wip

2024-02-04 10:35:05 +01:00 · 2024-02-04 10:35:05 +01:00 · 1bd1d4d0a6
commit 1bd1d4d0a6
parent 782b3fbe0b
10 changed files with 143 additions and 1 deletions
--- a/bundles/mariadb/README.md
+++ b/bundles/mariadb/README.md
@ -0,0 +1 @@
+https://mariadb.com/kb/en/systemd/#configuring-mariadb-to-write-the-error-log-to-syslog
--- a/bundles/mariadb/files/override.conf
+++ b/bundles/mariadb/files/override.conf
@ -0,0 +1,11 @@
+% for section, options in sorted(conf.items()):
+[${section}]
+% for key, value in sorted(options.items()):
+% if value is None:
+${key}
+% else:
+${key} = ${value}
+% endif
+% endfor
+
+% endfor
--- a/bundles/mariadb/items.py
+++ b/bundles/mariadb/items.py
@ -0,0 +1,40 @@
+from shlex import quote
+
+directories = {
+    '/var/lib/mysql': {
+        'owner': 'mysql',
+        'group': 'mysql',
+        'needs': [
+            'zfs_dataset:tank/mariadb',
+        ],
+        'needed_by': [
+            'pkg_apt:mariadb-server',
+        ],
+    },
+}
+
+files = {
+    '/etc/mysql/conf.d/override.conf': {
+        'context': {
+            'conf': node.metadata.get('mariadb/conf'),
+        },
+        'content_type': 'mako',
+    },
+}
+
+svc_systemd = {
+    'mariadb.service': {
+        'needs': [
+            'pkg_apt:mariadb-server',
+        ],
+    },
+}
+
+for db, conf in node.metadata.get('mariadb/databases', {}).items():
+    actions[f'mariadb_create_database_{db}'] = {
+        'command': 'mariadb -Bsr --execute ' + quote(f"CREATE DATABASE {db}"),
+        'unless': '! mariadb -Bsr --execute ' + quote(f"SHOW DATABASES LIKE '{db}'") + ' | grep -q ^db$',
+        'needs': [
+            'svc_systemd:mariadb.service',
+        ],
+    }
--- a/bundles/mariadb/metadata.py
+++ b/bundles/mariadb/metadata.py
@ -0,0 +1,36 @@
+defaults = {
+    'apt': {
+        'packages': {
+            'mariadb-server': {},
+        },
+    },
+    'mariadb': {
+        'databases': {},
+        'conf': {
+            # https://www.reddit.com/r/zfs/comments/u1xklc/mariadbmysql_database_settings_for_zfs
+            'mysqld': {
+                'skip-innodb_doublewrite': None,
+                'innodb_flush_method': 'fsync',
+                'innodb_doublewrite': '0',
+                'innodb_use_atomic_writes': '0',
+                'innodb_use_native_aio': '0',
+                'innodb_read_io_threads': '10',
+                'innodb_write_io_threads': '10',
+                'innodb_buffer_pool_size': '26G',
+                'innodb_flush_log_at_trx_commit': '1',
+                'innodb_log_file_size': '1G',
+                'innodb_flush_neighbors': '0',
+                'innodb_fast_shutdown': '2',
+            },
+        },
+    },
+    'zfs': {
+        'datasets': {
+            'tank/mariadb': {
+                'mountpoint': '/var/lib/mysql',
+                'recordsize': '16384',
+                'atime': 'off',
+            },
+        },
+    },
+}
--- a/bundles/wordpress/items.py
+++ b/bundles/wordpress/items.py
@ -0,0 +1,8 @@
+for domain, conf in node.metadata.get('wordpress').items():
+    directories = {
+        f'/opt/wordpress/{domain}': {
+            'owner': 'www-data',
+            'group': 'www-data',
+            'mode': '0755',
+        },
+    }
--- a/bundles/wordpress/metadata.py
+++ b/bundles/wordpress/metadata.py
@ -0,0 +1,31 @@
+defaults = {}
+
+
+@metadata_reactor.provides(
+    'wordpress',
+)
+def wordpress(metadata):
+    return {
+        'wordpress': {
+            site: {
+                'db_password': repo.vault.password_for(f"wordpress {site} db"),
+            }
+                for site in metadata.get('wordpress', {})
+        },
+    }
+
+
+@metadata_reactor.provides(
+    'mariadb',
+)
+def mariadb(metadata):
+    return {
+        'mariadb': {
+            'databases': {
+                site: {
+                    'password': metadata.get(f'wordpress/{site}/db_password')
+                }
+                    for site in metadata.get('wordpress', {})
+            },
+        },
+    }
--- a/groups/applications/wordpress.py
+++ b/groups/applications/wordpress.py
@ -0,0 +1,8 @@
+{
+    'bundles': [
+        'letsencrypt',
+        'mariadb',
+        'nginx',
+        'wordpress',
+    ],
+}
--- a/nodes/home.backups.py
+++ b/nodes/home.backups.py
@ -1,4 +1,5 @@
 {
+    'dummy': True,
    'hostname': '10.0.0.5',
    'groups': [
        'autologin',
--- a/nodes/home.server.py
+++ b/nodes/home.server.py
@ -111,7 +111,7 @@
        },
        'nextcloud': {
            'hostname': 'cloud.sublimity.de',
-            'version': '27.1.4',
+            'version': '28.0.1',
            'config': {
                'instanceid': 'oci6dw1woodz',
                'secret': '!decrypt:encrypt$gAAAAABj96CFynVtEgsje7173zjQAcY7xQG3uyf5cxE-sJAvhyPh_KUykTKdwnExc8NTDJ8RIGUmVfgC6or5crnYaggARPIEg5-Cb0xVdEPPZ3oZ01ImLmynLu3qXT9O8kVM-H21--OKeztMRn7bySsbXdWEGtETFQ==',
--- a/nodes/netcup.mails.py
+++ b/nodes/netcup.mails.py
@ -7,6 +7,7 @@
        'monitored',
        'webserver',
        'dnsserver',
+        'wordpress',
        #'left4dead2',
    ],
    'bundles': [
@ -21,6 +22,11 @@
        'zfs',
    ],
    'metadata': {
+        'wordpress': {
+            'elimukwanza': {
+                'domain': 'elimu-kwanza.de',
+            },
+        },
        'id': 'ea29bdf0-0b47-4bf4-8346-67d60c9dc4ae',
        'network': {
            'internal': {
				`@ -0,0 +1 @@`
				`https://mariadb.com/kb/en/systemd/#configuring-mariadb-to-write-the-error-log-to-syslog`