X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fdatabases%2Fmariadb_replication.nix;h=68e6f7fdd809590e503d35d7e4793539b9d695a2;hb=4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0;hp=ca1432f87815b6bf0e6487249071a174ca81f6f7;hpb=5af06538a1caf8500a80034a24dfd676e85e220b;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/databases/mariadb_replication.nix b/modules/private/databases/mariadb_replication.nix
index ca1432f..68e6f7f 100644
--- a/modules/private/databases/mariadb_replication.nix
+++ b/modules/private/databases/mariadb_replication.nix
@@ -81,9 +81,8 @@ in
     };
     users.groups.mysql.gid = config.ids.gids.mysql;
 
-    secrets.keys = lib.flatten (lib.mapAttrsToList (name: hcfg: [
-      {
-        dest = "mysql_replication/${name}/slave_init_commands";
+    secrets.keys = lib.listToAttrs (lib.flatten (lib.mapAttrsToList (name: hcfg: [
+      (lib.nameValuePair "mysql_replication/${name}/slave_init_commands" {
         user = "mysql";
         group = "mysql";
         permissions = "0400";
@@ -91,9 +90,8 @@ in
           CHANGE MASTER TO master_host="${hcfg.host}", master_port=${hcfg.port}, master_user="${hcfg.user}", master_password="${hcfg.password}", master_ssl=1, master_use_gtid=slave_pos;
           START SLAVE;
           '';
-      }
-      {
-        dest = "mysql_replication/${name}/mysqldump_remote";
+      })
+      (lib.nameValuePair "mysql_replication/${name}/mysqldump_remote" {
         permissions = "0400";
         user = "root";
         group = "root";
@@ -102,9 +100,8 @@ in
           user = ${hcfg.user}
           password = ${hcfg.password}
         '';
-      }
-      {
-        dest = "mysql_replication/${name}/mysqldump";
+      })
+      (lib.nameValuePair "mysql_replication/${name}/mysqldump" {
         permissions = "0400";
         user = "root";
         group = "root";
@@ -113,9 +110,8 @@ in
           user = ${hcfg.dumpUser}
           password = ${hcfg.dumpPassword}
         '';
-      }
-      {
-        dest = "mysql_replication/${name}/client";
+      })
+      (lib.nameValuePair "mysql_replication/${name}/client" {
         permissions = "0400";
         user = "mysql";
         group = "mysql";
@@ -124,8 +120,8 @@ in
           user = ${hcfg.dumpUser}
           password = ${hcfg.dumpPassword}
         '';
-      }
-    ]) cfg.hosts);
+      })
+    ]) cfg.hosts));
 
     services.cron = {
       enable = true;
@@ -138,16 +134,19 @@ in
 
               set -euo pipefail
 
+              filename=${backupDir}/$(${pkgs.coreutils}/bin/date -Iminutes).sql
               ${hcfg.package}/bin/mysqldump \
-                --defaults-file=${config.secrets.location}/mysql_replication/${name}/mysqldump \
+                --defaults-file=${config.secrets.fullPaths."mysql_replication/${name}/mysqldump"} \
                 -S /run/mysqld_${name}/mysqld.sock \
                 --gtid \
                 --master-data \
                 --flush-privileges \
-                --all-databases > ${backupDir}/$(${pkgs.coreutils}/bin/date -Iseconds).sql
+                --ignore-database=netdata \
+                --all-databases > $filename
+              ${pkgs.gzip}/bin/gzip $filename
             '';
           u = pkgs.callPackage ./utils.nix {};
-          cleanup_script = pkgs.writeScript "cleanup_mysql_${name}" (u.exponentialDumps "sql" backupDir);
+          cleanup_script = pkgs.writeScript "cleanup_mysql_${name}" (u.exponentialDumps "sql.gz" backupDir);
         in [
           "0 22,4,10,16 * * * root ${backup_script}"
           "0 3 * * * root ${cleanup_script}"
@@ -189,15 +188,17 @@ in
 
         preStart = ''
           if ! test -e ${dataDir}/mysql; then
-            ${hcfg.package}/bin/mysqldump \
-              --defaults-file=${config.secrets.location}/mysql_replication/${name}/mysqldump_remote \
-              -h ${hcfg.host} \
-              -P ${hcfg.port} \
-              --ssl \
-              --gtid \
-              --flush-privileges \
-              --master-data \
-              --all-databases > ${dataDir}/initial.sql
+            if ! test -e ${dataDir}/initial.sql; then
+              ${hcfg.package}/bin/mysqldump \
+                --defaults-file=${config.secrets.fullPaths."mysql_replication/${name}/mysqldump_remote"} \
+                -h ${hcfg.host} \
+                -P ${hcfg.port} \
+                --ssl \
+                --gtid \
+                --flush-privileges \
+                --master-data \
+                --all-databases > ${dataDir}/initial.sql
+            fi
 
             ${hcfg.package}/bin/mysql_install_db \
               --defaults-file=/etc/mysql/${name}_my.cnf \
@@ -221,6 +222,7 @@ in
             let
               sql_before = pkgs.writeText "mysql-initial-before" ''
                 DROP DATABASE test;
+                INSTALL SONAME 'auth_pam';
                 '';
               setupScript = pkgs.writeScript "mysql-setup" ''
                 #!${pkgs.runtimeShell} -e
@@ -229,7 +231,7 @@ in
                   cat \
                     ${sql_before} \
                     ${dataDir}/initial.sql \
-                    ${config.secrets.location}/mysql_replication/${name}/slave_init_commands \
+                    ${config.secrets.fullPaths."mysql_replication/${name}/slave_init_commands"} \
                     | ${hcfg.package}/bin/mysql \
                     --defaults-file=/etc/mysql/${name}_my.cnf \
                     -S /run/mysqld_${name}/mysqld.sock \