From effef2b165ca203e78de996893738c701df39bfd Mon Sep 17 00:00:00 2001 From: joglomedia Date: Fri, 12 Jul 2019 21:05:36 +0700 Subject: [PATCH] Update MariaDB installer --- lemper.sh | 6 + mysql/conf.d/mariadb.cnf | 17 ++ mysql/conf.d/mysqld_safe_syslog.cnf | 3 + mysql/conf.d/tokudb.cnf | 9 + mysql/conf.d/tokudb.cnf.dpkg-new | 9 + mysql/debian-start | 42 +++++ mysql/debian.cnf | 1 + mysql/mariadb.cnf | 19 +++ mysql/mariadb.conf.d/50-client.cnf | 25 +++ mysql/mariadb.conf.d/50-mysql-clients.cnf | 24 +++ mysql/mariadb.conf.d/50-mysqld_safe.cnf | 30 ++++ mysql/mariadb.conf.d/50-server.cnf | 134 +++++++++++++++ mysql/my.cnf | 190 ++++++++++++++++++++++ scripts/install_mariadb.sh | 56 +++++-- 14 files changed, 550 insertions(+), 15 deletions(-) create mode 100644 mysql/conf.d/mariadb.cnf create mode 100644 mysql/conf.d/mysqld_safe_syslog.cnf create mode 100644 mysql/conf.d/tokudb.cnf create mode 100644 mysql/conf.d/tokudb.cnf.dpkg-new create mode 100755 mysql/debian-start create mode 100644 mysql/debian.cnf create mode 100644 mysql/mariadb.cnf create mode 100644 mysql/mariadb.conf.d/50-client.cnf create mode 100644 mysql/mariadb.conf.d/50-mysql-clients.cnf create mode 100644 mysql/mariadb.conf.d/50-mysqld_safe.cnf create mode 100644 mysql/mariadb.conf.d/50-server.cnf create mode 100644 mysql/my.cnf diff --git a/lemper.sh b/lemper.sh index bca6169..94d1fa4 100755 --- a/lemper.sh +++ b/lemper.sh @@ -225,6 +225,12 @@ case $1 in if [ -d /etc/nginx/modules-enabled ]; then run rm -fr /etc/nginx/modules-enabled fi + + # Delete lemper account from PageSpeed admin + if [ -f /srv/.htpasswd ]; then + #run rm -f /srv/.htpasswd' + sed -i "/^lemper:/d" /srv/.htpasswd + fi fi echo -n "Completely remove Nginx configuration files (this action is not reversible)? [y/n]: " diff --git a/mysql/conf.d/mariadb.cnf b/mysql/conf.d/mariadb.cnf new file mode 100644 index 0000000..927e9d1 --- /dev/null +++ b/mysql/conf.d/mariadb.cnf @@ -0,0 +1,17 @@ +# MariaDB-specific config file. +# Read by /etc/mysql/my.cnf + +[client] +# Default is Latin1, if you need UTF-8 set this (also in server section) +#default-character-set = utf8 + +[mysqld] +# +# * Character sets +# +# Default is Latin1, if you need UTF-8 set all this (also in client section) +# +#character-set-server = utf8 +#collation-server = utf8_general_ci +#character_set_server = utf8 +#collation_server = utf8_general_ci diff --git a/mysql/conf.d/mysqld_safe_syslog.cnf b/mysql/conf.d/mysqld_safe_syslog.cnf new file mode 100644 index 0000000..08984c1 --- /dev/null +++ b/mysql/conf.d/mysqld_safe_syslog.cnf @@ -0,0 +1,3 @@ +[mysqld_safe] +skip_log_error +syslog diff --git a/mysql/conf.d/tokudb.cnf b/mysql/conf.d/tokudb.cnf new file mode 100644 index 0000000..f94a128 --- /dev/null +++ b/mysql/conf.d/tokudb.cnf @@ -0,0 +1,9 @@ +[mariadb] +# See https://mariadb.com/kb/en/how-to-enable-tokudb-in-mariadb/ +# for instructions how to enable TokuDB +# +# See https://mariadb.com/kb/en/tokudb-differences/ for differences +# between TokuDB in MariaDB and TokuDB from http://www.tokutek.com/ + +#plugin-load-add=ha_tokudb.so + diff --git a/mysql/conf.d/tokudb.cnf.dpkg-new b/mysql/conf.d/tokudb.cnf.dpkg-new new file mode 100644 index 0000000..f94a128 --- /dev/null +++ b/mysql/conf.d/tokudb.cnf.dpkg-new @@ -0,0 +1,9 @@ +[mariadb] +# See https://mariadb.com/kb/en/how-to-enable-tokudb-in-mariadb/ +# for instructions how to enable TokuDB +# +# See https://mariadb.com/kb/en/tokudb-differences/ for differences +# between TokuDB in MariaDB and TokuDB from http://www.tokutek.com/ + +#plugin-load-add=ha_tokudb.so + diff --git a/mysql/debian-start b/mysql/debian-start new file mode 100755 index 0000000..7940bbe --- /dev/null +++ b/mysql/debian-start @@ -0,0 +1,42 @@ +#!/bin/bash +# +# This script is executed by "/etc/init.d/mysql" on every (re)start. +# +# Changes to this file will be preserved when updating the Debian package. +# +# NOTE: This file is read only by the traditional SysV init script, not systemd. +# + +source /usr/share/mysql/debian-start.inc.sh + +if [ -f /etc/default/mysql ]; then + . /etc/default/mysql +fi + +MYSQL="/usr/bin/mysql --defaults-file=/etc/mysql/debian.cnf" +MYADMIN="/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf" +MYUPGRADE="/usr/bin/mysql_upgrade --defaults-extra-file=/etc/mysql/debian.cnf --version-check" +MYCHECK="/usr/bin/mysqlcheck --defaults-file=/etc/mysql/debian.cnf" +MYCHECK_SUBJECT="WARNING: mysqlcheck has found corrupt tables" +MYCHECK_PARAMS="--all-databases --fast --silent" +MYCHECK_RCPT="${MYCHECK_RCPT:-root}" + +## Checking for corrupt, not cleanly closed (only for MyISAM and Aria engines) and upgrade needing tables. + +# The following commands should be run when the server is up but in background +# where they do not block the server start and in one shell instance so that +# they run sequentially. They are supposed not to echo anything to stdout. +# If you want to disable the check for crashed tables comment +# "check_for_crashed_tables" out. +# (There may be no output to stdout inside the background process!) + +# Need to ignore SIGHUP, as otherwise a SIGHUP can sometimes abort the upgrade +# process in the middle. +trap "" SIGHUP +( + upgrade_system_tables_if_necessary; + check_root_accounts; + check_for_crashed_tables; +) >&2 & + +exit 0 diff --git a/mysql/debian.cnf b/mysql/debian.cnf new file mode 100644 index 0000000..b7444b1 --- /dev/null +++ b/mysql/debian.cnf @@ -0,0 +1 @@ +# Automatically generated for Debian scripts. DO NOT TOUCH! diff --git a/mysql/mariadb.cnf b/mysql/mariadb.cnf new file mode 100644 index 0000000..da21212 --- /dev/null +++ b/mysql/mariadb.cnf @@ -0,0 +1,19 @@ +# MariaDB-specific config file. +# Read by /etc/mysql/my.cnf + +[client] +# Default is Latin1, if you need UTF-8 set this (also in server section) +#default-character-set = utf8 + +[mysqld] +# +# * Character sets +# +# Default is Latin1, if you need UTF-8 set all this (also in client section) +# +#character-set-server = utf8 +#collation-server = utf8_general_ci +#character_set_server = utf8 +#collation_server = utf8_general_ci +# Import all .cnf files from configuration directory +!includedir /etc/mysql/mariadb.conf.d/ diff --git a/mysql/mariadb.conf.d/50-client.cnf b/mysql/mariadb.conf.d/50-client.cnf new file mode 100644 index 0000000..b509f19 --- /dev/null +++ b/mysql/mariadb.conf.d/50-client.cnf @@ -0,0 +1,25 @@ +# +# This group is read by the client library +# Use it for options that affect all clients, but not the server +# + +[client] +# Default is Latin1, if you need UTF-8 set this (also in server section) +default-character-set = utf8mb4 + +# socket location +socket = /var/run/mysqld/mysqld.sock + +# Example of client certificate usage +# ssl-cert=/etc/mysql/client-cert.pem +# ssl-key=/etc/mysql/client-key.pem +# +# Allow only TLS encrypted connections +# ssl-verify-server-cert=on + +# This group is *never* read by mysql client library, though this +# /etc/mysql/mariadb.cnf.d/client.cnf file is not read by Oracle MySQL +# client anyway. +# If you use the same .cnf file for MySQL and MariaDB, +# use it for MariaDB-only client options +[client-mariadb] diff --git a/mysql/mariadb.conf.d/50-mysql-clients.cnf b/mysql/mariadb.conf.d/50-mysql-clients.cnf new file mode 100644 index 0000000..55cfda2 --- /dev/null +++ b/mysql/mariadb.conf.d/50-mysql-clients.cnf @@ -0,0 +1,24 @@ +# +# These groups are read by MariaDB command-line tools +# Use it for options that affect only one utility +# + +[mysql] +# Default is Latin1, if you need UTF-8 set this (also in server section) +default-character-set = utf8mb4 + +[mysql_upgrade] + +[mysqladmin] + +[mysqlbinlog] + +[mysqlcheck] + +[mysqldump] + +[mysqlimport] + +[mysqlshow] + +[mysqlslap] diff --git a/mysql/mariadb.conf.d/50-mysqld_safe.cnf b/mysql/mariadb.conf.d/50-mysqld_safe.cnf new file mode 100644 index 0000000..141d51f --- /dev/null +++ b/mysql/mariadb.conf.d/50-mysqld_safe.cnf @@ -0,0 +1,30 @@ +# NOTE: This file is read only by the traditional SysV init script, not systemd. +# MariaDB systemd does _not_ utilize mysqld_safe nor read this file. +# +# For similar behaviour, systemd users should create the following file: +# /etc/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf +# +# To achieve the same result as the default 50-mysqld_safe.cnf, please create +# /etc/systemd/system/mariadb.service.d/migrated-from-my.cnf-settings.conf +# with the following contents: +# +# [Service] +# User=mysql +# StandardOutput=syslog +# StandardError=syslog +# SyslogFacility=daemon +# SyslogLevel=err +# SyslogIdentifier=mysqld +# +# For more information, please read https://mariadb.com/kb/en/mariadb/systemd/ +# + +[mysqld_safe] +# This will be passed to all mysql clients +# It has been reported that passwords should be enclosed with ticks/quotes +# especially if they contain "#" chars... +# Remember to edit /etc/mysql/debian.cnf when changing the socket location. +socket = /var/run/mysqld/mysqld.sock +nice = 0 +skip_log_error +syslog diff --git a/mysql/mariadb.conf.d/50-server.cnf b/mysql/mariadb.conf.d/50-server.cnf new file mode 100644 index 0000000..ee30148 --- /dev/null +++ b/mysql/mariadb.conf.d/50-server.cnf @@ -0,0 +1,134 @@ +# +# These groups are read by MariaDB server. +# Use it for options that only the server (but not clients) should see +# +# See the examples of server my.cnf files in /usr/share/mysql/ +# + +# this is read by the standalone daemon and embedded servers +[server] + +# this is only for the mysqld standalone daemon +[mysqld] + +# +# * Basic Settings +# +user = mysql +pid-file = /var/run/mysqld/mysqld.pid +socket = /var/run/mysqld/mysqld.sock +port = 3306 +basedir = /usr +datadir = /var/lib/mysql +tmpdir = /tmp +lc-messages-dir = /usr/share/mysql +skip-external-locking + +# Instead of skip-networking the default is now to listen only on +# localhost which is more compatible and is not less secure. +bind-address = 127.0.0.1 + +# +# * Fine Tuning +# +key_buffer_size = 16M +max_allowed_packet = 16M +thread_stack = 192K +thread_cache_size = 8 +# This replaces the startup script and checks MyISAM tables if needed +# the first time they are touched +myisam_recover_options = BACKUP +#max_connections = 100 +#table_cache = 64 +#thread_concurrency = 10 + +# +# * Query Cache Configuration +# +query_cache_limit = 1M +query_cache_size = 16M + +# +# * Logging and Replication +# +# Both location gets rotated by the cronjob. +# Be aware that this log type is a performance killer. +# As of 5.1 you can enable the log at runtime! +#general_log_file = /var/log/mysql/mysql.log +#general_log = 1 +# +# Error log - should be very few entries. +# +log_error = /var/log/mysql/error.log +# +# Enable the slow query log to see queries with especially long duration +#slow_query_log_file = /var/log/mysql/mariadb-slow.log +#long_query_time = 10 +#log_slow_rate_limit = 1000 +#log_slow_verbosity = query_plan +#log-queries-not-using-indexes +# +# The following can be used as easy to replay backup logs or for replication. +# note: if you are setting up a replication slave, see README.Debian about +# other settings you may need to change. +#server-id = 1 +#log_bin = /var/log/mysql/mysql-bin.log +expire_logs_days = 10 +max_binlog_size = 100M +#binlog_do_db = include_database_name +#binlog_ignore_db = exclude_database_name + +# +# * InnoDB +# +# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. +# Read the manual for more InnoDB related options. There are many! + +# +# * Security Features +# +# Read the manual, too, if you want chroot! +# chroot = /var/lib/mysql/ +# +# For generating SSL certificates you can use for example the GUI tool "tinyca". +# +# ssl-ca=/etc/mysql/cacert.pem +# ssl-cert=/etc/mysql/server-cert.pem +# ssl-key=/etc/mysql/server-key.pem +# +# Accept only connections using the latest and most secure TLS protocol version. +# ..when MariaDB is compiled with OpenSSL: +# ssl-cipher=TLSv1.2 +# ..when MariaDB is compiled with YaSSL (default in Debian): +# ssl=on + +# +# * Character sets +# +# MySQL/MariaDB default is Latin1, but in Debian we rather default to the full +# utf8 4-byte character set. See also client.cnf +# +character-set-server = utf8mb4 +collation-server = utf8mb4_general_ci + +# +# * Unix socket authentication plugin is built-in since 10.0.22-6 +# +# Needed so the root database user can authenticate without a password but +# only when running as the unix root user. +# +# Also available for other users if required. +# See https://mariadb.com/kb/en/unix_socket-authentication-plugin/ + +# this is only for embedded server +[embedded] + +# This group is only read by MariaDB servers, not by MySQL. +# If you use the same .cnf file for MySQL and MariaDB, +# you can put MariaDB-only options here +[mariadb] + +# This group is only read by MariaDB-10.1 servers. +# If you use the same .cnf file for MariaDB of different versions, +# use this group for options that older servers don't understand +[mariadb-10.1] diff --git a/mysql/my.cnf b/mysql/my.cnf new file mode 100644 index 0000000..91a159e --- /dev/null +++ b/mysql/my.cnf @@ -0,0 +1,190 @@ +# MariaDB database server configuration file. +# +# You can copy this file to one of: +# - "/etc/mysql/my.cnf" to set global options, +# - "~/.my.cnf" to set user-specific options. +# +# One can use all long options that the program supports. +# Run program with --help to get a list of available options and with +# --print-defaults to see which it would actually understand and use. +# +# For explanations see +# http://dev.mysql.com/doc/mysql/en/server-system-variables.html + +# This will be passed to all mysql clients +# It has been reported that passwords should be enclosed with ticks/quotes +# escpecially if they contain "#" chars... +# Remember to edit /etc/mysql/debian.cnf when changing the socket location. +[client] +port = 3306 +socket = /var/run/mysqld/mysqld.sock + +# Here is entries for some specific programs +# The following values assume you have at least 32M ram + +# This was formally known as [safe_mysqld]. Both versions are currently parsed. +[mysqld_safe] +socket = /var/run/mysqld/mysqld.sock +nice = 0 + +[mysqld] +# +# * Basic Settings +# +user = mysql +pid-file = /var/run/mysqld/mysqld.pid +socket = /var/run/mysqld/mysqld.sock +port = 3306 +basedir = /usr +datadir = /var/lib/mysql +tmpdir = /tmp +lc_messages_dir = /usr/share/mysql +lc_messages = en_US +skip-external-locking +# +# Instead of skip-networking the default is now to listen only on +# localhost which is more compatible and is not less secure. +bind-address = 127.0.0.1 +# +# * Fine Tuning +# +max_connections = 100 +connect_timeout = 5 +wait_timeout = 600 +max_allowed_packet = 16M +thread_cache_size = 128 +sort_buffer_size = 4M +bulk_insert_buffer_size = 16M +tmp_table_size = 32M +max_heap_table_size = 32M +# +# * MyISAM +# +# This replaces the startup script and checks MyISAM tables if needed +# the first time they are touched. On error, make copy and try a repair. +myisam_recover_options = BACKUP +key_buffer_size = 128M +#open-files-limit = 2000 +table_open_cache = 400 +myisam_sort_buffer_size = 512M +concurrent_insert = 2 +read_buffer_size = 2M +read_rnd_buffer_size = 1M +# +# * Query Cache Configuration +# +# Cache only tiny result sets, so we can fit more in the query cache. +query_cache_limit = 128K +query_cache_size = 64M +# for more write intensive setups, set to DEMAND or OFF +#query_cache_type = DEMAND +# +# * Logging and Replication +# +# Both location gets rotated by the cronjob. +# Be aware that this log type is a performance killer. +# As of 5.1 you can enable the log at runtime! +#general_log_file = /var/log/mysql/mysql.log +#general_log = 1 +# +# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf. +# +# we do want to know about network errors and such +log_warnings = 2 +# +# Enable the slow query log to see queries with especially long duration +#slow_query_log[={0|1}] +slow_query_log_file = /var/log/mysql/mariadb-slow.log +long_query_time = 10 +#log_slow_rate_limit = 1000 +log_slow_verbosity = query_plan + +#log-queries-not-using-indexes +#log_slow_admin_statements +# +# The following can be used as easy to replay backup logs or for replication. +# note: if you are setting up a replication slave, see README.Debian about +# other settings you may need to change. +#server-id = 1 +#report_host = master1 +#auto_increment_increment = 2 +#auto_increment_offset = 1 +log_bin = /var/log/mysql/mariadb-bin +log_bin_index = /var/log/mysql/mariadb-bin.index +# not fab for performance, but safer +#sync_binlog = 1 +expire_logs_days = 10 +max_binlog_size = 100M +# slaves +#relay_log = /var/log/mysql/relay-bin +#relay_log_index = /var/log/mysql/relay-bin.index +#relay_log_info_file = /var/log/mysql/relay-bin.info +#log_slave_updates +#read_only +# +# If applications support it, this stricter sql_mode prevents some +# mistakes like inserting invalid dates etc. +#sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL +# +# * InnoDB +# +# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. +# Read the manual for more InnoDB related options. There are many! +default_storage_engine = InnoDB +# you can't just change log file size, requires special procedure +#innodb_log_file_size = 50M +innodb_buffer_pool_size = 256M +innodb_log_buffer_size = 8M +innodb_file_per_table = 1 +innodb_open_files = 400 +innodb_io_capacity = 400 +innodb_flush_method = O_DIRECT +# +# * Security Features +# +# Read the manual, too, if you want chroot! +# chroot = /var/lib/mysql/ +# +# For generating SSL certificates I recommend the OpenSSL GUI "tinyca". +# +# ssl-ca=/etc/mysql/cacert.pem +# ssl-cert=/etc/mysql/server-cert.pem +# ssl-key=/etc/mysql/server-key.pem + +# +# * Galera-related settings +# +[galera] +# Mandatory settings +#wsrep_on=ON +#wsrep_provider= +#wsrep_cluster_address= +#binlog_format=row +#default_storage_engine=InnoDB +#innodb_autoinc_lock_mode=2 +# +# Allow server to accept connections on all interfaces. +# +#bind-address=0.0.0.0 +# +# Optional setting +#wsrep_slave_threads=1 +#innodb_flush_log_at_trx_commit=0 + +[mysqldump] +quick +quote-names +max_allowed_packet = 16M + +[mysql] +#no-auto-rehash # faster start of mysql but no tab completion + +[isamchk] +key_buffer = 16M + +# +# * IMPORTANT: Additional settings that can override those from this file! +# The files must end with '.cnf', otherwise they'll be ignored. +# +!include /etc/mysql/mariadb.cnf +!includedir /etc/mysql/conf.d/ diff --git a/scripts/install_mariadb.sh b/scripts/install_mariadb.sh index 273cedc..4b6d9fe 100755 --- a/scripts/install_mariadb.sh +++ b/scripts/install_mariadb.sh @@ -16,30 +16,56 @@ function init_mariadb_install() { echo "" echo "Installing MariaDB (MySQL) database server..." - # Install MariaDB - run apt-get install -y mariadb-server libmariadbclient18 + echo "" + while [[ $INSTALL_MYSQL != "y" && $INSTALL_MYSQL != "n" ]]; do + read -p "Do you want to install MariaDB (MySQL) server? [y/n]: " -e INSTALL_MYSQL + done - # Fix MySQL error? - # Ref: https://serverfault.com/questions/104014/innodb-error-log-file-ib-logfile0-is-of-different-size - #service mysql stop - #mv /var/lib/mysql/ib_logfile0 /var/lib/mysql/ib_logfile0.bak - #mv /var/lib/mysql/ib_logfile1 /var/lib/mysql/ib_logfile1.bak - #service mysql start + if [[ "$INSTALL_MYSQL" == Y* || "$INSTALL_MYSQL" == y* ]]; then + # Install MariaDB + run apt-get install -y mariadb-server libmariadbclient18 >> lemper.log 2>&1 - # MySQL Secure Install - run mysql_secure_installation + # Fix MySQL error? + # Ref: https://serverfault.com/questions/104014/innodb-error-log-file-ib-logfile0-is-of-different-size + #service mysql stop + #mv /var/lib/mysql/ib_logfile0 /var/lib/mysql/ib_logfile0.bak + #mv /var/lib/mysql/ib_logfile1 /var/lib/mysql/ib_logfile1.bak + #service mysql start + if [[ -n $(which mysql) ]]; then + if [ ! -f /etc/mysql/my.cnf ]; then + run cp -f mysql/my.cnf /etc/mysql/ + fi + if [ ! -f /etc/mysql/mariadb.cnf ]; then + run cp -f mysql/mariadb.cnf /etc/mysql/ + fi + if [ ! -f /etc/mysql/debian.cnf ]; then + run cp -f mysql/debian.cnf /etc/mysql/ + fi + if [ ! -f /etc/mysql/debian-start ]; then + run cp -f mysql/debian-start /etc/mysql/ + run chmod +x /etc/mysql/debian-start + fi - # Restart MariaDB MySQL server - if [[ $(ps -ef | grep -v grep | grep mysql | wc -l) > 0 ]]; then - run service mysql restart - status -e "\nMariaDB (MySQL) database server installed successfully." + # Restart MariaDB + run systemctl restart mariadb.service + + # MySQL Secure Install + run mysql_secure_installation + fi + + # Restart MariaDB MySQL server + if [[ $(ps -ef | grep -v grep | grep mysql | wc -l) > 0 ]]; then + status -e "\nMariaDB (MySQL) database server installed successfully." + else + warning -e "\nSomething went wrong with MariaDB (MySQL) installation." + fi fi } # Start running things from a call at the end so if this script is executed # after a partial download it doesn't do anything. if [[ -n $(which mysql) ]]; then - warning -e "\nMariaDB/MySQL web server already exists. Installation skipped..." + warning -e "\nMariaDB (MySQL) web server already exists. Installation skipped..." else init_mariadb_install "$@" fi