Add small MariaDB docker role, for running on a single node

quartje · quartje · commit f92e65d7afd9 · 2024-11-14T14:42:39.000+01:00
diff --git a/roles/mariadbdocker/defaults/main.yml b/roles/mariadbdocker/defaults/main.yml
@@ -0,0 +1,3 @@
+docker_mariadb_network_range: "172.21.21.0/24"
+mysql_backup_user: backup_user
+backup_node: True
diff --git a/roles/mariadbdocker/tasks/main.yml b/roles/mariadbdocker/tasks/main.yml
@@ -0,0 +1,96 @@
+---
+- name: Create MariaDB volume
+  community.docker.docker_volume:
+    name: openconext_mariadb
+    state: present
+
+- name: Create MariaDB network
+  community.docker.docker_network:
+    name: openconext_mariadb
+    state: present
+    internal: false
+    ipam_config:
+      - subnet: "{{ docker_mariadb_network_range }}"
+
+- name: Create the MariaDB container
+  community.docker.docker_container:
+    name: openconext_mariadb
+    image: mariadb:10.6
+    state: started
+    pull: true
+    restart_policy: "always"
+    ports: "127.0.0.1:3306:3306"
+    networks:
+      - name: "openconext_mariadb"
+    mounts:
+      - type: volume
+        source: openconext_mariadb
+        target: /var/lib/mysql
+    env:
+      MARIADB_ROOT_PASSWORD: "{{ mariadb_root_password }}"
+
+- name: Create database
+  community.mysql.mysql_db:
+    name: "{{ item }}"
+    state: present
+    login_user: root
+    login_host: localhost
+    login_password: "{{ mariadb_root_password }}"
+  with_items:
+    - "{{ databases.names }}"
+
+- name: Create database user
+  community.mysql.mysql_user:
+    name: "{{ item[0].name }}"
+    host: "{{ item[1] }}"
+    password: "{{ item[0].password }}"
+    priv: "{{ item[0].db_name }}.*:{{ item[0].privilege }}"
+    state: present
+    append_privs: true
+    login_user: root
+    login_host: localhost
+    login_password: "{{ mariadb_root_password }}"
+  #  no_log: true
+  with_nested:
+    - "{{ databases.users }}"
+    - "{{ database_clients }}"
+
+- name: Add mariadb backup user
+  community.mysql.mysql_user:
+    name: "{{ mysql_backup_user }}"
+    password: "{{ mysql_backup_password }}"
+    login_user: root
+    login_password: "{{ mariadb_root_password }}"
+    login_host: localhost
+    priv: "*.*:SELECT,RELOAD,PROCESS,LOCK TABLES,BINLOG MONITOR,CONNECTION ADMIN,SHOW VIEW"
+    state: present
+  #  no_log: true
+
+- name: Create the backup directory
+  ansible.builtin.file:
+    path: /home/backup
+    state: directory
+    owner: root
+    group: root
+    mode: "0700"
+  when:
+    - backup_node | bool
+
+- name: Put mariadb_backup script
+  ansible.builtin.template:
+    src: "mariadb_backup.sh.j2"
+    dest: "/usr/local/sbin/mariadb_backup.sh"
+    mode: "0700"
+    owner: root
+  when:
+    - backup_node | bool
+
+- name: Create cron symlink for backup script
+  file:
+    src: /usr/local/sbin/mariadb_backup.sh
+    dest: /etc/cron.daily/db_backup
+    state: link
+    mode: 0700
+    owner: root
+  when:
+    - backup_node | bool
diff --git a/roles/mariadbdocker/templates/mariadb_backup.sh.j2 b/roles/mariadbdocker/templates/mariadb_backup.sh.j2
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+umask 0077
+
+declare -x PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
+
+MYSQL_USER="{{ mysql_backup_user }}"
+MYSQL_PASS="{{ mysql_backup_password }}"
+FOLDER="/home/backup"
+
+DAY=$(/bin/date +'%a')
+
+echo "-- Remove old backups --"
+find /home/backup/ -type f -ctime +2 -delete
+
+echo "-- START new backups --"
+
+echo "SET autocommit=0;SET unique_checks=0;SET foreign_key_checks=0;" > tmp_sqlhead.sql
+echo "SET autocommit=1;SET unique_checks=1;SET foreign_key_checks=1;" > tmp_sqlend.sql
+
+if [ -z "$1" ]
+  then
+    echo "-- Dumping all DB ..."
+    for I in $(docker exec openconext_mariadb mariadb -u $MYSQL_USER --password=$MYSQL_PASS -e 'show databases' -s --skip-column-names);
+    do
+      if [ "$I" = information_schema ] || [ "$I" =  mysql ] || [ "$I" =  sys ] || [ "$I" =  performance_schema ]  # exclude this DB
+      then
+         echo "-- Skip $I ..."
+       continue
+      fi
+      echo "-- Dumping $I ..."
+      # Pipe compress and concat the head/end with the stoutput of mysqlump ( '-' cat argument)
+      docker exec openconext_mariadb mysqldump -u $MYSQL_USER --password=$MYSQL_PASS $I | cat tmp_sqlhead.sql - tmp_sqlend.sql | gzip -fc > "$FOLDER/$DAY-$I.sql.gz"
+    done
+
+else
+      I=$1;
+      echo "-- Dumping $I ..."
+      # Pipe compress and concat the head/end with the stoutput of mysqlump ( '-' cat argument)
+      docker exec openconext_mariadb mysqldump -u $MYSQL_USER --password=$MYSQL_PASS $I | cat tmp_sqlhead.sql - tmp_sqlend.sql | gzip -fc > "$FOLDER/$DAY-$I.sql.gz"
+fi
+
+# remove tmp files
+rm tmp_sqlhead.sql
+rm tmp_sqlend.sql
+
+echo "-- FINISH —"
+
+umask 0022

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+docker_mariadb_network_range: "172.21.21.0/24"`
	`2`	`+mysql_backup_user: backup_user`
	`3`	`+backup_node: True`