diff --git a/README.rst b/README.rst index 350ac4b..9970943 100644 --- a/README.rst +++ b/README.rst @@ -24,3 +24,15 @@ Install the MySQL client package. ---------------- Install the MySQL server package and start the service. + +Debian OS family supports setting MySQL root password during install via debconf. + +``mysql.database`` +---------------- + +Create and manage MySQL databases. + +``mysql.user`` +---------------- + +Create and manage MySQL database users with definable GRANT privileges. \ No newline at end of file diff --git a/mysql/database.sls b/mysql/database.sls new file mode 100644 index 0000000..f81741d --- /dev/null +++ b/mysql/database.sls @@ -0,0 +1,12 @@ +{% from "mysql/map.jinja" import mysql with context %} + +{% for database in salt['pillar.get']('mysql:database', []) %} +{{ database }}: + mysql_database.present: + - host: localhost + - connection_user: root + - connection_pass: {{ salt['pillar.get']('mysql:server:root_password', 'somepass') }} + - connection_charset: utf8 +{% endfor %} + + diff --git a/mysql/files/mysql.deb.set b/mysql/files/mysql.deb.set deleted file mode 100644 index 3ccc701..0000000 --- a/mysql/files/mysql.deb.set +++ /dev/null @@ -1,3 +0,0 @@ -mysql-server-5.5 mysql-server/root_password_again password somepass -mysql-server-5.5 mysql-server/root_password password somepass -mysql-server-5.5 mysql-server/start_on_boot boolean true diff --git a/mysql/server.sls b/mysql/server.sls index 9d39ecb..84d3b83 100644 --- a/mysql/server.sls +++ b/mysql/server.sls @@ -1,11 +1,23 @@ {% from "mysql/map.jinja" import mysql with context %} + +{% if grains['os'] in ['Ubuntu', 'Debian'] %} +mysql-debconf: + debconf.set: + - name: mysql-server + - data: + 'mysql-server/root_password': {'type': 'password', 'value': '{{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}'} + 'mysql-server/root_password_again': {'type': 'password', 'value': '{{ salt['pillar.get']('mysql:server:root_password', 'somepass') }}'} + 'mysql-server/start_on_boot': {'type': 'boolean', 'value': 'true'} +{% endif %} + mysqld: pkg: - installed - name: {{ mysql.server }} {% if grains['os'] in ['Ubuntu', 'Debian'] %} - - debconf: salt://mysql/files/mysql.deb.set + - require: + - debconf: mysql-debconf {% endif %} service: - running @@ -14,6 +26,11 @@ mysqld: - watch: - pkg: mysqld +mysql-python: + pkg: + - installed + - name: {{ mysql.python }} + {% if grains['os'] in ['Ubuntu', 'Debian', 'Gentoo'] %} my.cnf: file.managed: diff --git a/mysql/user.sls b/mysql/user.sls new file mode 100644 index 0000000..4f0186e --- /dev/null +++ b/mysql/user.sls @@ -0,0 +1,30 @@ +{% from "mysql/map.jinja" import mysql with context %} + +{% for user in salt['pillar.get']('mysql:user', []) %} +{{ user['name'] }}: + mysql_user.present: + - host: {{ user['host'] }} + - password: {{ user['password'] }} + - connection_host: localhost + - connection_user: root + - connection_pass: {{ salt['pillar.get']('mysql:server:root_password', 'somepass') }} + - connection_charset: utf8 + +{% for db in user['databases'] %} +{{ user['name'] }}_{{ db['database'] }}: + mysql_grants.present: + - grant: {{db['grants']|join(",")}} + - database: {{ db['database'] }}.* + - user: {{ user['name'] }} + - host: {{ user['host'] }} + - connection_host: localhost + - connection_user: root + - connection_pass: {{ salt['pillar.get']('mysql:server:root_password', 'somepass') }} + - connection_charset: utf8 + - require: + - mysql_user: {{ user['name'] }} +{% endfor %} + +{% endfor %} + + diff --git a/pillar.example b/pillar.example index 883d046..0c5f9e7 100644 --- a/pillar.example +++ b/pillar.example @@ -1,9 +1,34 @@ mysql: server: + root_password: somepass bind-address: 127.0.0.1 port: 3306 user: mysql + # Manage databases + database: + - foo + - baz + + # Manage users + user: + - name: frank + password: somepass + host: localhost + databases: + - database: foo + grants: ['select', 'insert', 'update'] + - database: bar + grants: ['all privileges'] + - name: bob + password: someotherpass + host: localhost + databases: + - database: foo + grants: ['all privileges'] + - database: bar + grants: ['select', 'insert', 'update', 'delete'] + # Override any names defined in map.jinja lookup: server: mysql-server