replicate-db: do not use stunnel, but rather our vpn

1 files changed, 3 insertions, 30 deletions

diff --git a/replicate-db b/replicate-db
index af4fc36..9116a41 100755
--- a/replicate-db
+++ b/replicate-db
@@ -14,24 +14,12 @@ if [ -d '/var/lib/mysql' ]; then
   sudo rm -rf --one-file-system '/var/lib/mysql' '/etc/mysql'
 fi
 
-if [ -d '/etc/stunnel' ]; then
-  read -p 'stunnel seems to be installed already - I will remove it first.' -r s
-  if [ -n "${s}" ]; then
-    echo 'Aborted.'
-    exit
-  fi
-  sudo systemctl stop stunnel || true
-  sudo systemctl disable stunnel || true
-  sudo pacman -Rs stunnel || true
-  sudo rm -rf --one-file-system '/etc/stunnel'
-fi
-
 read -p 'enter new root-pw: ' -s -r root_pw
 printf '\n'
 read -p 'enter replikat-pw: ' -s -r replikat_pw
 printf '\n'
 
-sudo pacman -S --noconfirm mariadb stunnel
+sudo pacman -S --noconfirm mariadb
 
 # set up mariadb
 sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
@@ -47,21 +35,6 @@ sudo systemctl enable mysqld
 printf '\n\n\n%s\n%s\n\n\n\n\n' "${root_pw}" "${root_pw}" | \
   sudo mysql_secure_installation
 
-# set up stunnel
-
-sudo tee /etc/stunnel/stunnel.conf > /dev/null <<EOF
-[buildmaster-mysql]
-client = yes
-accept = 127.0.0.1:33061
-connect = buildmaster.archlinux32.org:3307
-verifyChain = yes
-CApath = /etc/ssl/certs
-checkHost = buildmaster.archlinux32.org
-EOF
-
-sudo systemctl start stunnel
-sudo systemctl enable stunnel
-
 tmp_file=$(mktemp)
 trap 'rm "${tmp_file}"' EXIT
 
@@ -80,8 +53,8 @@ ssh master@buildmaster.archlinux32.org '
     'SELECT' \
     'SHOW VIEW'
   printf "CHANGE MASTER TO MASTER_HOST='%s', MASTER_PORT=%s, MASTER_USER='%s', MASTER_PASSWORD='%s';\n" \
-    '127.0.0.1' \
-    33061 \
+    '10.100.10.1' \
+    3306 \
     'replikat' \
     "${replikat_pw}"
   xzcat "${tmp_file}" | pv