🎨 Modernize config files
parent
16c7e750f6
commit
de83310be5
|
@ -19,6 +19,11 @@
|
||||||
- name: INCLUDE | Install
|
- name: INCLUDE | Install
|
||||||
ansible.builtin.import_tasks: install/main.yml
|
ansible.builtin.import_tasks: install/main.yml
|
||||||
|
|
||||||
|
- name: SHELL | Get current mariadb version
|
||||||
|
ansible.builtin.shell: dpkg -l mariadb-common | awk '/^ii/ { print $3 }' | sed -r 's/^1://g; s/^([[:digit:]]+\.[[:digit:]]+).+$/\1/g'
|
||||||
|
register: __mariadb_version
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: TEMPLATE | Deploy config files
|
- name: TEMPLATE | Deploy config files
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
|
@ -28,11 +33,8 @@
|
||||||
group: root
|
group: root
|
||||||
register: config
|
register: config
|
||||||
loop:
|
loop:
|
||||||
- etc/mysql/my.cnf
|
|
||||||
- etc/mysql/conf.d/mysqldump.cnf.j2
|
- etc/mysql/conf.d/mysqldump.cnf.j2
|
||||||
- etc/mysql/mariadb.conf.d/10-extra.cnf.j2
|
- etc/mysql/mariadb.conf.d/10-extra.cnf.j2
|
||||||
- etc/mysql/mariadb.conf.d/50-client.cnf.j2
|
|
||||||
- etc/mysql/mariadb.conf.d/50-mysqld_safe.cnf.j2
|
|
||||||
- etc/mysql/mariadb.conf.d/50-server.cnf.j2
|
- etc/mysql/mariadb.conf.d/50-server.cnf.j2
|
||||||
|
|
||||||
- name: FILE | Ensure log dir exists
|
- name: FILE | Ensure log dir exists
|
||||||
|
|
|
@ -1,3 +1,7 @@
|
||||||
|
# -------------------------------------------
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# -------------------------------------------
|
||||||
|
|
||||||
[mysqldump]
|
[mysqldump]
|
||||||
quick
|
quick
|
||||||
quote-names
|
quote-names
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
#
|
|
||||||
# {{ ansible_managed }}
|
|
||||||
#
|
|
||||||
|
|
||||||
[mysqld]
|
|
||||||
|
|
||||||
# --------------------
|
|
||||||
# Galera config
|
|
||||||
# --------------------
|
|
||||||
|
|
||||||
# Global
|
|
||||||
wsrep_on=ON
|
|
||||||
wsrep_provider=/usr/lib/galera/libgalera_smm.so
|
|
||||||
wsrep_cluster_address=gcomm://{{ mariadb_galera_members | join(",") }}
|
|
||||||
wsrep_sst_method="{{ mariadb_wsrep_stt_method }}"
|
|
||||||
{% if mariadb_wsrep_cluster_name is defined %}
|
|
||||||
wsrep_cluster_name="{{ mariadb_wsrep_cluster_name }}"
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
# Node Configuration
|
|
||||||
wsrep_node_address="{{ mariadb_wsrep_node_address | default(ansible_default_ipv4.address if ansible_default_ipv4 is defined else '127.0.0.1') }}"
|
|
||||||
wsrep_node_name="{{ mariadb_wsrep_node_name | default(ansible_fqdn) }}"
|
|
||||||
|
|
||||||
|
|
||||||
# --------------------
|
|
||||||
# Deps
|
|
||||||
# --------------------
|
|
||||||
binlog_format=ROW
|
|
||||||
default_storage_engine=InnoDB
|
|
||||||
innodb_autoinc_lock_mode=2
|
|
||||||
innodb_doublewrite=1
|
|
|
@ -1,6 +1,6 @@
|
||||||
#
|
# -------------------------------------------
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
#
|
# -------------------------------------------
|
||||||
|
|
||||||
# Replication master
|
# Replication master
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
#
|
# -------------------------------------------
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
#
|
# -------------------------------------------
|
||||||
|
|
||||||
#
|
|
||||||
# Replication slave
|
# Replication slave
|
||||||
|
|
||||||
[mysqld]
|
[mysqld]
|
||||||
|
|
|
@ -1,29 +0,0 @@
|
||||||
#
|
|
||||||
# {{ ansible_managed }}
|
|
||||||
#
|
|
||||||
|
|
||||||
#
|
|
||||||
# This group is read by the client library
|
|
||||||
# Use it for options that affect all clients, but not the server
|
|
||||||
#
|
|
||||||
|
|
||||||
[client]
|
|
||||||
# Default is Latin1, if you need UTF-8 set this (also in server section)
|
|
||||||
default-character-set = utf8mb4
|
|
||||||
|
|
||||||
# socket location
|
|
||||||
socket = {{ mariadb_socket }}
|
|
||||||
|
|
||||||
# Example of client certificate usage
|
|
||||||
# ssl-cert=/etc/mysql/client-cert.pem
|
|
||||||
# ssl-key=/etc/mysql/client-key.pem
|
|
||||||
#
|
|
||||||
# Allow only TLS encrypted connections
|
|
||||||
# ssl-verify-server-cert=on
|
|
||||||
|
|
||||||
# This group is *never* read by mysql client library, though this
|
|
||||||
# /etc/mysql/mariadb.cnf.d/client.cnf file is not read by Oracle MySQL
|
|
||||||
# client anyway.
|
|
||||||
# If you use the same .cnf file for MySQL and MariaDB,
|
|
||||||
# use it for MariaDB-only client options
|
|
||||||
[client-mariadb]
|
|
|
@ -1,34 +0,0 @@
|
||||||
#
|
|
||||||
# {{ ansible_managed }}
|
|
||||||
#
|
|
||||||
|
|
||||||
# NOTE: This file is read only by the traditional SysV init script, not systemd.
|
|
||||||
# MariaDB systemd does _not_ utilize mysqld_safe nor read this file.
|
|
||||||
#
|
|
||||||
# For similar behaviour, systemd users should create the following file:
|
|
||||||
# /etc/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf
|
|
||||||
#
|
|
||||||
# To achieve the same result as the default 50-mysqld_safe.cnf, please create
|
|
||||||
# /etc/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf
|
|
||||||
# with the following contents:
|
|
||||||
#
|
|
||||||
# [Service]
|
|
||||||
# User=mysql
|
|
||||||
# StandardOutput=syslog
|
|
||||||
# StandardError=syslog
|
|
||||||
# SyslogFacility=daemon
|
|
||||||
# SyslogLevel=err
|
|
||||||
# SyslogIdentifier=mysqld
|
|
||||||
#
|
|
||||||
# For more information, please read https://mariadb.com/kb/en/mariadb/systemd/
|
|
||||||
#
|
|
||||||
|
|
||||||
[mysqld_safe]
|
|
||||||
# This will be passed to all mysql clients
|
|
||||||
# It has been reported that passwords should be enclosed with ticks/quotes
|
|
||||||
# especially if they contain "#" chars...
|
|
||||||
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
|
|
||||||
socket = {{ mariadb_socket }}
|
|
||||||
nice = 0
|
|
||||||
skip_log_error
|
|
||||||
syslog
|
|
|
@ -1,18 +1,16 @@
|
||||||
#
|
# -------------------------------------------
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }}
|
||||||
#
|
# -------------------------------------------
|
||||||
|
|
||||||
#
|
#
|
||||||
# These groups are read by MariaDB server.
|
# These groups are read by MariaDB server.
|
||||||
# Use it for options that only the server (but not clients) should see
|
# Use it for options that only the server (but not clients) should see
|
||||||
#
|
|
||||||
# See the examples of server my.cnf files in /usr/share/mysql
|
|
||||||
|
|
||||||
# this is read by the standalone daemon and embedded servers
|
# this is read by the standalone daemon and embedded servers
|
||||||
[server]
|
[server]
|
||||||
|
|
||||||
# this is only for the mysqld standalone daemon
|
# this is only for the mariadbd daemon
|
||||||
[mysqld]
|
[mariadbd]
|
||||||
|
|
||||||
#
|
#
|
||||||
# * Basic Settings
|
# * Basic Settings
|
||||||
|
@ -25,7 +23,10 @@ basedir = /usr
|
||||||
datadir = {{ mariadb_datadir }}
|
datadir = {{ mariadb_datadir }}
|
||||||
tmpdir = /tmp
|
tmpdir = /tmp
|
||||||
lc-messages-dir = /usr/share/mysql
|
lc-messages-dir = /usr/share/mysql
|
||||||
#skip-external-locking
|
|
||||||
|
# Broken reverse DNS slows down connections considerably and name resolve is
|
||||||
|
# safe to skip if there are no "host by domain name" access grants
|
||||||
|
#skip-name-resolve
|
||||||
|
|
||||||
# Instead of skip-networking the default is now to listen only on
|
# Instead of skip-networking the default is now to listen only on
|
||||||
# localhost which is more compatible and is not less secure.
|
# localhost which is more compatible and is not less secure.
|
||||||
|
@ -34,6 +35,7 @@ bind-address = {{ mariadb_bind_address }}
|
||||||
#
|
#
|
||||||
# * Fine Tuning
|
# * Fine Tuning
|
||||||
#
|
#
|
||||||
|
|
||||||
key_buffer_size = {{ mariadb_key_buffer_size }}
|
key_buffer_size = {{ mariadb_key_buffer_size }}
|
||||||
max_allowed_packet = {{ mariadb_max_allowed_packet }}
|
max_allowed_packet = {{ mariadb_max_allowed_packet }}
|
||||||
#thread_stack = 192K
|
#thread_stack = 192K
|
||||||
|
@ -51,19 +53,22 @@ read_buffer_size = {{ mariadb_read_buffer_size }}
|
||||||
read_rnd_buffer_size = {{ mariadb_read_rnd_buffer_size }}
|
read_rnd_buffer_size = {{ mariadb_read_rnd_buffer_size }}
|
||||||
myisam_sort_buffer_size = {{ mariadb_myisam_sort_buffer_size }}
|
myisam_sort_buffer_size = {{ mariadb_myisam_sort_buffer_size }}
|
||||||
|
|
||||||
#
|
|
||||||
# * Query Cache Configuration
|
|
||||||
#
|
|
||||||
query_cache_size = {{ mariadb_query_cache_size }}
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# * Logging and Replication
|
# * Logging and Replication
|
||||||
#
|
#
|
||||||
|
|
||||||
|
# Note: The configured log file or its directory need to be created
|
||||||
|
# and be writable by the mysql user, e.g.:
|
||||||
|
# $ sudo mkdir -m 2750 /var/log/mysql
|
||||||
|
# $ sudo chown mysql /var/log/mysql
|
||||||
|
|
||||||
# Both location gets rotated by the cronjob.
|
# Both location gets rotated by the cronjob.
|
||||||
# Be aware that this log type is a performance killer.
|
# Be aware that this log type is a performance killer.
|
||||||
# As of 5.1 you can enable the log at runtime!
|
# Recommend only changing this at runtime for short testing periods if needed!
|
||||||
#general_log_file = /var/log/mysql/mysql.log
|
#general_log_file = /var/log/mysql/mysql.log
|
||||||
#general_log = 1
|
#general_log = 1
|
||||||
|
|
||||||
#
|
#
|
||||||
# Error log - should be very few entries.
|
# Error log - should be very few entries.
|
||||||
#
|
#
|
||||||
|
@ -71,92 +76,66 @@ query_cache_size = {{ mariadb_query_cache_size }}
|
||||||
syslog
|
syslog
|
||||||
syslog-tag = {{ mariadb_syslog_tag }}
|
syslog-tag = {{ mariadb_syslog_tag }}
|
||||||
{% else %}
|
{% else %}
|
||||||
log-error = {{ mariadb_log_error }}
|
log_error = {{ mariadb_log_error }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
#
|
#
|
||||||
# Enable the slow query log to see queries with especially long duration
|
# Enable the slow query log to see queries with especially long duration
|
||||||
#slow_query_log_file = /var/log/mysql/mariadb-slow.log
|
|
||||||
#long_query_time = 10
|
|
||||||
#log_slow_rate_limit = 1000
|
|
||||||
#log_slow_verbosity = query_plan
|
|
||||||
#log-queries-not-using-indexes
|
#log-queries-not-using-indexes
|
||||||
{% if mariadb_slow_query_log_enabled %}
|
{% if mariadb_slow_query_log_enabled %}
|
||||||
slow_query_log_file = {{ mariadb_slow_query_log_file }}
|
slow_query_log_file = {{ mariadb_slow_query_log_file }}
|
||||||
long_query_time = {{ mariadb_slow_query_time }}
|
long_query_time = {{ mariadb_slow_query_time }}
|
||||||
slow_query_log = 1
|
slow_query_log = 1
|
||||||
|
{% else %}
|
||||||
|
#slow_query_log_file = /var/log/mysql/mariadb-slow.log
|
||||||
|
#long_query_time = 10
|
||||||
|
#log_slow_rate_limit = 1000
|
||||||
|
#log_slow_verbosity = query_plan
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
#
|
#
|
||||||
# The following can be used as easy to replay backup logs or for replication.
|
# * SSL/TLS
|
||||||
# note: if you are setting up a replication slave, see README.Debian about
|
#
|
||||||
# other settings you may need to change.
|
|
||||||
#server-id = 1
|
|
||||||
#log_bin = /var/log/mysql/mysql-bin.log
|
|
||||||
#expire_logs_days = 10
|
|
||||||
#max_binlog_size = 100M
|
|
||||||
#binlog_do_db = include_database_name
|
|
||||||
#binlog_ignore_db = exclude_database_name
|
|
||||||
|
|
||||||
#
|
# For documentation, please read
|
||||||
# * Security Features
|
# https://mariadb.com/kb/en/securing-connections-for-client-and-server/
|
||||||
#
|
|
||||||
# Read the manual, too, if you want chroot!
|
|
||||||
#chroot = /var/lib/mysql/
|
|
||||||
#
|
|
||||||
# For generating SSL certificates you can use for example the GUI tool "tinyca".
|
|
||||||
#
|
|
||||||
#ssl-ca = /etc/mysql/cacert.pem
|
#ssl-ca = /etc/mysql/cacert.pem
|
||||||
#ssl-cert = /etc/mysql/server-cert.pem
|
#ssl-cert = /etc/mysql/server-cert.pem
|
||||||
#ssl-key = /etc/mysql/server-key.pem
|
#ssl-key = /etc/mysql/server-key.pem
|
||||||
#
|
#require-secure-transport = on
|
||||||
# Accept only connections using the latest and most secure TLS protocol version.
|
|
||||||
# ..when MariaDB is compiled with OpenSSL:
|
|
||||||
#ssl-cipher = TLSv1.2
|
|
||||||
# ..when MariaDB is compiled with YaSSL (default in Debian):
|
|
||||||
#ssl = on
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# * Character sets
|
# * Character sets
|
||||||
#
|
#
|
||||||
# MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
|
|
||||||
|
# MariaDB default is Latin1, but in Debian we rather default to the full
|
||||||
# utf8 4-byte character set. See also client.cnf
|
# utf8 4-byte character set. See also client.cnf
|
||||||
#
|
|
||||||
character-set-server = utf8mb4
|
character-set-server = utf8mb4
|
||||||
collation-server = utf8mb4_general_ci
|
character-set-collations = utf8mb4=uca1400_ai_ci
|
||||||
|
|
||||||
#
|
#
|
||||||
# * InnoDB
|
# * InnoDB
|
||||||
#
|
#
|
||||||
|
|
||||||
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
|
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
|
||||||
# Read the manual for more InnoDB related options. There are many!
|
# Read the manual for more InnoDB related options. There are many!
|
||||||
innodb_file_per_table = 1
|
# Most important is to give InnoDB 80 % of the system RAM for buffer use:
|
||||||
|
# https://mariadb.com/kb/en/innodb-system-variables/#innodb_buffer_pool_size
|
||||||
innodb_buffer_pool_size = {{ mariadb_innodb_buffer_pool_size }}
|
innodb_buffer_pool_size = {{ mariadb_innodb_buffer_pool_size }}
|
||||||
innodb_log_buffer_size = {{ mariadb_innodb_log_buffer_size }}
|
innodb_log_buffer_size = {{ mariadb_innodb_log_buffer_size }}
|
||||||
innodb_flush_log_at_trx_commit = {{ mariadb_innodb_flush_log_at_trx_commit }}
|
innodb_flush_log_at_trx_commit = {{ mariadb_innodb_flush_log_at_trx_commit }}
|
||||||
innodb_lock_wait_timeout = {{ mariadb_innodb_lock_wait_timeout }}
|
innodb_lock_wait_timeout = {{ mariadb_innodb_lock_wait_timeout }}
|
||||||
innodb_log_file_size = {{ mariadb_innodb_log_file_size }}
|
innodb_log_file_size = {{ mariadb_innodb_log_file_size }}
|
||||||
|
|
||||||
|
|
||||||
#
|
|
||||||
# * Unix socket authentication plugin is built-in since 10.0.22-6
|
|
||||||
#
|
|
||||||
# Needed so the root database user can authenticate without a password but
|
|
||||||
# only when running as the unix root user.
|
|
||||||
#
|
|
||||||
# Also available for other users if required.
|
|
||||||
# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
|
|
||||||
|
|
||||||
# this is only for embedded server
|
# this is only for embedded server
|
||||||
[embedded]
|
[embedded]
|
||||||
|
|
||||||
# This group is only read by MariaDB servers, not by MySQL.
|
# This group is only read by MariaDB servers, not by MySQL.
|
||||||
# If you use the same .cnf file for MySQL and MariaDB,
|
# If you use the same .cnf file for MySQL and MariaDB,
|
||||||
# you can put MariaDB-only options here
|
# you can put MariaDB-only options here
|
||||||
[mariadb]
|
[mariadbd]
|
||||||
|
|
||||||
# This group is only read by MariaDB-10.3 servers.
|
# This group is only read by MariaDB-{{ __mariadb_version.stdout }} servers.
|
||||||
# If you use the same .cnf file for MariaDB of different versions,
|
# If you use the same .cnf file for MariaDB of different versions,
|
||||||
# use this group for options that older servers don't understand
|
# use this group for options that older servers don't understand
|
||||||
[mariadb-10.3]
|
[mariadb-{{ __mariadb_version.stdout }}]
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
# -------------------------------------------
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
# -------------------------------------------
|
||||||
|
|
||||||
|
#
|
||||||
|
# * Galera-related settings
|
||||||
|
#
|
||||||
|
# See the examples of server wsrep.cnf files in /usr/share/mariadb
|
||||||
|
# and read more at https://mariadb.com/kb/en/galera-cluster/
|
||||||
|
|
||||||
|
[galera]
|
||||||
|
|
||||||
|
# Global
|
||||||
|
wsrep_on = ON
|
||||||
|
wsrep_cluster_address = gcomm://{{ mariadb_galera_members | join(",") }}
|
||||||
|
wsrep_sst_method = "{{ mariadb_wsrep_sst_method }}"
|
||||||
|
{% if mariadb_wsrep_cluster_name is defined %}
|
||||||
|
wsrep_cluster_name = "{{ mariadb_wsrep_cluster_name }}"
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# Node Configuration
|
||||||
|
wsrep_node_address = "{{ mariadb_wsrep_node_address | default(ansible_default_ipv4.address if ansible_default_ipv4 is defined else '127.0.0.1') }}"
|
||||||
|
wsrep_node_name = "{{ mariadb_wsrep_node_name | default(ansible_fqdn) }}"
|
||||||
|
|
||||||
|
# Deps
|
||||||
|
binlog_format = ROW
|
||||||
|
default_storage_engine = InnoDB
|
||||||
|
innodb_autoinc_lock_mode = 2
|
||||||
|
innodb_doublewrite = 1
|
|
@ -1,23 +0,0 @@
|
||||||
# The MariaDB configuration file
|
|
||||||
#
|
|
||||||
# The MariaDB/MySQL tools read configuration files in the following order:
|
|
||||||
# 1. "/etc/mysql/mariadb.cnf" (this file) to set global defaults,
|
|
||||||
# 2. "/etc/mysql/conf.d/*.cnf" to set global options.
|
|
||||||
# 3. "/etc/mysql/mariadb.conf.d/*.cnf" to set MariaDB-only options.
|
|
||||||
# 4. "~/.my.cnf" to set user-specific options.
|
|
||||||
#
|
|
||||||
# If the same option is defined multiple times, the last one will apply.
|
|
||||||
#
|
|
||||||
# One can use all long options that the program supports.
|
|
||||||
# Run program with --help to get a list of available options and with
|
|
||||||
# --print-defaults to see which it would actually understand and use.
|
|
||||||
|
|
||||||
#
|
|
||||||
# This group is read both both by the client and the server
|
|
||||||
# use it for options that affect everything
|
|
||||||
#
|
|
||||||
[client-server]
|
|
||||||
|
|
||||||
# Import all .cnf files from configuration directory
|
|
||||||
!includedir /etc/mysql/conf.d/
|
|
||||||
!includedir /etc/mysql/mariadb.conf.d/
|
|
Loading…
Reference in New Issue