jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-07-26 15:55:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2022-03-19 19:00

Browse Source
This commit is contained in:
Daniel Berteaud
2022-03-19 19:00:07 +01:00
parent 4bdecbaba3
commit c4a7f11445
8 changed files with 69 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
roles/mysql_server/templates/dehydrated_hook.j2 Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
{% if mysql_letsencrypt_cert is defined %}
if [ $1 == "{{ pg_letsencrypt_cert }}" ]; then
cp /var/lib/dehydrated/certificates/certs/{{ mysql_letsencrypt_cert }}/fullchain.pem /etc/my.ssl/server.crt
cp /var/lib/dehydrated/certificates/certs/{{ mysql_letsencrypt_cert }}/privkey.pem /etc/my.ssl/server.key
chown root:mysql /etc/my.ssl/server.key
chown root:root /etc/my.ssl/server.crt
chmod 640 /etc/my.ssl/server.key
chmod 644 /etc/my.ssl/server.crt
mysql -e 'FLUSH SSL;'
fi
{% else %}
# No Let's Encrypt cert configured, nothing to do
exit 0
{% endif %}

6
roles/mysql_server/templates/my.cnf.j2
View File

@@ -35,6 +35,12 @@ max_allowed_packet={{ mysql_max_allowed_packet | default('16M') }}
open_files_limit={{ mysql_open_files_limit | default('8192') }}
max_connections={{ mysql_max_connections | default('300') }}
{% if mysql_ssl %}
ssl_cert={{ mysql_ssl_cert }}
ssl_key={{ mysql_ssl_key }}
ssl_ca={{ mysql_ssl_ca }}
{% endif %}
[mysqld_safe]
{% if mysql_engine == 'mysql' %}
log-error=/var/log/mysql/mysqld.log