Browse Source
Allow to set SSL options for mysql user
This patch allows to set grant SSL options for user. Change-Id: I700ed0634c549590f1cf207a3852996fc65e5d14 Related-Prod: PROD-17049master
Vasyl Saienko
6 years ago
2 changed files with 23 additions and 2 deletions
+ 18
- 0
README.rst
View File
| @@ -101,6 +101,24 @@ Additional mysql users: | |||
| - grants: | |||
| - all privileges | |||
| Additional mysql SSL grants: | |||
| .. code-block:: yaml | |||
| mysql: | |||
| server: | |||
| users: | |||
| - name: clustercheck | |||
| password: clustercheck | |||
| database: '*.*' | |||
| grants: PROCESS | |||
| ssl_option: | |||
| - SSL: True | |||
| - X509: True | |||
| - SUBJECT: <subject> | |||
| - ISSUER: <issuer> | |||
| - CIPHER: <cipher> | |||
| Additional check params: | |||
| ======================== | |||
+ 5
- 2
galera/server.sls
View File
| @@ -38,6 +38,7 @@ mysql_grants_{{ user.name }}_{{ database_name }}_{{ user.host }}: | |||
| - database: '{{ database_name }}.*' | |||
| - user: '{{ user.name }}' | |||
| - host: '{{ user.host }}' | |||
| - ssl_option: {{ user.get('ssl_option', False) }} | |||
| #- connection_user: {{ connection.user }} | |||
| #- connection_pass: {{ connection.password }} | |||
| #- connection_charset: {{ connection.charset }} | |||
| @@ -58,7 +59,7 @@ mysql_grants_{{ user.name }}_{{ database_name }}_{{ user.host }}: | |||
| - defaults: | |||
| database_name: {{ database_name }} | |||
| database: {{ database }} | |||
| - require: | |||
| - require: | |||
| - file: mysql_dirs | |||
| - mysql_database: mysql_database_{{ database_name }} | |||
| @@ -92,7 +93,7 @@ mysql_user_{{ user.name }}_{{ host }}: | |||
| {%- if grains.get('noservices') %} | |||
| - onlyif: /bin/false | |||
| {%- endif %} | |||
| {%- if 'grants' in user %} | |||
| mysql_user_{{ user.name }}_{{ host }}_grants: | |||
| mysql_grants.present: | |||
| @@ -102,6 +103,7 @@ mysql_user_{{ user.name }}_{{ host }}_grants: | |||
| - grant_option: {{ user['grant_option'] | default(False) }} | |||
| - user: {{ user.name }} | |||
| - host: '{{ host }}' | |||
| - ssl_option: {{ user.get('ssl_option', False) }} | |||
| #- connection_user: {{ connection.user }} | |||
| #- connection_pass: {{ connection.password }} | |||
| #- connection_charset: {{ connection.charset }} | |||
| @@ -122,6 +124,7 @@ mysql_user_{{ user.name }}_{{ host }}_grants_db_{{ db.database }}_{{ loop.index0 | |||
| - grant_option: {{ db['grant_option'] | default(False) }} | |||
| - user: {{ user.name }} | |||
| - host: '{{ host }}' | |||
| - ssl_option: {{ db.get('ssl_option', False) }} | |||
| #- connection_user: {{ connection.user }} | |||
| #- connection_pass: {{ connection.password }} | |||
| #- connection_charset: {{ connection.charset }} | |||
Loading…