed_dirs'] | 193 -> Class['mysql::server::managed_dirs'] |
| 174 -> Class['mysql::server::installdb'] | 194 -> Class['mysql::server::installdb'] |
| 175 -> Class['mysql::server::service'] | 195 -> Class['mysql::server::service'] |
| 176 -> Class['mysql::server::root_password'] | 196 -> Class['mysql::server::root_password'] |
| 177 -> Class['mysql::server::providers'] | 197 -> Class['mysql::server::providers'] |
| 178 -> Anchor['mysql::server::end'] } | 198 -> Anchor['mysql::server::end'] |
| 199 } |