diff --git a/.idea/dataSources.xml b/.idea/dataSources.xml index fe03d41..ddaed51 100644 --- a/.idea/dataSources.xml +++ b/.idea/dataSources.xml @@ -2,18 +2,13 @@ - mysql.8 + mariadb true nextcloud - com.mysql.cj.jdbc.Driver - jdbc:mysql://sql.xai-corp.net:3306/nextcloud2 + org.mariadb.jdbc.Driver + jdbc:mariadb://sql.xai-corp.net:3306/nextcloud2 - - - - - @@ -23,5 +18,42 @@ org.postgresql.Driver jdbc:postgresql://sql.xai-corp.net:5432/xaicorp_default + + postgresql + true + production postgres database + org.postgresql.Driver + jdbc:postgresql://localhost:5432/xaicorp_default + + + mariadb + true + nextcloud + org.mariadb.jdbc.Driver + jdbc:mariadb://localhost:3306/nextcloud2 + + + + + + mariadb + true + nextcloud + org.mariadb.jdbc.Driver + jdbc:mariadb://localhost:3306/ + + + + + + mariadb + true + root connection to mariadb + org.mariadb.jdbc.Driver + jdbc:mariadb://localhost:3307/ + + + + \ No newline at end of file diff --git a/ansible-5/roles/prod.k3s/defaults/main.yml b/ansible-5/roles/prod.k3s/defaults/main.yml index 5ea6e57..595fa4d 100644 --- a/ansible-5/roles/prod.k3s/defaults/main.yml +++ b/ansible-5/roles/prod.k3s/defaults/main.yml @@ -18,7 +18,7 @@ fstab: # path: "/opt/shared" # state: mounted - name: mariadb - path: "/opt/mariadb" + path: "/opt/data/db" state: mounted helm: @@ -38,11 +38,19 @@ apps: stash: state: present namespace: stashapp + mariadb: - enabled: false - namespace: mariadb - gitea: enabled: true + namespace: mariadb + pvc: data-mariadb-0 + state: present + secrets: + password: faj48290q2u58vy8qphqtqj + root_password: q4890qhhfgq9pfg3q4uyg33 + replication_password: 4q389hq7gf8qo47gq8374g + + gitea: + enabled: false namespace: gitea state: present diff --git a/ansible-5/roles/prod.k3s/files/mariadb/values.yaml b/ansible-5/roles/prod.k3s/files/mariadb/values.yaml index 7cd2a1c..6c7f5d4 100644 --- a/ansible-5/roles/prod.k3s/files/mariadb/values.yaml +++ b/ansible-5/roles/prod.k3s/files/mariadb/values.yaml @@ -1,17 +1,37 @@ --- -# mariadb values file - -secondary: - replicaCount: 0 +# Bitnami chart +# https://github.com/bitnami/charts/blob/main/bitnami/mariadb/values.yaml +architecture: standalone image: -# repository: mariadb -# tag: 10.5 + registry: docker.io + repository: bitnami/mariadb + tag: 10.9 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent +## MariaDB Authentication parameters +## auth: - rootPassword: "aifuoqibcqobcqb3" -# existingSecret: '' - -#primary: -# persistence: -# existingClaim: mariadb-pv-claim + ## @param auth.rootPassword Password for the `root` user. Ignored if existing secret is provided. + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/mariadb#setting-the-root-password-on-first-run + ## +# rootPassword: "" + ## @param auth.database Name for a custom database to create + ## ref: https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-on-first-run + ## + database: test + ## @param auth.username Name for a custom user to create + ## ref: https://github.com/bitnami/containers/blob/main/bitnami/mariadb/README.md#creating-a-database-user-on-first-run + ## + username: "test" + ## @param auth.password Password for the new user. Ignored if existing secret is provided + ## +# password: "" + ## @param auth.existingSecret Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` + ## + existingSecret: "mariadb-secrets" diff --git a/ansible-5/roles/prod.k3s/tasks/deployments/mariadb.yaml b/ansible-5/roles/prod.k3s/tasks/deployments/mariadb.yaml index f9d3763..5919ff5 100644 --- a/ansible-5/roles/prod.k3s/tasks/deployments/mariadb.yaml +++ b/ansible-5/roles/prod.k3s/tasks/deployments/mariadb.yaml @@ -2,29 +2,43 @@ #https://github.com/bitnami/charts/tree/master/bitnami/mariadb -- name: "todo: deploy mariadb" - debug: - msg: "TODO: write deployment tasks" - name: Create a namespace for mariadb k8s: kubeconfig: "/etc/rancher/k3s/k3s.yaml" - name: mariadb + name: "{{apps.mariadb.namespace}}" api_version: v1 kind: Namespace - state: present + state: "{{apps.mariadb.state}}" become: true - name: create persistent volume resources kubernetes.core.k8s: kubeconfig: "/etc/rancher/k3s/k3s.yaml" - state: present + state: "{{apps.mariadb.state}}" definition: "{{ lookup('template', item) | from_yaml }}" loop: - mariadb/pv.yaml - mariadb/pv-claim.yaml become: true +- name: create secret for mariadb + kubernetes.core.k8s: + kubeconfig: "/etc/rancher/k3s/k3s.yaml" + state: "{{apps.mariadb.state}}" + definition: + apiVersion: v1 + kind: Secret + type: Opaque + metadata: + name: mariadb-secrets + namespace: "{{apps.mariadb.namespace}}" + stringData: + mariadb-password: "{{apps.mariadb.secrets.password}}" + mariadb-root-password: "{{apps.mariadb.secrets.root_password}}" + mariadb-replication-password: "{{apps.mariadb.secrets.replication_password}}" + become: true + - name: Install mariadb globally available block: - name: Add mariadb chart helm repo @@ -41,9 +55,9 @@ - name: Install mariadb Release local_action: module: kubernetes.core.helm - release_state: present - name: "{{apps.mariadb.namespace}}" - namespace: mariadb + release_state: "{{apps.mariadb.state}}" + name: mariadb + namespace: "{{apps.mariadb.namespace}}" create_namespace: yes update_repo_cache: True chart_ref: bitnami/mariadb diff --git a/ansible-5/roles/prod.k3s/tasks/main.yml b/ansible-5/roles/prod.k3s/tasks/main.yml index 5daa805..440aa07 100644 --- a/ansible-5/roles/prod.k3s/tasks/main.yml +++ b/ansible-5/roles/prod.k3s/tasks/main.yml @@ -16,8 +16,9 @@ - name: deploy stash include_tasks: deployments/stash.yaml -#- name: deploy mariadb -# include_tasks: deployments/mariadb.yaml +- name: deploy mariadb + include_tasks: deployments/mariadb.yaml + when: apps.mariadb.enabled - name: deploy gitea include_tasks: deployments/gitea.yaml diff --git a/ansible-5/roles/prod.k3s/files/mariadb/pv-claim.yaml b/ansible-5/roles/prod.k3s/templates/mariadb/pv-claim.yaml similarity index 70% rename from ansible-5/roles/prod.k3s/files/mariadb/pv-claim.yaml rename to ansible-5/roles/prod.k3s/templates/mariadb/pv-claim.yaml index 1a2bfb7..de5c638 100644 --- a/ansible-5/roles/prod.k3s/files/mariadb/pv-claim.yaml +++ b/ansible-5/roles/prod.k3s/templates/mariadb/pv-claim.yaml @@ -2,8 +2,8 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: "{{apps.mariadb.namespace}}" - namespace: mariadb + name: "{{apps.mariadb.pvc}}" + namespace: "{{apps.mariadb.namespace}}" spec: storageClassName: manual accessModes: diff --git a/ansible-5/roles/prod.k3s/files/mariadb/pv.yaml b/ansible-5/roles/prod.k3s/templates/mariadb/pv.yaml similarity index 86% rename from ansible-5/roles/prod.k3s/files/mariadb/pv.yaml rename to ansible-5/roles/prod.k3s/templates/mariadb/pv.yaml index b035f51..a6f37ca 100644 --- a/ansible-5/roles/prod.k3s/files/mariadb/pv.yaml +++ b/ansible-5/roles/prod.k3s/templates/mariadb/pv.yaml @@ -13,5 +13,5 @@ spec: accessModes: - ReadWriteOnce hostPath: - path: "/opt/mariadb" + path: "/opt/data/db/mariadb-10.9" diff --git a/dockerfiles/services/services/mariadb/docker-compose.yml b/dockerfiles/services/services/mariadb/docker-compose.yml index 8faacd3..44ba117 100644 --- a/dockerfiles/services/services/mariadb/docker-compose.yml +++ b/dockerfiles/services/services/mariadb/docker-compose.yml @@ -9,7 +9,8 @@ services: mysql: image: "mariadb:10.5" volumes: - - /opt/mariadb/data:/var/lib/mysql + - /opt/data/mariadb/data:/var/lib/mysql +# - /opt/mariadb/data:/var/lib/mysql ports: - "3306:3306" environment: @@ -38,5 +39,5 @@ services: fluentd-async-connect: 'true' tag: mariadb - networks: - - prod_db +# networks: +# - prod_db