1 { pkgs, config, lib, ... }:
3 cfg = config.myServices.databasesReplication.mariadb;
6 options.myServices.databasesReplication.mariadb = {
7 enable = lib.mkEnableOption "Enable mariadb replication";
11 Base path to put the replications
14 hosts = lib.mkOption {
19 type = lib.types.attrsOf (lib.types.submodule {
21 package = lib.mkOption {
22 type = lib.types.package;
23 default = pkgs.mariadb;
25 Mariadb package for this host
28 serverId = lib.mkOption {
31 Server id to use for replication cluster (must be unique among the cluster!)
52 password = lib.mkOption {
58 dumpUser = lib.mkOption {
61 User who can do a dump
64 dumpPassword = lib.mkOption {
67 Password for the dump user
75 config = lib.mkIf cfg.enable {
76 myServices.chatonsProperties.hostings.mysql-replication = {
77 file.datetime = "2022-08-27T15:00:00";
79 name = "Mysql replication";
80 description = "Replication of mysql database";
81 website = "db-1.immae.eu";
83 status.description = "OK";
84 registration.load = "OPEN";
85 install.type = "PACKAGE";
89 website = "https://mariadb.org/";
90 license.url = "https://github.com/MariaDB/server/blob/10.11/COPYING";
91 license.name = "GNU General Public License v2.0";
92 version = pkgs.mariadb.version;
93 source.url = "https://github.com/MariaDB/server";
97 description = "MySQL server user";
99 uid = config.ids.uids.mysql;
100 extraGroups = [ "keys" ];
102 users.groups.mysql.gid = config.ids.gids.mysql;
104 secrets.keys = lib.listToAttrs (lib.flatten (lib.mapAttrsToList (name: hcfg: [
105 (lib.nameValuePair "mysql_replication/${name}/slave_init_commands" {
108 permissions = "0400";
110 CHANGE MASTER TO master_host="${hcfg.host}", master_port=${builtins.toString hcfg.port}, master_user="${hcfg.user}", master_password="${hcfg.password}", master_ssl=1, master_use_gtid=slave_pos;
114 (lib.nameValuePair "mysql_replication/${name}/mysqldump_remote" {
115 permissions = "0400";
121 password = ${hcfg.password}
124 (lib.nameValuePair "mysql_replication/${name}/mysqldump" {
125 permissions = "0400";
130 user = ${hcfg.dumpUser}
131 password = ${hcfg.dumpPassword}
134 (lib.nameValuePair "mysql_replication/${name}/client" {
135 permissions = "0400";
140 user = ${hcfg.dumpUser}
141 password = ${hcfg.dumpPassword}
148 systemCronJobs = lib.flatten (lib.mapAttrsToList (name: hcfg:
150 dataDir = "${cfg.base}/${name}/mysql";
151 backupDir = "${cfg.base}/${name}/mysql_backup";
152 backup_script = pkgs.writeScript "backup_mysql_${name}" ''
153 #!${pkgs.stdenv.shell}
157 filename=${backupDir}/$(${pkgs.coreutils}/bin/date -Iminutes).sql
158 ${hcfg.package}/bin/mysqldump \
159 --defaults-file=${config.secrets.fullPaths."mysql_replication/${name}/mysqldump"} \
160 -S /run/mysqld_${name}/mysqld.sock \
164 --ignore-database=netdata \
165 --all-databases > $filename
166 ${pkgs.gzip}/bin/gzip $filename
168 u = pkgs.callPackage ./utils.nix {};
169 cleanup_script = pkgs.writeScript "cleanup_mysql_${name}" (u.exponentialDumps "sql.gz" backupDir);
171 "0 22,4,10,16 * * * root ${backup_script}"
172 "0 3 * * * root ${cleanup_script}"
176 system.activationScripts = lib.attrsets.mapAttrs' (name: hcfg:
177 lib.attrsets.nameValuePair "mysql_replication_${name}" {
178 deps = [ "users" "groups" ];
180 install -m 0700 -o mysql -g mysql -d ${cfg.base}/${name}/mysql
181 install -m 0700 -o mysql -g mysql -d ${cfg.base}/${name}/mysql_backup
185 environment.etc = lib.attrsets.mapAttrs' (name: hcfg:
186 lib.attrsets.nameValuePair "mysql/${name}_my.cnf" {
190 socket = /run/mysqld_${name}/mysqld.sock
191 datadir = ${cfg.base}/${name}/mysql/
192 log-bin = mariadb-bin
193 server-id = ${builtins.toString hcfg.serverId}
198 environment.systemPackages = lib.mapAttrsToList (name: hcfg:
199 pkgs.writeScriptBin "mysql_backup_${name}" ''
200 #!${pkgs.stdenv.shell}
202 exec ${hcfg.package}/bin/mysql -S /run/mysqld_${name}/mysqld.sock "$@"
206 systemd.services = lib.attrsets.mapAttrs' (name: hcfg:
208 dataDir = "${cfg.base}/${name}/mysql";
210 lib.attrsets.nameValuePair "mysql_backup_${name}" {
211 description = "Mysql replication for ${name}";
212 wantedBy = [ "multi-user.target" ];
213 after = [ "network.target" ];
214 restartTriggers = [ config.environment.etc."mysql/${name}_my.cnf".source ];
215 unitConfig.RequiresMountsFor = dataDir;
218 if ! test -e ${dataDir}/mysql; then
219 if ! test -e ${dataDir}/initial.sql; then
220 ${hcfg.package}/bin/mysqldump \
221 --defaults-file=${config.secrets.fullPaths."mysql_replication/${name}/mysqldump_remote"} \
223 -P ${builtins.toString hcfg.port} \
228 --all-databases > ${dataDir}/initial.sql
231 ${hcfg.package}/bin/mysql_install_db \
232 --defaults-file=/etc/mysql/${name}_my.cnf \
234 --datadir=${dataDir} \
235 --basedir=${hcfg.package}
242 RuntimeDirectory = "mysqld_${name}";
243 RuntimeDirectoryMode = "0755";
244 SupplementaryGroups = "keys";
245 PermissionsStartOnly = true;
248 ExecStart = "${hcfg.package}/bin/mysqld --defaults-file=/etc/mysql/${name}_my.cnf --user=mysql --datadir=${dataDir} --basedir=${hcfg.package}";
251 sql_before = pkgs.writeText "mysql-initial-before" ''
253 INSTALL SONAME 'auth_pam';
255 setupScript = pkgs.writeScript "mysql-setup" ''
256 #!${pkgs.runtimeShell} -e
258 if test -e ${dataDir}/initial.sql; then
261 ${dataDir}/initial.sql \
262 ${config.secrets.fullPaths."mysql_replication/${name}/slave_init_commands"} \
263 | ${hcfg.package}/bin/mysql \
264 --defaults-file=/etc/mysql/${name}_my.cnf \
265 -S /run/mysqld_${name}/mysqld.sock \
267 rm -f ${dataDir}/initial.sql
272 # initial dump can take a long time
273 TimeoutStartSec="infinity";
274 TimeoutStopSec = 120;