Page MenuHomeDevCentral
Files F12297825

No OneTemporary
Actions

View Options

diff --git a/map.jinja b/map.jinja
index 2c37a80..16d809e 100644
--- a/map.jinja
+++ b/map.jinja
@@ -1,165 +1,167 @@
{% set dirs = salt['grains.filter_by']({
'Debian': {
'etc': '/etc',
'bin': '/usr/bin',
'include': '/usr/include',
'lib': '/usr/lib',
'man': '/usr/share/man',
'sbin': '/usr/sbin',
+ 'share': '/usr/share',
},
'FreeBSD' : {
'etc': '/usr/local/etc',
'bin': '/usr/local/bin',
'include': '/usr/local/include',
'lib': '/usr/local/lib',
'man': '/usr/local/man',
'sbin': '/usr/local/sbin',
+ 'share': '/usr/local/share',
},
}, default='Debian') %}
{% set services = salt['grains.filter_by']({
'Debian': {
'manager': 'systemd',
},
'FreeBSD' : {
'manager': 'rc',
},
}, default='Debian') %}
{% set shells = salt['grains.filter_by']({
'Debian': {
'bash': '/bin/bash',
'fish': '/usr/bin/fish',
'tcsh': '/usr/bin/tcsh',
'zsh': '/bin/zsh',
},
'FreeBSD' : {
'bash': '/usr/local/bin/bash',
'fish': '/usr/local/bin/fish',
'tcsh': '/bin/tcsh',
'zsh': '/usr/local/bin/zsh',
},
}, default='Debian') %}
{% set paths = salt['grains.filter_by']({
'FreeBSD': {
'sftp': '/usr/libexec/sftp-server',
},
'Debian': {
'sftp': '/usr/lib/openssh/sftp-server',
},
'RedHat': {
'sftp': '/usr/libexec/openssh/sftp-server',
},
'Arch': {
'sftp': '/usr/lib/ssh/sftp-server',
},
}, default='FreeBSD') %}
{% set packages_prefixes = salt['grains.filter_by']({
'Debian': {
'php': 'php7.1-',
'python2': '',
'python3': 'python3-',
},
'RedHat': {
'python2': 'python2-',
'python3': 'python3-',
},
'FreeBSD' : {
'php': 'php71-',
'python2': 'py27-',
'python3': 'py36-',
'rubygem': 'rubygem-',
},
}, default='Debian') %}
{% set packages = salt['grains.filter_by']({
'Debian' : {
'ag': 'silversearcher-ag',
'aspell-fr': 'aspell-fr',
'aspell-en': 'aspell-en',
'certbot': 'certbot',
'composer': 'composer',
'cppunit': 'libcppunit-dev',
'emacs': 'emacs-nox',
'imagemagick': 'imagemagick',
'mariadb': 'mariadb-server',
'node': 'nodejs',
'pear': 'php-pear',
'phpcs': 'php-codesniffer',
'phpunit': 'phpunit',
'sphinx': 'python3-sphinx',
'tcltls': 'tcl-tls',
'tdom': 'tdom',
'varnish': 'varnish',
'verbiste': 'verbiste',
},
'RedHat': {
'ag': 'the_silver_searcher',
'aspell-fr': 'aspell-fr',
'certbot': 'python2-certbot',
'cppunit': 'cppunit-devel',
'emacs': 'emacs-nox',
'exiftool': 'perl-Image-ExifTool',
'mariadb': 'mariadb-server',
'node': 'nodejs',
'pear': 'php-pear',
'phpcs': 'php-pear-PHP-CodeSniffer',
'sphinx': 'python3-sphinx',
'tcltls': 'tcltls',
'varnish': 'varnish',
},
'Arch': {
'ag': 'the_silver_searcher',
'aspell-fr': 'aspell-fr',
'certbot': 'certbot',
'cppunit': 'cppunit',
'emacs': 'emacs-nox',
'mariadb': 'mariadb',
'sphinx': 'python-sphinx',
'tcltls': 'tcltls',
'varnish': 'varnish',
},
'FreeBSD' : {
'ag': 'the_silver_searcher',
'aspell-fr': 'fr-aspell',
'aspell-en': 'en-aspell',
'boost': 'boost-all',
'certbot': 'py27-certbot',
'composer': 'php-composer',
'cppunit': 'cppunit',
'emacs': 'emacs-nox11',
'exiftool': 'p5-Image-ExifTool-devel',
'imagemagick': 'ImageMagick',
- 'mariadb': 'mariadb101-server',
+ 'mariadb': 'mariadb102-server',
'node': 'node',
'pear': 'pear',
'phpcs': 'pear-PHP_CodeSniffer',
'phpunit': 'phpunit6',
'sphinx': 'py36-sphinx',
'tcltls': 'tcltls',
'tdom': 'tDOM',
'varnish': 'varnish5',
'verbiste': 'fr-verbiste',
},
}, default='Debian') %}
{# -------------------------------------------------------------
Capabilities of OS and distributions
:: MOTD-printed-at-login
Login mechanism, through PAM or dotfiles,
prints the MOTD when a session is opened.
When at False, OpenSSH will take care of it.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #}
{% set capabilities = salt['grains.filter_by']({
'Debian': {
'MOTD-printed-at-login': True,
},
'FreeBSD' : {
'MOTD-printed-at-login': False,
},
}, default='Debian') %}
diff --git a/pillar/nodes/nodes.sls b/pillar/nodes/nodes.sls
index 840d68d..ec694d9 100644
--- a/pillar/nodes/nodes.sls
+++ b/pillar/nodes/nodes.sls
@@ -1,56 +1,59 @@
# -------------------------------------------------------------
# Salt — Nodes
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-10-20
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
nodes:
##
## Forest: Nasqueron
## Semantic field: https://devcentral.nasqueron.org/P27
##
dwellers:
forest: nasqueron
hostname: dwellers.nasqueron.org
roles:
- paas-lxc
- paas-docker
network:
ipv6_tunnel: True
equatower:
forest: nasqueron
hostname: equatower.nasqueron.org
roles:
- paas-docker
network:
ipv6_tunnel: False
ysul:
forest: nasqueron
hostname: ysul.nasqueron.org
roles:
- devserver
- saltmaster
+ - dbserver-mysql
+ zfs:
+ pool: arcology
network:
ipv4_interface: igb0
ipv4_address: 163.172.49.16
ipv4_gateway: 163.172.49.1
ipv6_gateway: 2001:470:1f12:9e1::1
ipv4_aliases:
- 212.83.187.132
ipv6_tunnel: True
##
## Forest: Eglide
## Semantic field: ? (P27 used for "Eglide" too)
##
## This forest is intended to separate credentials
## between Eglide and Nasqueron sevrers.
##
eglide:
forest: eglide
hostname: eglide.org
roles:
- shellserver
network:
ipv6_tunnel: True
diff --git a/roles/dbserver-mysql/init.sls b/roles/dbserver-mysql/init.sls
new file mode 100644
index 0000000..b489369
--- /dev/null
+++ b/roles/dbserver-mysql/init.sls
@@ -0,0 +1,10 @@
+# -------------------------------------------------------------
+# Salt — Database server — MySQL
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+include:
+ - .mysql-server
diff --git a/roles/dbserver-mysql/mysql-server/cnf.sls b/roles/dbserver-mysql/mysql-server/cnf.sls
new file mode 100644
index 0000000..7c23fd2
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/cnf.sls
@@ -0,0 +1,58 @@
+# -------------------------------------------------------------
+# Salt — Database server — MySQL
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs with context %}
+
+{% set use_zfs = salt['node.has']('zfs:pool') %}
+
+# -------------------------------------------------------------
+# Required directories
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/run/mysqld:
+ file.directory:
+ - user: mysql
+ - group: mysql
+ - dir_mode: 755
+
+/var/db/mysql:
+ file.directory:
+ - user: mysql
+ - group: mysql
+ - dir_mode: 755
+
+{{ dirs.etc }}/mysql:
+ file.directory:
+ - user: root
+ - group: mysql
+ - dir_mode: 755
+
+# -------------------------------------------------------------
+# Configuration files
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{{ dirs.etc }}/my.cnf:
+ file.managed:
+ - source: salt://roles/dbserver-mysql/mysql-server/files/my.cnf
+ - template: jinja
+ - context:
+ nodename: {{ grains['id'] }}
+ etc: {{ dirs.etc }}
+ share: {{ dirs.share }}
+ use_zfs: {{ use_zfs }}
+
+{{ dirs.etc }}/mysql/stopwords.txt:
+ file.managed:
+ - source: salt://roles/dbserver-mysql/mysql-server/files/stopwords.txt
+
+/etc/rc.conf.d/mysql:
+ file.managed:
+ - source: salt://roles/dbserver-mysql/mysql-server/files/mysql.rc
+ - template: jinja
+ - context:
+ use_zfs: {{ use_zfs }}
diff --git a/roles/dbserver-mysql/mysql-server/files/my.cnf b/roles/dbserver-mysql/mysql-server/files/my.cnf
new file mode 100644
index 0000000..3a55905
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/files/my.cnf
@@ -0,0 +1,125 @@
+# -------------------------------------------------------------
+# MySQL configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2015-04-21
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Clients
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+[client]
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+
+[mysql]
+prompt = \u@\h [\d]>\_
+
+[mysqldump]
+quick
+max_allowed_packet = 32M
+
+# -------------------------------------------------------------
+# Server wrapper
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+[mysqld_safe]
+pid-file = /var/run/mysqld/mysqld.pid
+socket = /var/run/mysqld/mysqld.sock
+nice = 0
+
+# -------------------------------------------------------------
+# Generic server settings
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+[mysqld]
+user = mysql
+pid-file = /var/run/mysqld/mysqld.pid
+socket = /var/run/mysqld/mysqld.sock
+port = 3306
+basedir = /usr
+tmpdir = /tmp
+lc-messages-dir = {{ share }}/mysql
+
+sql_mode = STRICT_ALL_TABLES
+explicit_defaults_for_timestamp
+
+log_bin
+log_basename = {{ nodename }}
+binlog_cache_size = 1M
+max_binlog_size = 1000M
+binlog_format = MIXED
+
+{% if use_zfs %}
+datadir = /var/db/mysql/mysql-root
+{% else %}
+datadir = /var/db/mysql
+{% endif %}
+
+# -------------------------------------------------------------
+# InnoDB / XtraDB configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+default-storage-engine = InnoDB
+innodb_buffer_pool_size = 410M
+
+{% if use_zfs %}
+innodb_data_home_dir = /var/db/mysql/mysql-innodb-data
+innodb_log_group_home_dir = /var/db/mysql/mysql-innodb-logs
+
+innodb_file_per_table = off
+
+skip-innodb_doublewrite
+{% endif %}
+
+# -------------------------------------------------------------
+# Performance schema
+#
+# Wikimedia production servers on s3 have this configuration
+# with only 100MB of overhead. This is an acceptable cost
+# for a valuable information.
+#
+# Reference: https://phabricator.wikimedia.org/T99485
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+performance_schema = 1
+
+performance_schema_max_thread_instances = 500
+performance_schema_max_cond_instances = 1000
+performance_schema_accounts_size = 300
+performance_schema_hosts_size = 300
+performance_schema_events_statements_history_size = 10
+performance_schema_events_statements_history_long_size = 1000
+performance_schema_events_waits_history_size = 10
+performance_schema_events_waits_history_long_size = 1000
+performance_schema_events_stages_history_size = 10
+performance_schema_events_stages_history_long_size = 1000
+performance_schema_max_mutex_instances = 5000
+performance_schema_max_rwlock_instances = 2000
+performance_schema_max_socket_instances = 500
+performance_schema_max_table_instances = 1000
+
+# -------------------------------------------------------------
+# Applications configuration
+#
+# :: MediaWiki
+# :: Phabricator
+# :: OTRS
+#
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+# MediaWiki
+character_set_server = binary
+character_set_filesystem = binary
+collation_server = binary
+
+# Phabricator
+max_allowed_packet = 32M
+ft_stopword_file = {{ etc }}/mysql/stopwords.txt
+ft_min_word_len = 3
+ft_boolean_syntax = ' |-><()~*:""&^'
+
+# OTRS
+key_buffer_size = 32M
diff --git a/roles/dbserver-mysql/mysql-server/files/mysql.rc b/roles/dbserver-mysql/mysql-server/files/mysql.rc
new file mode 100644
index 0000000..79997d1
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/files/mysql.rc
@@ -0,0 +1,16 @@
+# -------------------------------------------------------------
+# Database server — MySQL — rc configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-11-05
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+mysql_enable="YES"
+mysql_pidfile="/var/run/mysqld/mysqld.pid"
+
+{% if use_zfs %}
+mysql_dbdir=/var/db/mysql/mysql-root
+{% else %}
+mysql_dbdir=/var/db/mysql
+{% endif %}
diff --git a/roles/dbserver-mysql/mysql-server/files/stopwords.txt b/roles/dbserver-mysql/mysql-server/files/stopwords.txt
new file mode 100644
index 0000000..89f5d06
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/files/stopwords.txt
@@ -0,0 +1,50 @@
+the
+be
+and
+of
+a
+in
+to
+have
+to
+it
+I
+that
+for
+you
+he
+with
+on
+do
+say
+this
+they
+at
+but
+we
+his
+from
+that
+not
+by
+or
+as
+what
+go
+their
+can
+who
+get
+if
+would
+all
+my
+will
+as
+up
+there
+so
+its
+us
+in
+on
diff --git a/roles/dbserver-mysql/mysql-server/init.sls b/roles/dbserver-mysql/mysql-server/init.sls
new file mode 100644
index 0000000..4c9e1c2
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/init.sls
@@ -0,0 +1,12 @@
+# -------------------------------------------------------------
+# Salt — Database server — MySQL
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+include:
+ - .software
+ - .zfs
+ - .cnf
diff --git a/roles/dbserver-mysql/mysql-server/software.sls b/roles/dbserver-mysql/mysql-server/software.sls
new file mode 100644
index 0000000..da0341e
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/software.sls
@@ -0,0 +1,18 @@
+# -------------------------------------------------------------
+# Salt — Database server — MySQL
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import packages with context %}
+
+# -------------------------------------------------------------
+# MySQL server
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+mysql_server_software:
+ pkg.installed:
+ - pkgs:
+ - {{ packages.mariadb }}
diff --git a/roles/dbserver-mysql/mysql-server/zfs.sls b/roles/dbserver-mysql/mysql-server/zfs.sls
new file mode 100644
index 0000000..46eef6d
--- /dev/null
+++ b/roles/dbserver-mysql/mysql-server/zfs.sls
@@ -0,0 +1,45 @@
+# -------------------------------------------------------------
+# Salt — Database server — MySQL
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Created: 2017-10-27
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% if salt['node.has']('zfs:pool') %}
+
+{% set tank = salt['node.get']("zfs:pool") %}
+
+{{ tank }}/mysql-root:
+ zfs.filesystem_present:
+ # This one is optimized for MyISAM
+ - properties:
+ mountpoint: /var/db/mysql
+ compression: lz4
+ recordsize: 8K
+
+{% for mysqldir in ['innodb-data', 'innodb-logs'] %}
+/var/db/mysql/mysql-{{ mysqldir }}:
+ file.directory:
+ - user: mysql
+ - group: mysql
+ - dir_mode: 711
+{% endfor %}
+
+{{ tank }}/mysql-innodb-data:
+ zfs.filesystem_present:
+ - properties:
+ mountpoint: /var/db/mysql/mysql-innodb-data
+ compression: lz4
+ recordsize: 16K
+ primarycache: metadata
+
+{{ tank }}/mysql-innodb-logs:
+ zfs.filesystem_present:
+ - properties:
+ mountpoint: /var/db/mysql/mysql-innodb-logs
+ compression: lz4
+ recordsize: 128K
+ primarycache: metadata
+
+{% endif %}
diff --git a/top.sls b/top.sls
index c9a5d80..e9d104d 100644
--- a/top.sls
+++ b/top.sls
@@ -1,38 +1,39 @@
# -------------------------------------------------------------
# Salt configuration for Nasqueron servers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2016-04-10
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
base:
'*':
- roles/core/rc
- roles/core/hostname
- roles/core/network
- roles/core/motd
- roles/core/rsyslog
- roles/core/salt
- roles/core/sshd
'local':
- roles/saltmaster
'ysul':
- roles/paas-jails
+ - roles/dbserver-mysql
- roles/webserver-core
- roles/webserver-legacy
- roles/webserver-varnish
'dwellers':
- roles/paas-docker/docker
- roles/paas-lxc/lxc
- roles/mastodon
'eglide':
- roles/webserver-core
- roles/shellserver/users
- roles/shellserver/userland-software
- roles/shellserver/eglide-website
- roles/shellserver/vhosts
- roles/shellserver/web-hosting
- roles/shellserver/database
- roles/shellserver/odderon
- roles/shellserver/bonjour-chaton

File Metadata

Mime Type
text/x-diff
Expires
Wed, Oct 22, 13:20 (1 d, 20 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3092235
Default Alt Text
(18 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator