🎨 Modernize config files
parent
16c7e750f6
commit
de83310be5
|
@ -19,6 +19,11 @@
|
|||
- name: INCLUDE | Install
|
||||
ansible.builtin.import_tasks: install/main.yml
|
||||
|
||||
- name: SHELL | Get current mariadb version
|
||||
ansible.builtin.shell: dpkg -l mariadb-common | awk '/^ii/ { print $3 }' | sed -r 's/^1://g; s/^([[:digit:]]+\.[[:digit:]]+).+$/\1/g'
|
||||
register: __mariadb_version
|
||||
changed_when: false
|
||||
|
||||
- name: TEMPLATE | Deploy config files
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
|
@ -28,11 +33,8 @@
|
|||
group: root
|
||||
register: config
|
||||
loop:
|
||||
- etc/mysql/my.cnf
|
||||
- etc/mysql/conf.d/mysqldump.cnf.j2
|
||||
- etc/mysql/mariadb.conf.d/10-extra.cnf.j2
|
||||
- etc/mysql/mariadb.conf.d/50-client.cnf.j2
|
||||
- etc/mysql/mariadb.conf.d/50-mysqld_safe.cnf.j2
|
||||
- etc/mysql/mariadb.conf.d/50-server.cnf.j2
|
||||
|
||||
- name: FILE | Ensure log dir exists
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
# -------------------------------------------
|
||||
# {{ ansible_managed }}
|
||||
# -------------------------------------------
|
||||
|
||||
[mysqldump]
|
||||
quick
|
||||
quote-names
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
#
|
||||
# {{ ansible_managed }}
|
||||
#
|
||||
|
||||
[mysqld]
|
||||
|
||||
# --------------------
|
||||
# Galera config
|
||||
# --------------------
|
||||
|
||||
# Global
|
||||
wsrep_on=ON
|
||||
wsrep_provider=/usr/lib/galera/libgalera_smm.so
|
||||
wsrep_cluster_address=gcomm://{{ mariadb_galera_members | join(",") }}
|
||||
wsrep_sst_method="{{ mariadb_wsrep_stt_method }}"
|
||||
{% if mariadb_wsrep_cluster_name is defined %}
|
||||
wsrep_cluster_name="{{ mariadb_wsrep_cluster_name }}"
|
||||
{% endif %}
|
||||
|
||||
# Node Configuration
|
||||
wsrep_node_address="{{ mariadb_wsrep_node_address | default(ansible_default_ipv4.address if ansible_default_ipv4 is defined else '127.0.0.1') }}"
|
||||
wsrep_node_name="{{ mariadb_wsrep_node_name | default(ansible_fqdn) }}"
|
||||
|
||||
|
||||
# --------------------
|
||||
# Deps
|
||||
# --------------------
|
||||
binlog_format=ROW
|
||||
default_storage_engine=InnoDB
|
||||
innodb_autoinc_lock_mode=2
|
||||
innodb_doublewrite=1
|
|
@ -1,6 +1,6 @@
|
|||
#
|
||||
# -------------------------------------------
|
||||
# {{ ansible_managed }}
|
||||
#
|
||||
# -------------------------------------------
|
||||
|
||||
# Replication master
|
||||
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
#
|
||||
# -------------------------------------------
|
||||
# {{ ansible_managed }}
|
||||
#
|
||||
# -------------------------------------------
|
||||
|
||||
#
|
||||
# Replication slave
|
||||
|
||||
[mysqld]
|
||||
|
|
|
@ -1,29 +0,0 @@
|
|||
#
|
||||
# {{ ansible_managed }}
|
||||
#
|
||||
|
||||
#
|
||||
# This group is read by the client library
|
||||
# Use it for options that affect all clients, but not the server
|
||||
#
|
||||
|
||||
[client]
|
||||
# Default is Latin1, if you need UTF-8 set this (also in server section)
|
||||
default-character-set = utf8mb4
|
||||
|
||||
# socket location
|
||||
socket = {{ mariadb_socket }}
|
||||
|
||||
# Example of client certificate usage
|
||||
# ssl-cert=/etc/mysql/client-cert.pem
|
||||
# ssl-key=/etc/mysql/client-key.pem
|
||||
#
|
||||
# Allow only TLS encrypted connections
|
||||
# ssl-verify-server-cert=on
|
||||
|
||||
# This group is *never* read by mysql client library, though this
|
||||
# /etc/mysql/mariadb.cnf.d/client.cnf file is not read by Oracle MySQL
|
||||
# client anyway.
|
||||
# If you use the same .cnf file for MySQL and MariaDB,
|
||||
# use it for MariaDB-only client options
|
||||
[client-mariadb]
|
|
@ -1,34 +0,0 @@
|
|||
#
|
||||
# {{ ansible_managed }}
|
||||
#
|
||||
|
||||
# NOTE: This file is read only by the traditional SysV init script, not systemd.
|
||||
# MariaDB systemd does _not_ utilize mysqld_safe nor read this file.
|
||||
#
|
||||
# For similar behaviour, systemd users should create the following file:
|
||||
# /etc/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf
|
||||
#
|
||||
# To achieve the same result as the default 50-mysqld_safe.cnf, please create
|
||||
# /etc/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf
|
||||
# with the following contents:
|
||||
#
|
||||
# [Service]
|
||||
# User=mysql
|
||||
# StandardOutput=syslog
|
||||
# StandardError=syslog
|
||||
# SyslogFacility=daemon
|
||||
# SyslogLevel=err
|
||||
# SyslogIdentifier=mysqld
|
||||
#
|
||||
# For more information, please read https://mariadb.com/kb/en/mariadb/systemd/
|
||||
#
|
||||
|
||||
[mysqld_safe]
|
||||
# This will be passed to all mysql clients
|
||||
# It has been reported that passwords should be enclosed with ticks/quotes
|
||||
# especially if they contain "#" chars...
|
||||
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
|
||||
socket = {{ mariadb_socket }}
|
||||
nice = 0
|
||||
skip_log_error
|
||||
syslog
|
|
@ -1,18 +1,16 @@
|
|||
#
|
||||
# -------------------------------------------
|
||||
# {{ ansible_managed }}
|
||||
#
|
||||
# -------------------------------------------
|
||||
|
||||
#
|
||||
# These groups are read by MariaDB server.
|
||||
# Use it for options that only the server (but not clients) should see
|
||||
#
|
||||
# See the examples of server my.cnf files in /usr/share/mysql
|
||||
|
||||
# this is read by the standalone daemon and embedded servers
|
||||
[server]
|
||||
|
||||
# this is only for the mysqld standalone daemon
|
||||
[mysqld]
|
||||
# this is only for the mariadbd daemon
|
||||
[mariadbd]
|
||||
|
||||
#
|
||||
# * Basic Settings
|
||||
|
@ -25,7 +23,10 @@ basedir = /usr
|
|||
datadir = {{ mariadb_datadir }}
|
||||
tmpdir = /tmp
|
||||
lc-messages-dir = /usr/share/mysql
|
||||
#skip-external-locking
|
||||
|
||||
# Broken reverse DNS slows down connections considerably and name resolve is
|
||||
# safe to skip if there are no "host by domain name" access grants
|
||||
#skip-name-resolve
|
||||
|
||||
# Instead of skip-networking the default is now to listen only on
|
||||
# localhost which is more compatible and is not less secure.
|
||||
|
@ -34,6 +35,7 @@ bind-address = {{ mariadb_bind_address }}
|
|||
#
|
||||
# * Fine Tuning
|
||||
#
|
||||
|
||||
key_buffer_size = {{ mariadb_key_buffer_size }}
|
||||
max_allowed_packet = {{ mariadb_max_allowed_packet }}
|
||||
#thread_stack = 192K
|
||||
|
@ -51,19 +53,22 @@ read_buffer_size = {{ mariadb_read_buffer_size }}
|
|||
read_rnd_buffer_size = {{ mariadb_read_rnd_buffer_size }}
|
||||
myisam_sort_buffer_size = {{ mariadb_myisam_sort_buffer_size }}
|
||||
|
||||
#
|
||||
# * Query Cache Configuration
|
||||
#
|
||||
query_cache_size = {{ mariadb_query_cache_size }}
|
||||
|
||||
#
|
||||
# * Logging and Replication
|
||||
#
|
||||
|
||||
# Note: The configured log file or its directory need to be created
|
||||
# and be writable by the mysql user, e.g.:
|
||||
# $ sudo mkdir -m 2750 /var/log/mysql
|
||||
# $ sudo chown mysql /var/log/mysql
|
||||
|
||||
# Both location gets rotated by the cronjob.
|
||||
# Be aware that this log type is a performance killer.
|
||||
# As of 5.1 you can enable the log at runtime!
|
||||
# Recommend only changing this at runtime for short testing periods if needed!
|
||||
#general_log_file = /var/log/mysql/mysql.log
|
||||
#general_log = 1
|
||||
|
||||
#
|
||||
# Error log - should be very few entries.
|
||||
#
|
||||
|
@ -71,92 +76,66 @@ query_cache_size = {{ mariadb_query_cache_size }}
|
|||
syslog
|
||||
syslog-tag = {{ mariadb_syslog_tag }}
|
||||
{% else %}
|
||||
log-error = {{ mariadb_log_error }}
|
||||
log_error = {{ mariadb_log_error }}
|
||||
{% endif %}
|
||||
|
||||
#
|
||||
# Enable the slow query log to see queries with especially long duration
|
||||
#slow_query_log_file = /var/log/mysql/mariadb-slow.log
|
||||
#long_query_time = 10
|
||||
#log_slow_rate_limit = 1000
|
||||
#log_slow_verbosity = query_plan
|
||||
#log-queries-not-using-indexes
|
||||
{% if mariadb_slow_query_log_enabled %}
|
||||
slow_query_log_file = {{ mariadb_slow_query_log_file }}
|
||||
long_query_time = {{ mariadb_slow_query_time }}
|
||||
slow_query_log = 1
|
||||
{% else %}
|
||||
#slow_query_log_file = /var/log/mysql/mariadb-slow.log
|
||||
#long_query_time = 10
|
||||
#log_slow_rate_limit = 1000
|
||||
#log_slow_verbosity = query_plan
|
||||
{% endif %}
|
||||
|
||||
#
|
||||
# The following can be used as easy to replay backup logs or for replication.
|
||||
# note: if you are setting up a replication slave, see README.Debian about
|
||||
# other settings you may need to change.
|
||||
#server-id = 1
|
||||
#log_bin = /var/log/mysql/mysql-bin.log
|
||||
#expire_logs_days = 10
|
||||
#max_binlog_size = 100M
|
||||
#binlog_do_db = include_database_name
|
||||
#binlog_ignore_db = exclude_database_name
|
||||
# * SSL/TLS
|
||||
#
|
||||
|
||||
#
|
||||
# * Security Features
|
||||
#
|
||||
# Read the manual, too, if you want chroot!
|
||||
#chroot = /var/lib/mysql/
|
||||
#
|
||||
# For generating SSL certificates you can use for example the GUI tool "tinyca".
|
||||
#
|
||||
# For documentation, please read
|
||||
# https://mariadb.com/kb/en/securing-connections-for-client-and-server/
|
||||
#ssl-ca = /etc/mysql/cacert.pem
|
||||
#ssl-cert = /etc/mysql/server-cert.pem
|
||||
#ssl-key = /etc/mysql/server-key.pem
|
||||
#
|
||||
# Accept only connections using the latest and most secure TLS protocol version.
|
||||
# ..when MariaDB is compiled with OpenSSL:
|
||||
#ssl-cipher = TLSv1.2
|
||||
# ..when MariaDB is compiled with YaSSL (default in Debian):
|
||||
#ssl = on
|
||||
#require-secure-transport = on
|
||||
|
||||
#
|
||||
# * Character sets
|
||||
#
|
||||
# MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
|
||||
|
||||
# MariaDB default is Latin1, but in Debian we rather default to the full
|
||||
# utf8 4-byte character set. See also client.cnf
|
||||
#
|
||||
character-set-server = utf8mb4
|
||||
collation-server = utf8mb4_general_ci
|
||||
character-set-collations = utf8mb4=uca1400_ai_ci
|
||||
|
||||
#
|
||||
# * InnoDB
|
||||
#
|
||||
|
||||
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
|
||||
# Read the manual for more InnoDB related options. There are many!
|
||||
innodb_file_per_table = 1
|
||||
# Most important is to give InnoDB 80 % of the system RAM for buffer use:
|
||||
# https://mariadb.com/kb/en/innodb-system-variables/#innodb_buffer_pool_size
|
||||
innodb_buffer_pool_size = {{ mariadb_innodb_buffer_pool_size }}
|
||||
innodb_log_buffer_size = {{ mariadb_innodb_log_buffer_size }}
|
||||
innodb_flush_log_at_trx_commit = {{ mariadb_innodb_flush_log_at_trx_commit }}
|
||||
innodb_lock_wait_timeout = {{ mariadb_innodb_lock_wait_timeout }}
|
||||
innodb_log_file_size = {{ mariadb_innodb_log_file_size }}
|
||||
|
||||
|
||||
#
|
||||
# * Unix socket authentication plugin is built-in since 10.0.22-6
|
||||
#
|
||||
# Needed so the root database user can authenticate without a password but
|
||||
# only when running as the unix root user.
|
||||
#
|
||||
# Also available for other users if required.
|
||||
# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/
|
||||
|
||||
# this is only for embedded server
|
||||
[embedded]
|
||||
|
||||
# This group is only read by MariaDB servers, not by MySQL.
|
||||
# If you use the same .cnf file for MySQL and MariaDB,
|
||||
# you can put MariaDB-only options here
|
||||
[mariadb]
|
||||
[mariadbd]
|
||||
|
||||
# This group is only read by MariaDB-10.3 servers.
|
||||
# This group is only read by MariaDB-{{ __mariadb_version.stdout }} servers.
|
||||
# If you use the same .cnf file for MariaDB of different versions,
|
||||
# use this group for options that older servers don't understand
|
||||
[mariadb-10.3]
|
||||
|
||||
[mariadb-{{ __mariadb_version.stdout }}]
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
# -------------------------------------------
|
||||
# {{ ansible_managed }}
|
||||
# -------------------------------------------
|
||||
|
||||
#
|
||||
# * Galera-related settings
|
||||
#
|
||||
# See the examples of server wsrep.cnf files in /usr/share/mariadb
|
||||
# and read more at https://mariadb.com/kb/en/galera-cluster/
|
||||
|
||||
[galera]
|
||||
|
||||
# Global
|
||||
wsrep_on = ON
|
||||
wsrep_cluster_address = gcomm://{{ mariadb_galera_members | join(",") }}
|
||||
wsrep_sst_method = "{{ mariadb_wsrep_sst_method }}"
|
||||
{% if mariadb_wsrep_cluster_name is defined %}
|
||||
wsrep_cluster_name = "{{ mariadb_wsrep_cluster_name }}"
|
||||
{% endif %}
|
||||
|
||||
# Node Configuration
|
||||
wsrep_node_address = "{{ mariadb_wsrep_node_address | default(ansible_default_ipv4.address if ansible_default_ipv4 is defined else '127.0.0.1') }}"
|
||||
wsrep_node_name = "{{ mariadb_wsrep_node_name | default(ansible_fqdn) }}"
|
||||
|
||||
# Deps
|
||||
binlog_format = ROW
|
||||
default_storage_engine = InnoDB
|
||||
innodb_autoinc_lock_mode = 2
|
||||
innodb_doublewrite = 1
|
|
@ -1,23 +0,0 @@
|
|||
# The MariaDB configuration file
|
||||
#
|
||||
# The MariaDB/MySQL tools read configuration files in the following order:
|
||||
# 1. "/etc/mysql/mariadb.cnf" (this file) to set global defaults,
|
||||
# 2. "/etc/mysql/conf.d/*.cnf" to set global options.
|
||||
# 3. "/etc/mysql/mariadb.conf.d/*.cnf" to set MariaDB-only options.
|
||||
# 4. "~/.my.cnf" to set user-specific options.
|
||||
#
|
||||
# If the same option is defined multiple times, the last one will apply.
|
||||
#
|
||||
# One can use all long options that the program supports.
|
||||
# Run program with --help to get a list of available options and with
|
||||
# --print-defaults to see which it would actually understand and use.
|
||||
|
||||
#
|
||||
# This group is read both both by the client and the server
|
||||
# use it for options that affect everything
|
||||
#
|
||||
[client-server]
|
||||
|
||||
# Import all .cnf files from configuration directory
|
||||
!includedir /etc/mysql/conf.d/
|
||||
!includedir /etc/mysql/mariadb.conf.d/
|
Loading…
Reference in New Issue