};
users.groups.mysql.gid = config.ids.gids.mysql;
- secrets.keys = lib.flatten (lib.mapAttrsToList (name: hcfg: [
- {
- dest = "mysql_replication/${name}/slave_init_commands";
+ secrets.keys = lib.listToAttrs (lib.flatten (lib.mapAttrsToList (name: hcfg: [
+ (lib.nameValuePair "mysql_replication/${name}/slave_init_commands" {
user = "mysql";
group = "mysql";
permissions = "0400";
CHANGE MASTER TO master_host="${hcfg.host}", master_port=${hcfg.port}, master_user="${hcfg.user}", master_password="${hcfg.password}", master_ssl=1, master_use_gtid=slave_pos;
START SLAVE;
'';
- }
- {
- dest = "mysql_replication/${name}/mysqldump_remote";
+ })
+ (lib.nameValuePair "mysql_replication/${name}/mysqldump_remote" {
permissions = "0400";
user = "root";
group = "root";
user = ${hcfg.user}
password = ${hcfg.password}
'';
- }
- {
- dest = "mysql_replication/${name}/mysqldump";
+ })
+ (lib.nameValuePair "mysql_replication/${name}/mysqldump" {
permissions = "0400";
user = "root";
group = "root";
user = ${hcfg.dumpUser}
password = ${hcfg.dumpPassword}
'';
- }
- {
- dest = "mysql_replication/${name}/client";
+ })
+ (lib.nameValuePair "mysql_replication/${name}/client" {
permissions = "0400";
user = "mysql";
group = "mysql";
user = ${hcfg.dumpUser}
password = ${hcfg.dumpPassword}
'';
- }
- ]) cfg.hosts);
+ })
+ ]) cfg.hosts));
services.cron = {
enable = true;
set -euo pipefail
+ filename=${backupDir}/$(${pkgs.coreutils}/bin/date -Iminutes).sql
${hcfg.package}/bin/mysqldump \
- --defaults-file=${config.secrets.location}/mysql_replication/${name}/mysqldump \
+ --defaults-file=${config.secrets.fullPaths."mysql_replication/${name}/mysqldump"} \
-S /run/mysqld_${name}/mysqld.sock \
--gtid \
--master-data \
--flush-privileges \
- --all-databases > ${backupDir}/$(${pkgs.coreutils}/bin/date -Iseconds).sql
+ --ignore-database=netdata \
+ --all-databases > $filename
+ ${pkgs.gzip}/bin/gzip $filename
'';
u = pkgs.callPackage ./utils.nix {};
- cleanup_script = pkgs.writeScript "cleanup_mysql_${name}" (u.exponentialDumps "sql" backupDir);
+ cleanup_script = pkgs.writeScript "cleanup_mysql_${name}" (u.exponentialDumps "sql.gz" backupDir);
in [
"0 22,4,10,16 * * * root ${backup_script}"
"0 3 * * * root ${cleanup_script}"
preStart = ''
if ! test -e ${dataDir}/mysql; then
- ${hcfg.package}/bin/mysqldump \
- --defaults-file=${config.secrets.location}/mysql_replication/${name}/mysqldump_remote \
- -h ${hcfg.host} \
- -P ${hcfg.port} \
- --ssl \
- --gtid \
- --flush-privileges \
- --master-data \
- --all-databases > ${dataDir}/initial.sql
+ if ! test -e ${dataDir}/initial.sql; then
+ ${hcfg.package}/bin/mysqldump \
+ --defaults-file=${config.secrets.fullPaths."mysql_replication/${name}/mysqldump_remote"} \
+ -h ${hcfg.host} \
+ -P ${hcfg.port} \
+ --ssl \
+ --gtid \
+ --flush-privileges \
+ --master-data \
+ --all-databases > ${dataDir}/initial.sql
+ fi
${hcfg.package}/bin/mysql_install_db \
--defaults-file=/etc/mysql/${name}_my.cnf \
let
sql_before = pkgs.writeText "mysql-initial-before" ''
DROP DATABASE test;
+ INSTALL SONAME 'auth_pam';
'';
setupScript = pkgs.writeScript "mysql-setup" ''
#!${pkgs.runtimeShell} -e
cat \
${sql_before} \
${dataDir}/initial.sql \
- ${config.secrets.location}/mysql_replication/${name}/slave_init_commands \
+ ${config.secrets.fullPaths."mysql_replication/${name}/slave_init_commands"} \
| ${hcfg.package}/bin/mysql \
--defaults-file=/etc/mysql/${name}_my.cnf \
-S /run/mysqld_${name}/mysqld.sock \
projects / perso / Immae / Config / Nix.git / blobdiff