Merge pull request #6 from tcpcloud/client_role
MySQL client role
diff --git a/README.rst b/README.rst
index 1c5df0f..1403472 100644
--- a/README.rst
+++ b/README.rst
@@ -170,6 +170,57 @@
host: 'localhost'
rights: 'all privileges'
+
+MySQL client role
+-----------------
+
+Database management on remote MySQL server
+
+.. code-block:: yaml
+
+ mysql:
+ client:
+ enabled: true
+ server:
+ server01:
+ admin:
+ host: database.host
+ port: 3306
+ user: root
+ password: password
+ encoding: utf8
+ database:
+ database01:
+ encoding: utf8
+ users:
+ - name: username
+ password: 'password'
+ host: 'localhost'
+ rights: 'all privileges'
+
+User management on remote MySQL server
+
+.. code-block:: yaml
+
+ mysql:
+ client:
+ enabled: true
+ server:
+ server01:
+ admin:
+ host: database.host
+ port: 3306
+ user: root
+ password: password
+ encoding: utf8
+ users:
+ - name: user01
+ host: "*"
+ password: 'sdgdsgdsgd'
+ - name: user02
+ host: "localhost"
+
+
Usage
=====
diff --git a/mysql/client/init.sls b/mysql/client/init.sls
new file mode 100644
index 0000000..db5aaa9
--- /dev/null
+++ b/mysql/client/init.sls
@@ -0,0 +1,3 @@
+
+include:
+- mysql.client.server
diff --git a/mysql/client/server.sls b/mysql/client/server.sls
new file mode 100644
index 0000000..f0e9dd0
--- /dev/null
+++ b/mysql/client/server.sls
@@ -0,0 +1,83 @@
+{%- from "mysql/map.jinja" import client with context %}
+{%- if client.enabled %}
+
+{%- for server_name, server in client.get('server', {}).iteritems() %}
+
+{%- set connection_args = {'host': server.admin.host,
+ 'port': server.admin.get('port', '3306'),
+ 'user': server.admin.user,
+ 'pass': server.admin.get('password', ''),
+ 'charset': server.admin.get('encoding', 'utf8'),
+ 'db': server.admin.get('database', 'mysql')
+} %}
+
+{%- for database_name, database in server.get('database', {}).iteritems() %}
+
+mysql_{{ server_name }}_database_{{ database_name }}:
+ mysql_database.present:
+ - name: {{ database_name }}
+ - character_set: {{ database.get('encoding', 'utf8') }}
+ - connection_host: {{ connection_args.host }}
+ - connection_port: {{ connection_args.port }}
+ - connection_user: {{ connection_args.user }}
+ - connection_pass: {{ connection_args.pass }}
+ - connection_charset: {{ connection_args.charset }}
+ - connection_db: {{ connection_args.db }}
+
+{%- for user in database.get('users', ()) %}
+
+mysql_{{ server_name }}_user_{{ user.name }}_{{ database_name }}_{{ user.host }}:
+ mysql_user.present:
+ - name: '{{ user.name }}'
+ - host: '{{ user.host }}'
+ - password: {{ user.password }}
+ - connection_host: {{ connection_args.host }}
+ - connection_port: {{ connection_args.port }}
+ - connection_user: {{ connection_args.user }}
+ - connection_pass: {{ connection_args.pass }}
+ - connection_charset: {{ connection_args.charset }}
+ - connection_db: {{ connection_args.db }}
+
+mysql_{{ server_name }}_grants_{{ database_name }}_{{ user.name }}_{{ user.host }}:
+ mysql_grants.present:
+ - grant: {{ user.rights }}
+ - database: '{{ database_name }}.*'
+ - user: '{{ user.name }}'
+ - host: '{{ user.host }}'
+ - require:
+ - mysql_user: mysql_{{ server_name }}_user_{{ user.name }}_{{ database_name }}_{{ user.host }}
+ - mysql_database: mysql_{{ server_name }}_database_{{ database_name }}
+ - connection_host: {{ connection_args.host }}
+ - connection_port: {{ connection_args.port }}
+ - connection_user: {{ connection_args.user }}
+ - connection_pass: {{ connection_args.pass }}
+ - connection_charset: {{ connection_args.charset }}
+ - connection_db: {{ connection_args.db }}
+
+{%- endfor %}
+
+{%- endfor %}
+
+{%- for user in server.get('users', []) %}
+
+mysql_{{ server_name }}_user_{{ user.name }}_{{ user.host }}:
+ mysql_user.present:
+ - host: '{{ user.host }}'
+ - name: '{{ user.name }}'
+ {%- if user.password is defined %}
+ - password: {{ user.password }}
+ {%- else %}
+ - allow_passwordless: True
+ {%- endif %}
+ - connection_host: {{ connection_args.host }}
+ - connection_port: {{ connection_args.port }}
+ - connection_user: {{ connection_args.user }}
+ - connection_pass: {{ connection_args.pass }}
+ - connection_charset: {{ connection_args.charset }}
+ - connection_db: {{ connection_args.db }}
+
+{%- endfor %}
+
+{%- endfor %}
+
+{%- endif %}
diff --git a/mysql/files/sensu.conf b/mysql/files/sensu.conf
deleted file mode 100644
index a143316..0000000
--- a/mysql/files/sensu.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-local_mysql_server_proc:
- command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -C mysqld -u mysql -c 1:1"
- interval: 30
- occurrences: 1
- subscribers:
- - local-mysql-server
-local_mysql_galera_status:
- command: "PATH=$PATH:/etc/sensu/plugins check_galera_cluster -u :::mysql.user::: -p :::mysql.password::: -H localhost -P :::mysql.port::: -c 2"
- interval: 60
- occurrences: 1
- subscribers:
- - local-mysql-cluster
diff --git a/mysql/init.sls b/mysql/init.sls
index 6e7f5bf..beb925f 100644
--- a/mysql/init.sls
+++ b/mysql/init.sls
@@ -3,3 +3,6 @@
{%- if pillar.mysql.server is defined %}
- mysql.server
{%- endif %}
+{%- if pillar.mysql.client is defined %}
+- mysql.client
+{%- endif %}
diff --git a/mysql/map.jinja b/mysql/map.jinja
index b667b95..ce4ee0a 100644
--- a/mysql/map.jinja
+++ b/mysql/map.jinja
@@ -1,5 +1,5 @@
-{%- set mysql_version = pillar.mysql.server.get('version', '6.0') %}
+{%- set mysql_version = pillar.mysql.get('server', {}).get('version', '6.0') %}
{%- set server = salt['grains.filter_by']({
'Debian': {
@@ -27,6 +27,11 @@
},
}, merge=salt['pillar.get']('mysql:server')) %}
+{%- set client = salt['grains.filter_by']({
+ 'default': {
+ },
+}, merge=salt['pillar.get']('mysql:client')) %}
+
{%- if server.admin is defined %}
{%- set mysql_connection_args = {'user': server.admin.user,
'password': server.admin.password,
diff --git a/mysql/server/init.sls b/mysql/server/init.sls
index dd423b7..984b512 100644
--- a/mysql/server/init.sls
+++ b/mysql/server/init.sls
@@ -1,4 +1,3 @@
-{%- from "mysql/map.jinja" import server with context %}
include:
- mysql.server.service
- mysql.server.database
diff --git a/tests/pillar/client_database.sls b/tests/pillar/client_database.sls
new file mode 100644
index 0000000..255abb2
--- /dev/null
+++ b/tests/pillar/client_database.sls
@@ -0,0 +1,19 @@
+mysql:
+ client:
+ enabled: true
+ server:
+ server01:
+ admin:
+ host: database.host
+ port: 3306
+ user: root
+ password: password
+ encoding: utf8
+ database:
+ database01:
+ encoding: utf8
+ users:
+ - name: username
+ password: 'password'
+ host: 'localhost'
+ rights: 'all privileges'
diff --git a/tests/pillar/client_user.sls b/tests/pillar/client_user.sls
new file mode 100644
index 0000000..5dcbaa2
--- /dev/null
+++ b/tests/pillar/client_user.sls
@@ -0,0 +1,17 @@
+mysql:
+ client:
+ enabled: true
+ server:
+ server01:
+ admin:
+ host: database.host
+ port: 3306
+ user: root
+ password: password
+ encoding: utf8
+ users:
+ - name: user01
+ host: "*"
+ password: 'sdgdsgdsgd'
+ - name: user02
+ host: "localhost"
diff --git a/tests/pillar/single.sls b/tests/pillar/server_database.sls
similarity index 100%
rename from tests/pillar/single.sls
rename to tests/pillar/server_database.sls
diff --git a/tests/pillar/server_user.sls b/tests/pillar/server_user.sls
new file mode 100644
index 0000000..25ef992
--- /dev/null
+++ b/tests/pillar/server_user.sls
@@ -0,0 +1,18 @@
+mysql:
+ server:
+ enabled: true
+ version: '5.5'
+ force_encoding: utf8
+ admin:
+ user: admin
+ password: password
+ bind:
+ address: 0.0.0.0
+ port: 3306
+ protocol: tcp
+ users:
+ - name: user01
+ host: "*"
+ password: 'sdgdsgdsgd'
+ - name: user02
+ host: "localhost"