Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- include:
- - database.common
- {% if pillar.db_replication %}
- replication_user:
- mysql_user.present:
- - name: {{ pillar.db_replication.user }}
- - password: {{ pillar.db_replication.password }}
- - host: "%"
- - require:
- - sls: database.common
- mysql_grants.present:
- - grant: replication slave
- - database: "*.*"
- - user: {{ pillar.db_replication.user }}
- - host: "%"
- - require:
- - mysql_user: replication_user
- {% endif %}
- /etc/mysql/my.cnf:
- file.managed:
- - source: salt://database/config_files/master/my.cnf
- - user: root
- - group: root
- - mode: 644
- - template: jinja
- - defaults:
- innodb_buffer_pool_size: {{ pillar.db_config.innodb_buffer_pool_size }}
- join_buffer_size: {{ pillar.db_config.join_buffer_size }}
- query_cache_limit: {{ pillar.db_config.query_cache_limit }}
- file.absent:
- - name: /var/lib/mysql/ib_logfile0
- - name: /var/lib/mysql/ib_logfile1
- # It'd be better using the proper iptables states
- open_web_port:
- cmd.run:
- - names:
- - "ufw allow from {{ pillar.hosts.dbslave.private_ip|default(pillar.hosts.dbslave.ip) }} to any port 3306"
- - "ufw allow from {{ pillar.hosts.backend.private_ip|default(pillar.hosts.backend.ip) }} to any port 3306"
- {% for host in pillar.hosts.application %}
- - "ufw allow from {{ host.private_ip|default(host.ip) }} to any port 3306"
- {% endfor %}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement