20200124

roles/consul-external/files/consul-external/bin/consul_replicate.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+#
+killall -9 consul-replicate
+cd /opt/consul-internal/bin/;./consul-replicate -prefix "device_info@consul-external_new" &>/dev/null &
+cd /opt/consul-internal/bin/;./consul-replicate -prefix "device_list@consul-external_new" &>/dev/null &
+cd /opt/consul-internal/bin/;./consul-replicate -prefix "tags@consul-external_new" &>/dev/null &

roles/consul-external/files/consul-external/etc/consul/config-server.json

@@ -0,0 +1,12 @@
+{
+	"server" : true,
+	"datacenter" : "consul-ADC01",
+	"data_dir" : "/var/consul-external",
+	"encrypt" : "h1fHoHnJ+n+764ObqTNVjw==",
+	"disable_update_check" : true,
+	"bootstrap" : true,
+	"log_file" : "/var/consul-external/log/consul_external.log",
+	"retry_join" : ["192.168.200.5"],
+	"retry_interval" : "10s"
+}
+

roles/consul-external/files/consul-external/etc/systemd/consul-server.service

@@ -0,0 +1,14 @@
+# Systemd unit file for default tomcat
+# 
+
+[Unit]
+Description=Consul-external
+After=network.target
+
+[Service]
+EnvironmentFile=/opt/consul-external/etc/systemd/consul.conf
+ExecStartPre=/opt/consul-external/script/consul_bind_ip_generate.sh
+ExecStart=/opt/consul-external/bin/consul agent -config-dir /opt/consul-external/etc/ -config-file /opt/consul-external/etc/consul/config-server.json -bind ${CONSUL_BIND_ADDRESS} -client 0.0.0.0
+
+[Install]
+WantedBy=multi-user.target

roles/consul-external/files/consul-external/install.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+rm -rf /usr/lib/systemd/system/consul*service
+rm -rf /usr/lib/systemd/system/consul*service
+rm -rf /var/consul*
+cp -f /opt/consul-external/etc/systemd/consul-server.service /usr/lib/systemd/system/consul-server-external.service
+
+ln -sf /opt/consul-external/script/consul_path_setup.sh /etc/profile.d/
+systemctl daemon-reload
+
+
+

roles/consul-external/files/consul-external/script/consul_bind_ip_generate.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+#BIND_ADDRESS=$(/usr/sbin/ip route | /usr/bin/grep default | head -n 1 | /usr/bin/awk '{print $5}' | /usr/bin/xargs ifconfig | /usr/bin/grep "inet" | /usr/bin/grep -v "inet6" | /usr/bin/awk '{print $2}')
+BIND_ADDRESS=$(ifconfig ens1.200 | grep inet | head -1 |awk '{print $2}')
+#BIND_ADDRESS=192.168.200.5
+systemctl set-environment CONSUL_BIND_ADDRESS=${BIND_ADDRESS}

roles/consul-external/files/consul-external/script/consul_path_setup.sh

@@ -0,0 +1,3 @@
+
+PATH=/opt/consul-external/bin:${PATH}
+export PATH

roles/consul-external/tasks/main.yml

@@ -0,0 +1,27 @@
+- name: "copy consul-external to destination server"
+  copy:
+    src: "{{ role_path }}/files/"
+    dest: /opt
+    mode: 0755
+  
+- name: "Template consul_bind_ip_generate.sh"
+  template: 
+    src: "{{ role_path }}/templates/consul_bind_ip_generate.sh.j2"
+    dest: /opt/consul-external/script/consul_bind_ip_generate.sh
+  tags: template
+
+- name: "Template config-server.json"
+  template: 
+    src: "{{ role_path }}/templates/config-server.json.j2"
+    dest: /opt/consul-external/etc/consul/config-server.json
+  tags: template
+
+- name: "Install consul-external"
+  shell: cd /opt/consul-external;sh install.sh
+
+- name: "Start consul-external"
+  systemd:
+    name: consul-server-external
+    state: restarted
+    enabled: yes
+    daemon_reload: yes

roles/consul-external/templates/config-server.json.j2

@@ -0,0 +1,12 @@
+{
+	"server" : true,
+	"datacenter" : "{{ consul.datacenter }}",
+	"data_dir" : "/var/consul-external",
+	"encrypt" : "{{ consul.dckey }}",
+	"disable_update_check" : true,
+	"bootstrap" : true,
+	"log_file" : "/var/consul-external/log/consul_external.log",
+	"retry_join" : ["{{ consul.cluster_ip }}"],
+	"retry_interval" : "10s"
+}
+

roles/consul-external/templates/consul_bind_ip_generate.sh.j2

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+BIND_ADDRESS=$(ifconfig {{ consul.external_ethname }} | grep inet | head -1 |awk '{print $2}')
+systemctl set-environment CONSUL_BIND_ADDRESS=${BIND_ADDRESS}

roles/consul-internal/files/consul-internal/etc/consul/config-client.json

@@ -0,0 +1,11 @@
+{
+	"server" : false,
+	"datacenter" : "consul-ADC01",
+	"data_dir" : "/var/consul-internal",
+	"encrypt" : "h1fHoHnJ+n+764ObqTNVjw==",
+	"disable_update_check" : true,
+	"log_level" : "err",
+	"log_file" : "/var/consul-internal/log/consul_internal.log",
+	"retry_join" : ["192.168.200.5"],
+	"retry_interval" : "10s"
+}

roles/consul-internal/files/consul-internal/etc/systemd/consul-client.service

@@ -0,0 +1,14 @@
+# Systemd unit file for default tomcat
+# 
+
+[Unit]
+Description=Consul-internal
+After=network.target
+
+[Service]
+EnvironmentFile=/opt/consul-internal/etc/systemd/consul.conf
+ExecStartPre=/opt/consul-internal/script/consul_bind_ip_generate.sh
+ExecStart=/opt/consul-internal/bin/consul agent -config-dir /opt/consul-internal/etc/ -config-file /opt/consul-internal/etc/consul/config-client.json -bind ${CONSUL_BIND_ADDRESS}
+
+[Install]
+WantedBy=multi-user.target

roles/consul-internal/files/consul-internal/install.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+rm -f /usr/lib/systemd/system/consul*service
+rm -f /usr/lib/systemd/system/consul*service
+cp -f /opt/consul-internal/etc/systemd/consul-client.service /usr/lib/systemd/system/consul-client-internal.service
+cp -f /opt/consul-internal/bin/consul /usr/bin/
+
+ln -sf /opt/consul-internal/script/consul_path_setup.sh /etc/profile.d/
+systemctl daemon-reload
+
+
+

roles/consul-internal/files/consul-internal/script/consul_bind_ip_generate.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+BIND_ADDRESS=$(ifconfig ens1.200 | grep inet | head -1 |awk '{print $2}')
+systemctl set-environment CONSUL_BIND_ADDRESS=${BIND_ADDRESS}

roles/consul-internal/files/consul-internal/script/consul_path_setup.sh

@@ -0,0 +1,3 @@
+
+PATH=/opt/consul-internal/bin:${PATH}
+export PATH

roles/consul-internal/tasks/main.yml

@@ -0,0 +1,27 @@
+- name: "copy consul-internal to destination server"
+  copy:
+    src: "{{ role_path }}/files/"
+    dest: /opt
+    mode: 0755
+  
+- name: "Template consul_bind_ip_generate.sh"
+  template: 
+    src: "{{ role_path }}/templates/consul_bind_ip_generate.sh.j2"
+    dest: /opt/consul-internal/script/consul_bind_ip_generate.sh
+  tags: template
+
+- name: "Template config-client.json"
+  template: 
+    src: "{{ role_path }}/templates/config-client.json.j2"
+    dest: /opt/consul-internal/etc/consul/config-client.json
+  tags: template
+
+- name: "Install consul-internal"
+  shell: cd /opt/consul-internal;sh install.sh
+
+- name: "Start consul-internal"
+  systemd:
+    name: consul-client-internal
+    state: restarted
+    enabled: yes
+    daemon_reload: yes

roles/consul-internal/templates/config-client.json.j2

@@ -0,0 +1,11 @@
+{
+	"server" : false,
+	"datacenter" : "{{ consul.datacenter }}",
+	"data_dir" : "/var/consul-internal",
+	"encrypt" : "{{ consul.dckey }}",
+	"disable_update_check" : true,
+	"log_level" : "err",
+	"log_file" : "/var/consul-internal/log/consul_internal.log",
+	"retry_join" : ["{{ server_ip }}"],
+	"retry_interval" : "10s"
+}

roles/consul-internal/templates/consul_bind_ip_generate.sh.j2

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+BIND_ADDRESS=$(ifconfig {{ consul.internal_ethname }} | grep inet | head -1 |awk '{print $2}')
+systemctl set-environment CONSUL_BIND_ADDRESS=${BIND_ADDRESS}

roles/mariadb/files/mariadb

@@ -0,0 +1,447 @@
+#!/bin/sh
+# Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron HB
+# This file is public domain and comes with NO WARRANTY of any kind
+
+# MariaDB daemon start/stop script.
+
+# Usually this is put in /etc/init.d (at least on machines SYSV R4 based
+# systems) and linked to /etc/rc3.d/S99mysql and /etc/rc0.d/K01mysql.
+# When this is done the mysql server will be started when the machine is
+# started and shut down when the systems goes down.
+
+# Comments to support chkconfig on RedHat Linux
+# chkconfig: 2345 64 36
+# description: A very fast and reliable SQL database engine.
+
+# Comments to support LSB init script conventions
+### BEGIN INIT INFO
+# Provides: mysql
+# Required-Start: $local_fs $network $remote_fs
+# Should-Start: ypbind nscd ldap ntpd xntpd
+# Required-Stop: $local_fs $network $remote_fs
+# Default-Start:  2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: start and stop MariaDB
+# Description: MariaDB is a very fast and reliable SQL database engine.
+### END INIT INFO
+
+# If you install MariaDB on some other places than /usr/local/mysql, then you
+# have to do one of the following things for this script to work:
+#
+# - Run this script from within the MariaDB installation directory
+# - Create a /etc/my.cnf file with the following information:
+#   [mysqld]
+#   basedir=<path-to-mysql-installation-directory>
+# - Add the above to any other configuration file (for example ~/.my.ini)
+#   and copy my_print_defaults to /usr/bin
+# - Add the path to the mysql-installation-directory to the basedir variable
+#   below.
+#
+# If you want to affect other MariaDB variables, you should make your changes
+# in the /etc/my.cnf, ~/.my.cnf or other MariaDB configuration files.
+
+# If you change base dir, you must also change datadir. These may get
+# overwritten by settings in the MariaDB configuration files.
+
+basedir='/home/database/mysql'
+datadir='/home/database/dbdata'
+
+# Default value, in seconds, afterwhich the script should timeout waiting
+# for server start.
+# Value here is overridden by value in my.cnf.
+# 0 means don't wait at all
+# Negative numbers mean to wait indefinitely
+service_startup_timeout=900
+
+# Lock directory for RedHat / SuSE.
+lockdir='/var/lock/subsys'
+lock_file_path="$lockdir/mysql"
+
+# The following variables are only set for letting mysql.server find things.
+
+# Set some defaults
+mysqld_pid_file_path=
+if test -z "$basedir"
+then
+  basedir=/usr/local/mysql
+  bindir=/usr/local/mysql/bin
+  if test -z "$datadir"
+  then
+    datadir=/usr/local/mysql/data
+  fi
+  sbindir=/usr/local/mysql/bin
+  libexecdir=/usr/local/mysql/bin
+else
+  bindir="$basedir/bin"
+  if test -z "$datadir"
+  then
+    datadir="$basedir/data"
+  fi
+  sbindir="$basedir/sbin"
+  if test -f "$basedir/bin/mysqld"
+  then
+    libexecdir="$basedir/bin"
+  else
+    libexecdir="$basedir/libexec"
+  fi
+fi
+
+# datadir_set is used to determine if datadir was set (and so should be
+# *not* set inside of the --basedir= handler.)
+datadir_set=
+
+#
+# Use LSB init script functions for printing messages, if possible
+#
+lsb_functions="/lib/lsb/init-functions"
+if test -f $lsb_functions ; then
+  . $lsb_functions
+else
+  # Include non-LSB RedHat init functions to make systemctl redirect work
+  init_functions="/etc/init.d/functions"
+  if test -f $init_functions; then
+    . $init_functions
+  fi
+  log_success_msg()
+  {
+    echo " SUCCESS! $@"
+  }
+  log_failure_msg()
+  {
+    echo " ERROR! $@"
+  }
+fi
+
+PATH="/sbin:/usr/sbin:/bin:/usr/bin:$basedir/bin"
+export PATH
+
+mode=$1    # start or stop
+
+[ $# -ge 1 ] && shift
+
+case `echo "testing\c"`,`echo -n testing` in
+    *c*,-n*) echo_n=   echo_c=     ;;
+    *c*,*)   echo_n=-n echo_c=     ;;
+    *)       echo_n=   echo_c='\c' ;;
+esac
+
+parse_server_arguments() {
+  for arg do
+    case "$arg" in
+      --basedir=*)  basedir=`echo "$arg" | sed -e 's/^[^=]*=//'`
+                    bindir="$basedir/bin"
+		    if test -z "$datadir_set"; then
+		      datadir="$basedir/data"
+		    fi
+		    sbindir="$basedir/sbin"
+                    if test -f "$basedir/bin/mysqld"
+                    then
+                      libexecdir="$basedir/bin"
+                    else
+                      libexecdir="$basedir/libexec"
+                    fi
+		    libexecdir="$basedir/libexec"
+        ;;
+      --datadir=*)  datadir=`echo "$arg" | sed -e 's/^[^=]*=//'`
+		    datadir_set=1
+	;;
+      --log-basename=*|--hostname=*|--loose-log-basename=*)
+        mysqld_pid_file_path=`echo "$arg.pid" | sed -e 's/^[^=]*=//'`
+	;;
+      --pid-file=*) mysqld_pid_file_path=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
+      --service-startup-timeout=*) service_startup_timeout=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
+    esac
+  done
+}
+
+# Get arguments from the my.cnf file,
+# the only group, which is read from now on is [mysqld]
+if test -x "$bindir/my_print_defaults";  then
+  print_defaults="$bindir/my_print_defaults"
+else
+  # Try to find basedir in /etc/my.cnf
+  conf=/etc/mysql/my.cnf/my-huge.cnf
+  print_defaults=
+  if test -r $conf
+  then
+    subpat='^[^=]*basedir[^=]*=\(.*\)$'
+    dirs=`sed -e "/$subpat/!d" -e 's//\1/' $conf`
+    for d in $dirs
+    do
+      d=`echo $d | sed -e 's/[ 	]//g'`
+      if test -x "$d/bin/my_print_defaults"
+      then
+        print_defaults="$d/bin/my_print_defaults"
+        break
+      fi
+    done
+  fi
+
+  # Hope it's in the PATH ... but I doubt it
+  test -z "$print_defaults" && print_defaults="my_print_defaults"
+fi
+
+#
+# Read defaults file from 'basedir'.   If there is no defaults file there
+# check if it's in the old (depricated) place (datadir) and read it from there
+#
+
+extra_args=""
+if test -r "$basedir/my.cnf"
+then
+  extra_args="-e $basedir/my.cnf"
+else
+  if test -r "$datadir/my.cnf"
+  then
+    extra_args="-e $datadir/my.cnf"
+  fi
+fi
+
+parse_server_arguments `$print_defaults $extra_args --mysqld mysql.server`
+parse_server_arguments "$@"
+
+# wait for the pid file to disappear
+wait_for_gone () {
+  pid="$1"           # process ID of the program operating on the pid-file
+  pid_file_path="$2" # path to the PID file.
+
+  i=0
+  crash_protection="by checking again"
+
+  while test $i -ne $service_startup_timeout ; do
+
+    if kill -0 "$pid" 2>/dev/null; then
+      :  # the server still runs
+    else
+      if test ! -s "$pid_file_path"; then
+        # no server process and no pid-file? great, we're done!
+        log_success_msg
+        return 0
+      fi
+
+      # pid-file exists, the server process doesn't.
+      # it must've crashed, and mysqld_safe will restart it
+      if test -n "$crash_protection"; then
+        crash_protection=""
+        sleep 5
+        continue  # Check again.
+      fi
+
+      # Cannot help it
+      log_failure_msg "The server quit without updating PID file ($pid_file_path)."
+      return 1  # not waiting any more.
+    fi
+
+    echo $echo_n ".$echo_c"
+    i=`expr $i + 1`
+    sleep 1
+
+  done
+
+  log_failure_msg
+  return 1
+}
+
+wait_for_ready () {
+
+  i=0
+  while test $i -ne $service_startup_timeout ; do
+
+    if $bindir/mysqladmin ping >/dev/null 2>&1; then
+      log_success_msg
+      return 0
+    elif kill -0 $! 2>/dev/null ; then
+      :  # mysqld_safe is still running
+    else
+      # mysqld_safe is no longer running, abort the wait loop
+      break
+    fi
+
+    echo $echo_n ".$echo_c"
+    i=`expr $i + 1`
+    sleep 1
+
+  done
+
+  log_failure_msg
+  return 1
+}
+#
+# Set pid file if not given
+#
+if test -z "$mysqld_pid_file_path"
+then
+  mysqld_pid_file_path=$datadir/`hostname`.pid
+else
+  case "$mysqld_pid_file_path" in
+    /* ) ;;
+    * )  mysqld_pid_file_path="$datadir/$mysqld_pid_file_path" ;;
+  esac
+fi
+
+# source other config files
+[ -f /etc/default/mysql ] && . /etc/default/mysql
+[ -f /etc/sysconfig/mysql ] && . /etc/sysconfig/mysql
+[ -f /etc/conf.d/mysql ] && . /etc/conf.d/mysql
+
+case "$mode" in
+  'start')
+    # Start daemon
+
+    # Safeguard (relative paths, core dumps..)
+    cd $basedir
+
+    echo $echo_n "Starting MariaDB"
+    if test -x $bindir/mysqld_safe
+    then
+      # Give extra arguments to mysqld with the my.cnf file. This script
+      # may be overwritten at next upgrade.
+      $bindir/mysqld_safe --datadir=/home/database/dbdata --basedir=/home/database/mysql --user=mysql --pid-file="$mysqld_pid_file_path" "$@" &
+      wait_for_ready; return_value=$?
+
+      # Make lock for RedHat / SuSE
+      if test -w "$lockdir"
+      then
+        touch "$lock_file_path"
+      fi
+
+      exit $return_value
+    else
+      log_failure_msg "Couldn't find MariaDB server ($bindir/mysqld_safe)"
+    fi
+    ;;
+
+  'stop')
+    # Stop daemon. We use a signal here to avoid having to know the
+    # root password.
+
+    if test -s "$mysqld_pid_file_path"
+    then
+      mysqld_pid=`cat "$mysqld_pid_file_path"`
+
+      if (kill -0 $mysqld_pid 2>/dev/null)
+      then
+        echo $echo_n "Shutting down MariaDB"
+        kill $mysqld_pid
+        # mysqld should remove the pid file when it exits, so wait for it.
+        wait_for_gone $mysqld_pid "$mysqld_pid_file_path"; return_value=$?
+      else
+        log_failure_msg "MariaDB server process #$mysqld_pid is not running!"
+        rm "$mysqld_pid_file_path"
+      fi
+
+      # Delete lock for RedHat / SuSE
+      if test -f "$lock_file_path"
+      then
+        rm -f "$lock_file_path"
+      fi
+      exit $return_value
+    else
+      log_failure_msg "MariaDB server PID file could not be found!"
+    fi
+    ;;
+
+  'restart')
+    # Stop the service and regardless of whether it was
+    # running or not, start it again.
+    if $0 stop  "$@"; then
+      if ! $0 start "$@"; then
+        log_failure_msg "Failed to restart server."
+        exit 1
+      fi
+    else
+      log_failure_msg "Failed to stop running server, so refusing to try to start."
+      exit 1
+    fi
+    ;;
+
+  'reload'|'force-reload')
+    if test -s "$mysqld_pid_file_path" ; then
+      read mysqld_pid <  "$mysqld_pid_file_path"
+      kill -HUP $mysqld_pid && log_success_msg "Reloading service MariaDB"
+      touch "$mysqld_pid_file_path"
+    else
+      log_failure_msg "MariaDB PID file could not be found!"
+      exit 1
+    fi
+    ;;
+  'status')
+    # First, check to see if pid file exists
+    if test -s "$mysqld_pid_file_path" ; then
+      read mysqld_pid < "$mysqld_pid_file_path"
+      if kill -0 $mysqld_pid 2>/dev/null ; then
+        log_success_msg "MariaDB running ($mysqld_pid)"
+        exit 0
+      else
+        log_failure_msg "MariaDB is not running, but PID file exists"
+        exit 1
+      fi
+    else
+      # Try to find appropriate mysqld process
+      mysqld_pid=`pgrep $libexecdir/mysqld`
+
+      # test if multiple pids exist
+      pid_count=`echo $mysqld_pid | wc -w`
+      if test $pid_count -gt 1 ; then
+        log_failure_msg "Multiple MariaDB running but PID file could not be found ($mysqld_pid)"
+        exit 5
+      elif test -z $mysqld_pid ; then
+        if test -f "$lock_file_path" ; then
+          log_failure_msg "MariaDB is not running, but lock file ($lock_file_path) exists"
+          exit 2
+        fi
+        log_failure_msg "MariaDB is not running"
+        exit 3
+      else
+        log_failure_msg "MariaDB is running but PID file could not be found"
+        exit 4
+      fi
+    fi
+    ;;
+  'configtest')
+    # Safeguard (relative paths, core dumps..)
+    cd $basedir
+    echo $echo_n "Testing MariaDB configuration syntax"
+    daemon=$bindir/mysqld
+    if test -x $libexecdir/mysqld
+    then
+      daemon=$libexecdir/mysqld
+    elif test -x $sbindir/mysqld
+    then
+      daemon=$sbindir/mysqld
+    elif test -x `which mysqld`
+    then
+      daemon=`which mysqld`
+    else
+      log_failure_msg "Unable to locate the mysqld binary!"
+      exit 1
+    fi
+    help_out=`$daemon --help 2>&1`; r=$?
+    if test "$r" != 0 ; then
+      log_failure_msg "$help_out"
+      log_failure_msg "There are syntax errors in the server configuration. Please fix them!"
+    else
+      log_success_msg "Syntax OK"
+    fi
+    exit $r
+    ;;
+  'bootstrap')
+      if test "$_use_systemctl" == 1 ; then
+        log_failure_msg "Please use galera_new_cluster to start the mariadb service with --wsrep-new-cluster"
+        exit 1
+      fi
+      # Bootstrap the cluster, start the first node
+      # that initiate the cluster
+      echo $echo_n "Bootstrapping the cluster.. "
+      $0 start $other_args --wsrep-new-cluster
+      exit $?
+      ;;
+  *)
+      # usage
+      basename=`basename "$0"`
+      echo "Usage: $basename  {start|stop|restart|reload|force-reload|status|configtest|bootstrap}  [ MariaDB server options ]"
+      exit 1
+    ;;
+esac
+
+exit 0

roles/mariadb/files/mariadb.service

@@ -0,0 +1,12 @@
+[Unit]
+Requires=network.target
+After=network.target
+
+[Service]
+ExecStart=/etc/init.d/mariadb start
+ExecStop=/etc/init.d/mariadb stop
+Type=oneshot
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

roles/mariadb/tasks/main.yml

@@ -0,0 +1,105 @@
+- name: "del mysql user"
+  user:
+    name: mysql
+    state: absent
+    remove: yes
+
+- name: "del mariadb|mysql"
+  yum:
+    name: mysql
+    state: removed
+  yum:
+    name: mariadb
+    state: removed
+
+- name: "copy mysql.zip"
+  synchronize:
+    src: "{{ role_path }}/files/"
+    dest: "/tmp/"
+
+- name: "add mysql user"
+  shell: useradd mysql -s /sbin/nologin -M
+
+- name: "mkdir /home/database/"
+  file:
+    path: /home/database
+    state: directory
+
+- name: "mkdir /home/database/dbdata/"
+  file:
+    path: /home/database/dbdata
+    state: directory
+    owner: mysql
+    group: mysql
+
+- name: "mkdir /var/lib/mysql/"
+  file:
+    path: /var/lib/mysql/
+    state: directory
+    owner: mysql
+    group: mysql
+    mode: 1777
+
+- name: "mkdir /etc/mysql/"
+  file:
+    path: /etc/mysql/
+    state: directory
+
+- name: "mkdir /var/log/mariadb/"
+  file:
+    path: /var/log/mariadb/
+    state: directory
+
+- name: "set /tmp permission 1777"
+  shell: chmod 1777 /tmp
+
+- name: "unarchive mariadb"
+  unarchive:
+    src: "/tmp/mysql.zip"
+    dest: "/home/database/"
+    copy: no
+
+- name: "install libaio-devel"
+  yum:
+    name:
+      - /tmp/libaio-devel-0.3.109-13.el7.x86_64.rpm
+    state: present
+
+- name: "init mariadb"
+  shell: cd /home/database/mysql/scripts;./mysql_install_db --basedir=/home/database/mysql --datadir=/home/database/dbdata --user=mysql
+
+- name: "set my.cnf"
+  shell: cd /home/database/mysql/support-files;cp my-huge.cnf /etc/mysql/my.cnf
+
+- name: "copy mariadb"
+  copy:
+    src: "{{ role_path }}/files/mariadb"
+    dest: "/etc/init.d/"
+    mode: 0755
+
+- name: "copy mariadb.service"
+  copy:
+    src: "{{ role_path }}/files/mariadb.service"
+    dest: "/usr/lib/systemd/system/"
+    mode: 0755
+
+- name: "copy mysql"
+  shell: cp -rf /home/database/mysql/bin/mysql /usr/local/bin
+
+- name: "copy mysqladmin"
+  shell: cp -rf /home/database/mysql/bin/mysqladmin /usr/local/bin
+
+- name: "start and enable mariadb"
+  systemd:
+    name: mariadb
+    state: restarted
+    enabled: yes
+    daemon_reload: yes
+
+- name: "set mariadb password"
+  shell: mysqladmin password {{ mariadb.password }}
+
+- name: "set mariadb privileges"
+  shell: mysql -uroot -p{{ mariadb.password }} -e "grant all privileges on *.* to root@'%' identified by '111111' with grant option;"
+  shell: mysql -uroot -p{{ mariadb.password }} -e "flush privileges;"
+