From b96b95eed250f6941a4822bad8ca55c9354cf2ce Mon Sep 17 00:00:00 2001
From: CVL-GitHub <jupiter.hu@monash.edu>
Date: Wed, 26 Aug 2015 09:26:33 +1000
Subject: [PATCH] Fixed mysql for centos 7

---
 roles/karaage3.1.17/tasks/apacheDebian.yml   |  8 ----
 roles/karaage3.1.17/tasks/apacheRedHat.yml   | 10 ++---
 roles/karaage3.1.17/tasks/karaage.yml        |  3 +-
 roles/karaage3.1.17/templates/default-ssl.j2 |  9 +----
 roles/ldapserver/tasks/main.yml              | 24 ++++++------
 roles/mysql/tasks/main.yml                   |  4 +-
 roles/mysql/tasks/mysql_server.yml           | 39 +++++++++++---------
 roles/mysql/vars/CentOS_6.yml                |  9 +++++
 roles/mysql/vars/CentOS_7.yml                |  9 +++++
 roles/mysql/vars/Debian_7.yml                | 10 +++++
 roles/mysql/vars/Debian_8.yml                | 10 +++++
 roles/mysql/vars/main.yml                    |  2 -
 12 files changed, 80 insertions(+), 57 deletions(-)
 create mode 100644 roles/mysql/vars/CentOS_6.yml
 create mode 100644 roles/mysql/vars/CentOS_7.yml
 create mode 100644 roles/mysql/vars/Debian_7.yml
 create mode 100644 roles/mysql/vars/Debian_8.yml
 delete mode 100644 roles/mysql/vars/main.yml

diff --git a/roles/karaage3.1.17/tasks/apacheDebian.yml b/roles/karaage3.1.17/tasks/apacheDebian.yml
index 2ee1fdbb..44ffcdc4 100644
--- a/roles/karaage3.1.17/tasks/apacheDebian.yml
+++ b/roles/karaage3.1.17/tasks/apacheDebian.yml
@@ -7,14 +7,6 @@
   - apache2-dev
  sudo: true
 
--
- name: "Setting default-ssl site"
- lineinfile: dest=/etc/apache2/sites-available/default-ssl.conf  regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
- with_items:
-  - { regexp : "^\\s+SSLCertificateFile", line : "		SSLCertificateFile {{ x509_cert_file }}" }
-  - { regexp : "SSLCertificateKeyFile", line : "		SSLCertificateKeyFile {{ x509_key_file }}" }
-  - { regexp : "SSLCACertificateFile", line : "		SSLCACertificateFile {{ x509_cacert_file }}" }
- sudo: true
 -
  name: "Templating default-ssl site"
  template: src=default-ssl.j2 dest=/etc/apache2/sites-available/default-ssl.conf owner=www-data group=www-data
diff --git a/roles/karaage3.1.17/tasks/apacheRedHat.yml b/roles/karaage3.1.17/tasks/apacheRedHat.yml
index 3515c7c2..584ed275 100644
--- a/roles/karaage3.1.17/tasks/apacheRedHat.yml
+++ b/roles/karaage3.1.17/tasks/apacheRedHat.yml
@@ -14,14 +14,12 @@
  name: Setting httpd.conf
  sudo: true
  replace: dest=/etc/httpd/conf/httpd.conf regexp="^#ServerName www.example.com:80" replace="ServerName {{ ansible_fqdn }}"
+
 -
- name: Setting ssl.conf
+ name: "Templating default-ssl site"
+ template: src=default-ssl.j2 dest=/etc/httpd/conf.d/ssl.conf owner=apache group=apache
  sudo: true
- lineinfile: dest=/etc/httpd/conf.d/ssl.conf regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
- with_items:
-  - { regexp : "^SSLCertificateFile", line : "SSLCertificateFile {{ x509_cert_file }}" }
-  - { regexp : "SSLCertificateKeyFile", line : "SSLCertificateKeyFile {{ x509_key_file }}" }
-  - { regexp : "SSLCACertificateFile", line : "SSLCACertificateFile {{ x509_cacert_file }}" }
+
 -
  name: Templating wsgi.conf
  sudo: true
diff --git a/roles/karaage3.1.17/tasks/karaage.yml b/roles/karaage3.1.17/tasks/karaage.yml
index d4a11f1c..6e66587f 100644
--- a/roles/karaage3.1.17/tasks/karaage.yml
+++ b/roles/karaage3.1.17/tasks/karaage.yml
@@ -13,6 +13,8 @@
   - python-cracklib
   - git
   - apache2-dev
+  - mysql-client
+  - python-dev
  when: ansible_os_family == "Debian"
 -
  name: "Installing prerequisites Redhat"
@@ -55,7 +57,6 @@
  sudo: true
  with_items:
   - six
-  - MySQL-python
   - slimit
   - ply
   - cython
diff --git a/roles/karaage3.1.17/templates/default-ssl.j2 b/roles/karaage3.1.17/templates/default-ssl.j2
index 6462e0a4..30ba1f3c 100644
--- a/roles/karaage3.1.17/templates/default-ssl.j2
+++ b/roles/karaage3.1.17/templates/default-ssl.j2
@@ -50,7 +50,7 @@
 	#   certificate chain for the server certificate. Alternatively
 	#   when the CA certificates are directly appended to the server
 	#   certificate for convinience.
-	#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
+	SSLCertificateChainFile {{ x509_cert_chain }} 
 
 	#   Certificate Authority (CA):
 	#   Set the CA certificate verification path where to find CA
@@ -59,13 +59,6 @@
 	#   Note: Inside SSLCACertificatePath you need hash symlinks
 	#         to point to the certificate files. Use the provided
 	#         Makefile to update the hash symlinks after changes.
-    {% if ldapCaCertFile is defined and ldapCaCertDir is defined %}
-    SSLCACertificatePath {{ ldapCaCertDir }} 
-    SSLCACertificateFile {{ ldapCaCertDir }}/{{ ldapCaCertFile }}
-    {% else %}
-    SSLCACertificatePath /etc/ssl/certs/
-    SSLCACertificateFile {{ x509_cacert_file }}
-    {% endif %}
 
 	#   Certificate Revocation Lists (CRL):
 	#   Set the CA revocation path where to find CA CRLs for client
diff --git a/roles/ldapserver/tasks/main.yml b/roles/ldapserver/tasks/main.yml
index dab389be..d569bf21 100644
--- a/roles/ldapserver/tasks/main.yml
+++ b/roles/ldapserver/tasks/main.yml
@@ -99,21 +99,21 @@
   with_items: ldapCertFiles 
   sudo: true
   
-- name: copy cert
-  command: cp /etc/ssl/certs/server.crt {{ ldapcert }}
-  sudo: true
+#- name: copy cert
+#  command: cp /etc/ssl/certs/server.crt {{ ldapcert }}
+#  sudo: true
 
-- name: copy cacert
-  command: cp /etc/ssl/certs/ca.crt {{ cacert }}
-  sudo: true
+#- name: copy cacert
+#  command: cp /etc/ssl/certs/ca.crt {{ cacert }}
+#  sudo: true
 
-- name: copy key
-  command: cp /etc/ssl/private/server.key {{ ldapkey }}
-  sudo: true
+#- name: copy key
+#  command: cp /etc/ssl/private/server.key {{ ldapkey }}
+#  sudo: true
 
-- name: chmod key
-  file: path={{ ldapkey }} owner={{ ldapuser }} group={{ ldapgroup }} mode=600
-  sudo: true
+#- name: chmod key
+#  file: path={{ ldapkey }} owner={{ ldapuser }} group={{ ldapgroup }} mode=600
+#  sudo: true
 
 - name: enable ssl centos
   lineinfile: regexp="SLAPD_LDAPS=no" state=present line="SLAPD_LDAPS=yes" dest=/etc/sysconfig/ldap
diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml
index bc39805e..fd7181ba 100644
--- a/roles/mysql/tasks/main.yml
+++ b/roles/mysql/tasks/main.yml
@@ -1,3 +1,3 @@
 ---
- - include: mysql_client.yml mysql_type=mysql_client
- - include: mysql_server.yml mysql_type=mysql_server
+- include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
+- include: "{{ mysql_type }}.yml"
diff --git a/roles/mysql/tasks/mysql_server.yml b/roles/mysql/tasks/mysql_server.yml
index 9e4b32d5..170178fc 100644
--- a/roles/mysql/tasks/mysql_server.yml
+++ b/roles/mysql/tasks/mysql_server.yml
@@ -1,27 +1,29 @@
 ---
 - name: "Installing MySQL Debian"
   apt: name="{{ item }}" update_cache=yes cache_valid_time=3600 state=present
-  with_items:
-    - python
-    - python-dev
-    - libmysqlclient-dev
-    - python-pip
-    - libapache2-mod-wsgi
-    - python-mysql.connector
-    - mysql-server
-    - python-mysqldb
+  with_items: server_packages
   sudo: true
   when: ansible_os_family == "Debian"
 
+- name: "Remove rdo repo"
+  file: path=/etc/yum.repos.d/rdo-release.repo state=absent
+  sudo: true
+  when: ansible_os_family == "RedHat" and ansible_distribution_major_version >= 7
+
+- name: "Check RPM packages"
+  shell: ls /etc/yum.repos.d/mysql-community.repo
+  register: mysql_repo
+  ignore_errors: true
+  when: rpm_package is defined
+
+- name: "Add RPM packages"
+  shell: rpm -iUvh {{ rpm_package }} 
+  sudo: true
+  when: mysql_repo | failed
+
 - name: Installing MySQL RedHat
-  yum: name="{{ item }}" state=latest
-  with_items:
-    - python
-    - python-devel
-    - mysql-devel
-    - mysql-libs
-    - MySQL-python
-    - mysql-server
+  yum: name={{ item }}
+  with_items: server_packages
   sudo: true
   when: ansible_os_family == "RedHat"
 
@@ -36,7 +38,8 @@
   when: ansible_os_family == "RedHat" and ansible_distribution_major_version < 7
 
 - name: "Starting MySQL"
-  service: name=mariadb state=started enabled=true
+#  service: name=mariadb state=started enabled=true
+  service: name=mysqld state=started enabled=true
   sudo: true
   when: ansible_os_family == "RedHat" and ansible_distribution_major_version >= 7
 
diff --git a/roles/mysql/vars/CentOS_6.yml b/roles/mysql/vars/CentOS_6.yml
new file mode 100644
index 00000000..e3bbeaef
--- /dev/null
+++ b/roles/mysql/vars/CentOS_6.yml
@@ -0,0 +1,9 @@
+server_packages:
+  - python
+  - python-devel
+  - mysql-devel
+  - mysql-libs
+  - MySQL-python
+  - mysql-server
+
+
diff --git a/roles/mysql/vars/CentOS_7.yml b/roles/mysql/vars/CentOS_7.yml
new file mode 100644
index 00000000..524f128c
--- /dev/null
+++ b/roles/mysql/vars/CentOS_7.yml
@@ -0,0 +1,9 @@
+rpm_package: "http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm"
+
+server_packages:
+  - python
+  - python-devel
+  - MySQL-python
+  - mysql-community-server
+
+
diff --git a/roles/mysql/vars/Debian_7.yml b/roles/mysql/vars/Debian_7.yml
new file mode 100644
index 00000000..eec16f6a
--- /dev/null
+++ b/roles/mysql/vars/Debian_7.yml
@@ -0,0 +1,10 @@
+server_packages:
+  - python
+  - python-dev
+  - libmysqlclient-dev
+  - python-pip
+  - libapache2-mod-wsgi
+  - python-mysql.connector
+  - mysql-server
+  - python-mysqldb
+
diff --git a/roles/mysql/vars/Debian_8.yml b/roles/mysql/vars/Debian_8.yml
new file mode 100644
index 00000000..eec16f6a
--- /dev/null
+++ b/roles/mysql/vars/Debian_8.yml
@@ -0,0 +1,10 @@
+server_packages:
+  - python
+  - python-dev
+  - libmysqlclient-dev
+  - python-pip
+  - libapache2-mod-wsgi
+  - python-mysql.connector
+  - mysql-server
+  - python-mysqldb
+
diff --git a/roles/mysql/vars/main.yml b/roles/mysql/vars/main.yml
deleted file mode 100644
index 5ab65948..00000000
--- a/roles/mysql/vars/main.yml
+++ /dev/null
@@ -1,2 +0,0 @@
----
-mysql_config_file_name: mysql_config
-- 
GitLab