| index : devops | |
| Archlinux32 devs' convenience-scripts | gitolite user |
| summaryrefslogtreecommitdiff |
| author | Erich Eckner <git@eckner.net> | 2018-07-10 08:19:25 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2018-07-10 08:19:25 +0200 |
| commit | 261e6385c50f8d017460e3fb24f2c3fc22fdb3d6 (patch) | |
| tree | f7a61eeebd5be061c582a2c5dcb18796e90d0d99 /replicate-db | |
| -rwxr-xr-x | replicate-db | 100 |
diff --git a/replicate-db b/replicate-db new file mode 100755 index 0000000..91706cb --- /dev/null +++ b/replicate-db @@ -0,0 +1,100 @@ +#!/bin/bash + +set -e + +if [ -d '/var/lib/mysql' ]; then + read -p 'mariadb seems to be installed already - I will remove it first.' -r s + if [ -n "${s}" ]; then + echo 'Aborted.' + exit + fi + sudo systemctl stop mysqld || true + sudo systemctl disable mysqld || true + sudo pacman -Rs mariadb || true + sudo rm -rf --one-file-system '/var/lib/mysql' '/etc/mysql' +fi + +if [ -d '/etc/stunnel' ]; then + read -p 'stunnel seems to be installed already - I will remove it first.' -r s + if [ -n "${s}" ]; then + echo 'Aborted.' + exit + fi + sudo systemctl stop stunnel || true + sudo systemctl disable stunnel || true + sudo pacman -Rs stunnel || true + sudo rm -rf --one-file-system '/etc/stunnel' +fi + +read -p 'enter new root-pw: ' -s -r root_pw +printf '\n' +read -p 'enter replikat-pw: ' -s -r replikat_pw +printf '\n' + +sudo pacman -S --noconfirm mariadb stunnel + +# set up mariadb +sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql +sudo sed -i ' + /myisam_sort_buffer_size/ a group_concat_max_len = 4096 + /^#server-id/ { + s/^#// + s/[0-9]\+$/'"$RANDOM"'/ + b + } + s/^server-id/#\0/ + /^#skip-networking$/ s/^#// +' '/etc/mysql/my.cnf' + +sudo systemctl start mysqld +sudo systemctl enable mysqld + +printf '\n\n%s\n%s\n\n\n\n\n' "${root_pw}" "${root_pw}" | \ + sudo mysql_secure_installation + +# set up stunnel + +sudo tee /etc/stunnel/stunnel.conf > /dev/null <<EOF +[buildmaster-mysql] +client = yes +accept = 127.0.0.1:33061 +connect = buildmaster.archlinux32.org:3307 +verifyChain = yes +CApath = /etc/ssl/certs +checkHost = buildmaster.archlinux32.org +EOF + +sudo systemctl start stunnel +sudo systemctl enable stunnel + +tmp_file=$(mktemp) +trap 'rm "${tmp_file}"' EXIT + +ssh buildmaster ' + cd /var/backup; + ls -t | grep -m1 '"'"'^database-.*\.xz$'"'"' | xargs pv +' > "${tmp_file}" + +{ + printf 'SHOW SLAVE STATUS;\n' + printf "CREATE USER 'webserver'@'localhost' IDENTIFIED BY 'empty';\n" \ + printf "GRANT USAGE ON *.* TO 'webserver'@'localhost' IDENTIFIED BY 'empty';\n" + printf "GRANT REPLICATION CLIENT ON *.* TO 'webserver'@'localhost';\n" + printf 'GRANT %s ON buildmaster.* TO '"'"'webserver'"'"'@'"'"'localhost'"'"';\n' \ + 'CREATE TEMPORARY TABLES' \ + 'SELECT' \ + 'SHOW VIEW' + printf "CHANGE MASTER TO MASTER_HOST='%s', MASTER_PORT=%s, MASTER_USER='%s', MASTER_PASSWORD='%s';\n" \ + '127.0.0.1' \ + 33061 \ + 'replikat' \ + "${replikat_pw}" + xzcat "${tmp_file}" | pv + xzgrep -- '^-- CHANGE MASTER TO ' "${tmp_file}" | \ + sed 's/^-- //' + printf 'START SLAVE;\n' + printf 'SHOW SLAVE STATUS;\n' +} | \ + mysql -u root -p"${root_pw}" + +printf '\n\nAll set up successfully.\n' |