iggy/mysql.sls

## mysql.sls
mysql:
  ini.options_present:
    - name: /etc/mysql/my.cnf
    - watch_in:
      - service: mysqlpkgs
    - sections:
        mysqld:
          bind-address: 0.0.0.0
            # {{ salt['grains.get']('digitalocean:interfaces:private:ipv4:ip_address') }}
          default-storage-engine: innodb
          key_buffer: 1M
          max_allowed_packet: 4M
          thread_stack: 1M
          # table_cache: 4
          sort_buffer: 1M
          net_buffer_length: 4M
          skip-federated:
          # skip-blackhole:
          # skip-archive:
          # skip-sphinx:

  debconf.set:
    - name: percona-xtradb-cluster-server-56
    - data:
        'percona-xtradb-cluster-server/root_password': {'type': 'password', 'value': '{{ pillar.xtradb.rootpw }}'}
        'percona-xtradb-cluster-server/root_password_again': {'type': 'password', 'value': '{{ pillar.xtradb.rootpw }}'}

  pkgrepo.managed:
    - humanname: percona repo
    - name: deb http://repo.percona.com/apt {{ salt['grains.get']('lsb_distrib_codename') }} main
    - file: /etc/apt/sources.list.d/percona.list
    - keyid: 1C4CBDCDCD2EFD2A
    - keyserver: keys.gnupg.net
    - require_in:
      - pkg: mysqlpkgs

  pkg.latest:
    - name: percona-xtradb-cluster-56
    - refresh: False

  service.running:
    - name: mysql

  # we don't want mysql open to the internet, but it's socket bind settings are pretty abysmal
  # so set it to listen on * and then use iptables to block the public address
  iptables.append:
    - table: filter
    - chain: INPUT
    - jump: REJECT
    - dport: 3306
    - proto: tcp
    - in-interface: eth0
	mysql:
	ini.options_present:
	- name: /etc/mysql/my.cnf
	- watch_in:
	- service: mysqlpkgs
	- sections:
	mysqld:
	bind-address: 0.0.0.0
	# {{ salt['grains.get']('digitalocean:interfaces:private:ipv4:ip_address') }}
	default-storage-engine: innodb
	key_buffer: 1M
	max_allowed_packet: 4M
	thread_stack: 1M
	# table_cache: 4
	sort_buffer: 1M
	net_buffer_length: 4M
	skip-federated:
	# skip-blackhole:
	# skip-archive:
	# skip-sphinx:

	debconf.set:
	- name: percona-xtradb-cluster-server-56
	- data:
	'percona-xtradb-cluster-server/root_password': {'type': 'password', 'value': '{{ pillar.xtradb.rootpw }}'}
	'percona-xtradb-cluster-server/root_password_again': {'type': 'password', 'value': '{{ pillar.xtradb.rootpw }}'}

	pkgrepo.managed:
	- humanname: percona repo
	- name: deb http://repo.percona.com/apt {{ salt['grains.get']('lsb_distrib_codename') }} main
	- file: /etc/apt/sources.list.d/percona.list
	- keyid: 1C4CBDCDCD2EFD2A
	- keyserver: keys.gnupg.net
	- require_in:
	- pkg: mysqlpkgs

	pkg.latest:
	- name: percona-xtradb-cluster-56
	- refresh: False

	service.running:
	- name: mysql

	# we don't want mysql open to the internet, but it's socket bind settings are pretty abysmal
	# so set it to listen on * and then use iptables to block the public address
	iptables.append:
	- table: filter
	- chain: INPUT
	- jump: REJECT
	- dport: 3306
	- proto: tcp
	- in-interface: eth0