Parcourir la source
Allow to set SSL options for mysql user
This patch allows to set grant SSL options for user. Change-Id: I700ed0634c549590f1cf207a3852996fc65e5d14 Related-Prod: PROD-17049master
Vasyl Saienko
il y a 6 ans
2 fichiers modifiés avec 23 ajouts et 2 suppressions
+ 18
- 0
README.rst
Voir le fichier
| - grants: | - grants: | ||||
| - all privileges | - all privileges | ||||
| Additional mysql SSL grants: | |||||
| .. code-block:: yaml | |||||
| mysql: | |||||
| server: | |||||
| users: | |||||
| - name: clustercheck | |||||
| password: clustercheck | |||||
| database: '*.*' | |||||
| grants: PROCESS | |||||
| ssl_option: | |||||
| - SSL: True | |||||
| - X509: True | |||||
| - SUBJECT: <subject> | |||||
| - ISSUER: <issuer> | |||||
| - CIPHER: <cipher> | |||||
| Additional check params: | Additional check params: | ||||
| ======================== | ======================== | ||||
+ 5
- 2
galera/server.sls
Voir le fichier
| - database: '{{ database_name }}.*' | - database: '{{ database_name }}.*' | ||||
| - user: '{{ user.name }}' | - user: '{{ user.name }}' | ||||
| - host: '{{ user.host }}' | - host: '{{ user.host }}' | ||||
| - ssl_option: {{ user.get('ssl_option', False) }} | |||||
| #- connection_user: {{ connection.user }} | #- connection_user: {{ connection.user }} | ||||
| #- connection_pass: {{ connection.password }} | #- connection_pass: {{ connection.password }} | ||||
| #- connection_charset: {{ connection.charset }} | #- connection_charset: {{ connection.charset }} | ||||
| - defaults: | - defaults: | ||||
| database_name: {{ database_name }} | database_name: {{ database_name }} | ||||
| database: {{ database }} | database: {{ database }} | ||||
| - require: | |||||
| - require: | |||||
| - file: mysql_dirs | - file: mysql_dirs | ||||
| - mysql_database: mysql_database_{{ database_name }} | - mysql_database: mysql_database_{{ database_name }} | ||||
| {%- if grains.get('noservices') %} | {%- if grains.get('noservices') %} | ||||
| - onlyif: /bin/false | - onlyif: /bin/false | ||||
| {%- endif %} | {%- endif %} | ||||
| {%- if 'grants' in user %} | {%- if 'grants' in user %} | ||||
| mysql_user_{{ user.name }}_{{ host }}_grants: | mysql_user_{{ user.name }}_{{ host }}_grants: | ||||
| mysql_grants.present: | mysql_grants.present: | ||||
| - grant_option: {{ user['grant_option'] | default(False) }} | - grant_option: {{ user['grant_option'] | default(False) }} | ||||
| - user: {{ user.name }} | - user: {{ user.name }} | ||||
| - host: '{{ host }}' | - host: '{{ host }}' | ||||
| - ssl_option: {{ user.get('ssl_option', False) }} | |||||
| #- connection_user: {{ connection.user }} | #- connection_user: {{ connection.user }} | ||||
| #- connection_pass: {{ connection.password }} | #- connection_pass: {{ connection.password }} | ||||
| #- connection_charset: {{ connection.charset }} | #- connection_charset: {{ connection.charset }} | ||||
| - grant_option: {{ db['grant_option'] | default(False) }} | - grant_option: {{ db['grant_option'] | default(False) }} | ||||
| - user: {{ user.name }} | - user: {{ user.name }} | ||||
| - host: '{{ host }}' | - host: '{{ host }}' | ||||
| - ssl_option: {{ db.get('ssl_option', False) }} | |||||
| #- connection_user: {{ connection.user }} | #- connection_user: {{ connection.user }} | ||||
| #- connection_pass: {{ connection.password }} | #- connection_pass: {{ connection.password }} | ||||
| #- connection_charset: {{ connection.charset }} | #- connection_charset: {{ connection.charset }} |
Chargement…