diff options
author | Erich Eckner <git@eckner.net> | 2018-07-10 08:19:25 +0200 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2018-07-10 08:19:25 +0200 |
commit | 261e6385c50f8d017460e3fb24f2c3fc22fdb3d6 (patch) | |
tree | f7a61eeebd5be061c582a2c5dcb18796e90d0d99 | |
download | devops-261e6385c50f8d017460e3fb24f2c3fc22fdb3d6.tar.xz |
initial commit
-rwxr-xr-x | replicate-db | 100 | ||||
-rwxr-xr-x | update-kernel-config | 72 |
2 files changed, 172 insertions, 0 deletions
diff --git a/replicate-db b/replicate-db new file mode 100755 index 0000000..91706cb --- /dev/null +++ b/replicate-db @@ -0,0 +1,100 @@ +#!/bin/bash + +set -e + +if [ -d '/var/lib/mysql' ]; then + read -p 'mariadb seems to be installed already - I will remove it first.' -r s + if [ -n "${s}" ]; then + echo 'Aborted.' + exit + fi + sudo systemctl stop mysqld || true + sudo systemctl disable mysqld || true + sudo pacman -Rs mariadb || true + sudo rm -rf --one-file-system '/var/lib/mysql' '/etc/mysql' +fi + +if [ -d '/etc/stunnel' ]; then + read -p 'stunnel seems to be installed already - I will remove it first.' -r s + if [ -n "${s}" ]; then + echo 'Aborted.' + exit + fi + sudo systemctl stop stunnel || true + sudo systemctl disable stunnel || true + sudo pacman -Rs stunnel || true + sudo rm -rf --one-file-system '/etc/stunnel' +fi + +read -p 'enter new root-pw: ' -s -r root_pw +printf '\n' +read -p 'enter replikat-pw: ' -s -r replikat_pw +printf '\n' + +sudo pacman -S --noconfirm mariadb stunnel + +# set up mariadb +sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql +sudo sed -i ' + /myisam_sort_buffer_size/ a group_concat_max_len = 4096 + /^#server-id/ { + s/^#// + s/[0-9]\+$/'"$RANDOM"'/ + b + } + s/^server-id/#\0/ + /^#skip-networking$/ s/^#// +' '/etc/mysql/my.cnf' + +sudo systemctl start mysqld +sudo systemctl enable mysqld + +printf '\n\n%s\n%s\n\n\n\n\n' "${root_pw}" "${root_pw}" | \ + sudo mysql_secure_installation + +# set up stunnel + +sudo tee /etc/stunnel/stunnel.conf > /dev/null <<EOF +[buildmaster-mysql] +client = yes +accept = 127.0.0.1:33061 +connect = buildmaster.archlinux32.org:3307 +verifyChain = yes +CApath = /etc/ssl/certs +checkHost = buildmaster.archlinux32.org +EOF + +sudo systemctl start stunnel +sudo systemctl enable stunnel + +tmp_file=$(mktemp) +trap 'rm "${tmp_file}"' EXIT + +ssh buildmaster ' + cd /var/backup; + ls -t | grep -m1 '"'"'^database-.*\.xz$'"'"' | xargs pv +' > "${tmp_file}" + +{ + printf 'SHOW SLAVE STATUS;\n' + printf "CREATE USER 'webserver'@'localhost' IDENTIFIED BY 'empty';\n" \ + printf "GRANT USAGE ON *.* TO 'webserver'@'localhost' IDENTIFIED BY 'empty';\n" + printf "GRANT REPLICATION CLIENT ON *.* TO 'webserver'@'localhost';\n" + printf 'GRANT %s ON buildmaster.* TO '"'"'webserver'"'"'@'"'"'localhost'"'"';\n' \ + 'CREATE TEMPORARY TABLES' \ + 'SELECT' \ + 'SHOW VIEW' + printf "CHANGE MASTER TO MASTER_HOST='%s', MASTER_PORT=%s, MASTER_USER='%s', MASTER_PASSWORD='%s';\n" \ + '127.0.0.1' \ + 33061 \ + 'replikat' \ + "${replikat_pw}" + xzcat "${tmp_file}" | pv + xzgrep -- '^-- CHANGE MASTER TO ' "${tmp_file}" | \ + sed 's/^-- //' + printf 'START SLAVE;\n' + printf 'SHOW SLAVE STATUS;\n' +} | \ + mysql -u root -p"${root_pw}" + +printf '\n\nAll set up successfully.\n' diff --git a/update-kernel-config b/update-kernel-config new file mode 100755 index 0000000..37e414c --- /dev/null +++ b/update-kernel-config @@ -0,0 +1,72 @@ +#!/bin/bash + +if [ $# -ne 2 ]; then + >&2 echo 'usage: update-kernel-config [repository] [kernel-name]' + exit 2 +fi + +old_revision=$( + sed -n ' + s/^# upstream git\( revision\)\?: *// + T + p + ' "/usr/src/archlinux32/packages/$1/$2/PKGBUILD" +) + +if [ -z "${old_revision}" ]; then + >&2 echo 'Cannot detemine old upstream git revision.' + >&2 echo '"# upstream git revision: ..." line is missing.' + exit 1 +fi + +diff=$( + git -C "/usr/src/archlinux/packages/$2/repos/$1-x86_64" diff "${old_revision}" HEAD -- config | \ + grep '^[+-].' | \ + grep -v '^+++\|^---' +) + +if [ -z "${diff}" ]; then + >&2 echo 'nothing changed.' + exit 1 +fi + +{ + grep -vxF "$( + printf '%s\n' "${diff}" | \ + sed -n ' + s/^-// + T + p + ' + )" "/usr/src/archlinux32/packages/$1/$2/config" + printf '%s\n' "${diff}" | \ + sed -n ' + s/^+// + T + p + ' +} | \ + sponge "/usr/src/archlinux32/packages/$1/$2/config" + +sed -i ' + 1 s/^#.*$/# upstream git revision: '"$( + git -C "/usr/src/archlinux/packages" rev-parse HEAD + )"'/ + s/'"$( + git -C "/usr/src/archlinux/packages/$2/repos/$1-x86_64" archive "${old_revision}" -- config | \ + tar -Ox | \ + sha256sum | \ + awk '{print $1}' + )"'/'"$( + git -C "/usr/src/archlinux/packages/$2/repos/$1-x86_64" archive HEAD -- config | \ + tar -Ox | \ + sha256sum | \ + awk '{print $1}' + )"'/g + s/'"$( + git -C "/usr/src/archlinux32/packages/$1/$2" archive HEAD -- config | \ + tar -Ox | \ + sha256sum | \ + awk '{print $1}' + )"'/SKIP/g +' "/usr/src/archlinux32/packages/$1/$2/PKGBUILD" |