diff --git a/defaults/main.yml b/defaults/main.yml index 35b17f7..cd77beb 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -122,6 +122,8 @@ mariadb_upstream_version: '10.6' # ------------------------------------- # Galera # ------------------------------------- +mariadb_galera_sst_user: galera +mariadb_galera_sst_password: galera mariadb_galera_resetup: false mariadb_wsrep_node_address: false # Set primary node IP mariadb_galera_members: [] diff --git a/tasks/galera/bootstrap.yml b/tasks/galera/bootstrap.yml index e9bfd2a..b8453cb 100644 --- a/tasks/galera/bootstrap.yml +++ b/tasks/galera/bootstrap.yml @@ -30,6 +30,19 @@ register: bootstrap_run when: ansible_service_mgr != 'systemd' + - name: MYSQL_USER | Manage SST user... + community.mysql.mysql_user: + name: "{{ mariadb_galera_sst_user }}" + password: "{{ mariadb_galera_sst_password }}" + priv: "*.*:RELOAD,LOCK TABLES,REPLICATION CLIENT,PROCESS" + host: localhost + state: present + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" + no_log: "{{ not mariadb_debug_role }}" + when: mariadb_galera_sst_user != '' + when: not s.stat.exists or mariadb_galera_resetup - name: COMMAND | Create Bootstrap mark diff --git a/tasks/galera/nodes.yml b/tasks/galera/nodes.yml index c84f697..8607167 100644 --- a/tasks/galera/nodes.yml +++ b/tasks/galera/nodes.yml @@ -1,4 +1,12 @@ --- +- name: SET_FACT | Prepare mark var + ansible.builtin.set_fact: + __mark: "{{ mariadb_datadir }}/.ansible_galera_boostrap" + +- name: STAT | Bootstrap mark + ansible.builtin.stat: + path: "{{ __mark }}" + register: s - name: COMMAND | GET debian.cnf from primary node ansible.builtin.command: cat /etc/mysql/debian.cnf @@ -33,3 +41,15 @@ state: started when: debiancnf.stdout != ondc.stdout + +- name: SERVICE | Restart MariaDB if needed + ansible.builtin.service: + name: "{{ mariadb_service_name }}" + state: restarted + throttle: 1 + when: not s.stat.exists or mariadb_galera_resetup + +- name: COMMAND | Create Bootstrap mark + ansible.builtin.command: "touch {{ __mark }}" + args: + creates: "{{ __mark }}" diff --git a/tasks/main.yml b/tasks/main.yml index 0310ebb..15e5534 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -65,7 +65,11 @@ name: "{{ item }}" state: present login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" loop: "{{ mariadb_databases }}" + when: not mariadb_use_galera or inventory_hostname == mariadb_galera_primary_node - name: MYSQL_USER | Manages users... community.mysql.mysql_user: @@ -76,5 +80,9 @@ host_all: "{{ item.host_all | default(omit) }}" state: present login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" loop: "{{ mariadb_users }}" no_log: "{{ not mariadb_debug_role }}" + when: not mariadb_use_galera or inventory_hostname == mariadb_galera_primary_node diff --git a/tasks/secure.yml b/tasks/secure.yml index cda139f..98de81a 100644 --- a/tasks/secure.yml +++ b/tasks/secure.yml @@ -6,6 +6,9 @@ host: "{{ item }}" state: absent login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}" loop: - "{{ ansible_hostname }}" - 127.0.0.1 @@ -17,3 +20,6 @@ name: test state: absent login_unix_socket: "{{ mariadb_socket }}" + check_implicit_admin: yes + login_user: root + login_password: "{{ mariadb_root_password | default(omit) }}"