Fixed mysql for centos 7

b96b95ee · Jupiter Hu · 4bebaf89 · b96b95ee · b96b95ee · b96b95ee
Commit b96b95ee authored 9 years ago by Jupiter Hu
--- a/roles/karaage3.1.17/tasks/apacheDebian.yml
+++ b/roles/karaage3.1.17/tasks/apacheDebian.yml
@@ -7,14 +7,6 @@
  - apache2-dev
 sudo: true
-
- name: "Setting default-ssl site"
- lineinfile: dest=/etc/apache2/sites-available/default-ssl.conf  regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
- with_items:
-  - { regexp : "^\\s+SSLCertificateFile", line : "		SSLCertificateFile {{ x509_cert_file }}" }
-  - { regexp : "SSLCertificateKeyFile", line : "		SSLCertificateKeyFile {{ x509_key_file }}" }
-  - { regexp : "SSLCACertificateFile", line : "		SSLCACertificateFile {{ x509_cacert_file }}" }
- sudo: true
 -
 name: "Templating default-ssl site"
 template: src=default-ssl.j2 dest=/etc/apache2/sites-available/default-ssl.conf owner=www-data group=www-data

--- a/roles/karaage3.1.17/tasks/apacheRedHat.yml
+++ b/roles/karaage3.1.17/tasks/apacheRedHat.yml
@@ -14,14 +14,12 @@
 name: Setting httpd.conf
 sudo: true
 replace: dest=/etc/httpd/conf/httpd.conf regexp="^#ServerName www.example.com:80" replace="ServerName {{ ansible_fqdn }}"
 -
- name: Setting ssl.conf
+ name: "Templating default-ssl site"
+ template: src=default-ssl.j2 dest=/etc/httpd/conf.d/ssl.conf owner=apache group=apache
 sudo: true
- lineinfile: dest=/etc/httpd/conf.d/ssl.conf regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
- with_items:
-  - { regexp : "^SSLCertificateFile", line : "SSLCertificateFile {{ x509_cert_file }}" }
-  - { regexp : "SSLCertificateKeyFile", line : "SSLCertificateKeyFile {{ x509_key_file }}" }
-  - { regexp : "SSLCACertificateFile", line : "SSLCACertificateFile {{ x509_cacert_file }}" }
 -
 name: Templating wsgi.conf
 sudo: true

--- a/roles/karaage3.1.17/tasks/karaage.yml
+++ b/roles/karaage3.1.17/tasks/karaage.yml
@@ -13,6 +13,8 @@
  - python-cracklib
  - git
  - apache2-dev
+  - mysql-client
+  - python-dev
 when: ansible_os_family == "Debian"
 -
 name: "Installing prerequisites Redhat"
@@ -55,7 +57,6 @@
 sudo: true
 with_items:
  - six
-  - MySQL-python
  - slimit
  - ply
  - cython

--- a/roles/karaage3.1.17/templates/default-ssl.j2
+++ b/roles/karaage3.1.17/templates/default-ssl.j2
@@ -50,7 +50,7 @@
 	#   certificate chain for the server certificate. Alternatively
 	#   when the CA certificates are directly appended to the server
 	#   certificate for convinience.
-	#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
+	SSLCertificateChainFile {{ x509_cert_chain }} 
 	#   Certificate Authority (CA):
 	#   Set the CA certificate verification path where to find CA
@@ -59,13 +59,6 @@
 	#   Note: Inside SSLCACertificatePath you need hash symlinks
 	#         to point to the certificate files. Use the provided
 	#         Makefile to update the hash symlinks after changes.
-    {% if ldapCaCertFile is defined and ldapCaCertDir is defined %}
-    SSLCACertificatePath {{ ldapCaCertDir }} 
-    SSLCACertificateFile {{ ldapCaCertDir }}/{{ ldapCaCertFile }}
-    {% else %}
-    SSLCACertificatePath /etc/ssl/certs/
-    SSLCACertificateFile {{ x509_cacert_file }}
-    {% endif %}
 	#   Certificate Revocation Lists (CRL):
 	#   Set the CA revocation path where to find CA CRLs for client

--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -99,21 +99,21 @@
  with_items: ldapCertFiles 
  sudo: true
- name: copy cert
+#- name: copy cert
-  command: cp /etc/ssl/certs/server.crt {{ ldapcert }}
+#  command: cp /etc/ssl/certs/server.crt {{ ldapcert }}
-  sudo: true
+#  sudo: true
- name: copy cacert
+#- name: copy cacert
-  command: cp /etc/ssl/certs/ca.crt {{ cacert }}
+#  command: cp /etc/ssl/certs/ca.crt {{ cacert }}
-  sudo: true
+#  sudo: true
- name: copy key
+#- name: copy key
-  command: cp /etc/ssl/private/server.key {{ ldapkey }}
+#  command: cp /etc/ssl/private/server.key {{ ldapkey }}
-  sudo: true
+#  sudo: true
- name: chmod key
+#- name: chmod key
-  file: path={{ ldapkey }} owner={{ ldapuser }} group={{ ldapgroup }} mode=600
+#  file: path={{ ldapkey }} owner={{ ldapuser }} group={{ ldapgroup }} mode=600
-  sudo: true
+#  sudo: true
 - name: enable ssl centos
  lineinfile: regexp="SLAPD_LDAPS=no" state=present line="SLAPD_LDAPS=yes" dest=/etc/sysconfig/ldap

--- a/roles/mysql/tasks/main.yml
+++ b/roles/mysql/tasks/main.yml
 ---
- - include: mysql_client.yml mysql_type=mysql_client
+- include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
- - include: mysql_server.yml mysql_type=mysql_server
+- include: "{{ mysql_type }}.yml"
--- a/roles/mysql/tasks/mysql_server.yml
+++ b/roles/mysql/tasks/mysql_server.yml
 ---
 - name: "Installing MySQL Debian"
  apt: name="{{ item }}" update_cache=yes cache_valid_time=3600 state=present
-  with_items:
+  with_items: server_packages
-    - python
-    - python-dev
-    - libmysqlclient-dev
-    - python-pip
-    - libapache2-mod-wsgi
-    - python-mysql.connector
-    - mysql-server
-    - python-mysqldb
  sudo: true
  when: ansible_os_family == "Debian"
+- name: "Remove rdo repo"
+  file: path=/etc/yum.repos.d/rdo-release.repo state=absent
+  sudo: true
+  when: ansible_os_family == "RedHat" and ansible_distribution_major_version >= 7
+- name: "Check RPM packages"
+  shell: ls /etc/yum.repos.d/mysql-community.repo
+  register: mysql_repo
+  ignore_errors: true
+  when: rpm_package is defined
+- name: "Add RPM packages"
+  shell: rpm -iUvh {{ rpm_package }} 
+  sudo: true
+  when: mysql_repo | failed
 - name: Installing MySQL RedHat
-  yum: name="{{ item }}" state=latest
+  yum: name={{ item }}
-  with_items:
+  with_items: server_packages
-    - python
-    - python-devel
-    - mysql-devel
-    - mysql-libs
-    - MySQL-python
-    - mysql-server
  sudo: true
  when: ansible_os_family == "RedHat"
@@ -36,7 +38,8 @@
  when: ansible_os_family == "RedHat" and ansible_distribution_major_version < 7
 - name: "Starting MySQL"
-  service: name=mariadb state=started enabled=true
+#  service: name=mariadb state=started enabled=true
+  service: name=mysqld state=started enabled=true
  sudo: true
  when: ansible_os_family == "RedHat" and ansible_distribution_major_version >= 7

--- a/roles/mysql/vars/CentOS_6.yml
+++ b/roles/mysql/vars/CentOS_6.yml
+server_packages:
+  - python
+  - python-devel
+  - mysql-devel
+  - mysql-libs
+  - MySQL-python
+  - mysql-server
--- a/roles/mysql/vars/CentOS_7.yml
+++ b/roles/mysql/vars/CentOS_7.yml
+rpm_package: "http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm"
+server_packages:
+  - python
+  - python-devel
+  - MySQL-python
+  - mysql-community-server
--- a/roles/mysql/vars/Debian_7.yml
+++ b/roles/mysql/vars/Debian_7.yml
+server_packages:
+  - python
+  - python-dev
+  - libmysqlclient-dev
+  - python-pip
+  - libapache2-mod-wsgi
+  - python-mysql.connector
+  - mysql-server
+  - python-mysqldb
--- a/roles/mysql/vars/Debian_8.yml
+++ b/roles/mysql/vars/Debian_8.yml
+server_packages:
+  - python
+  - python-dev
+  - libmysqlclient-dev
+  - python-pip
+  - libapache2-mod-wsgi
+  - python-mysql.connector
+  - mysql-server
+  - python-mysqldb
--- a/roles/mysql/vars/main.yml
+++ b/roles/mysql/vars/main.yml
---
-mysql_config_file_name: mysql_config