From 81ef80819180351c3c45f554b9a18acd3faec649 Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Mon, 14 Jul 2025 10:26:12 +0200
Subject: [PATCH] Optimized mariadb

---
 roles/svc-db-mariadb/config/main.yml |  8 +++--
 roles/svc-db-mariadb/tasks/init.yml  | 30 ++++++++++++++++
 roles/svc-db-mariadb/tasks/main.yml  | 51 +++++++---------------------
 roles/svc-db-mariadb/vars/main.yml   | 14 ++++++--
 4 files changed, 59 insertions(+), 44 deletions(-)
 create mode 100644 roles/svc-db-mariadb/tasks/init.yml

diff --git a/roles/svc-db-mariadb/config/main.yml b/roles/svc-db-mariadb/config/main.yml
index e8a178d2..ba508fbd 100644
--- a/roles/svc-db-mariadb/config/main.yml
+++ b/roles/svc-db-mariadb/config/main.yml
@@ -1,4 +1,8 @@
-version:  "latest"
 hostname: "svc-db-mariadb"
 network:  "<< defaults_applications[svc-db-mariadb].hostname >>"
-volume:   "<< defaults_applications[svc-db-mariadb].hostname >>_data"
\ No newline at end of file
+docker: 
+  services:
+    mariadb: 
+      version:  "latest"
+      image:    "mariadb"
+      volume:   "<< defaults_applications[svc-db-mariadb].hostname >>_data"
diff --git a/roles/svc-db-mariadb/tasks/init.yml b/roles/svc-db-mariadb/tasks/init.yml
new file mode 100644
index 00000000..0ed21bba
--- /dev/null
+++ b/roles/svc-db-mariadb/tasks/init.yml
@@ -0,0 +1,30 @@
+- name: "Create database: {{ database_name }}"
+  mysql_db:
+    name:           "{{ database_name }}"
+    state:          present
+    login_user:     root
+    login_password: "{{ mariadb_root_pwd }}"
+    login_host:     127.0.0.1
+    login_port:     "{{ database_port }}"
+    encoding:       "{{ database_encoding }}"
+    collation:      "{{ database_collation }}"
+
+- name: "Create database user: {{ database_username }}"
+  mysql_user:
+    name:     "{{database_username}}"
+    password: "{{database_password}}"
+    host: "%"
+    priv: '{{database_name}}.*:ALL'
+    state: present
+    login_user: root
+    login_password: "{{mariadb_root_pwd}}"
+    login_host: 127.0.0.1
+    login_port: "{{database_port}}"
+
+# Deactivated due to https://chatgpt.com/share/683ba14b-0e74-800f-9ad1-a8979bc77093
+# @todo Remove if this works fine in the future. 
+#- name: Grant database privileges
+#  ansible.builtin.shell:
+#    cmd: "docker exec {{mariadb_hostname }} mariadb -u root -p{{ mariadb_root_pwd }} -e \"GRANT ALL PRIVILEGES ON `{{database_name}}`.* TO '{{database_username}}'@'%';\""
+#  args:
+#    executable: /bin/bash
\ No newline at end of file
diff --git a/roles/svc-db-mariadb/tasks/main.yml b/roles/svc-db-mariadb/tasks/main.yml
index fe6ef589..98922109 100644
--- a/roles/svc-db-mariadb/tasks/main.yml
+++ b/roles/svc-db-mariadb/tasks/main.yml
@@ -1,29 +1,29 @@
 - name: Create Docker network for MariaDB
   docker_network:
-    name: "{{ applications['svc-db-mariadb'].network }}"
+    name: "{{ mariadb_network_name }}"
     state: present
     ipam_config:
-      - subnet: "{{ networks.local['svc-db-mariadb'].subnet }}"
+      - subnet: "{{ mariadb_subnet }}"
   when: run_once_docker_mariadb is not defined
 
 - name: install MariaDB
   docker_container:
     name: "{{ mariadb_hostname }}"
-    image: "mariadb:{{applications['svc-db-mariadb'].version}}"
+    image: "{{ mariadb_image }}:{{ mariadb_version}}"
     detach: yes
     env:
-      MARIADB_ROOT_PASSWORD:  "{{mariadb_root_pwd}}"
+      MARIADB_ROOT_PASSWORD:  "{{ mariadb_root_pwd }}"
       MARIADB_AUTO_UPGRADE:   "1"
     networks:
-      - name: "{{ applications['svc-db-mariadb'].network }}"
+      - name: "{{ mariadb_network_name }}"
     volumes:
-      - "{{ applications['svc-db-mariadb'].volume }}:/var/lib/mysql"
+      - "{{ mariadb_volume }}:/var/lib/mysql"
     published_ports:
-      - "127.0.0.1:{{database_port}}:3306" # can be that this will be removed if all applications use sockets
+      - "127.0.0.1:{{ mariadb_port }}:3306" # can be that this will be removed if all applications use sockets
     command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" #for nextcloud
-    restart_policy: "{{docker_restart_policy}}"
+    restart_policy: "{{ docker_restart_policy }}"
     healthcheck:
-      test: "/usr/bin/mariadb --user=root --password={{mariadb_root_pwd}} --execute \"SHOW DATABASES;\""
+      test: "/usr/bin/mariadb --user=root --password={{ mariadb_root_pwd }} --execute \"SHOW DATABASES;\""
       interval: 3s
       timeout: 1s
       retries: 5
@@ -51,36 +51,9 @@
     - setup_mariadb_container_result.changed
     - run_once_docker_mariadb is not defined
 
-- name: "Create database: {{ database_name }}"
-  mysql_db:
-    name:           "{{ database_name }}"
-    state:          present
-    login_user:     root
-    login_password: "{{ mariadb_root_pwd }}"
-    login_host:     127.0.0.1
-    login_port:     "{{ database_port }}"
-    encoding:       "{{ database_encoding }}"
-    collation:      "{{ database_collation }}"
-
-- name: "Create database user: {{ database_username }}"
-  mysql_user:
-    name:     "{{database_username}}"
-    password: "{{database_password}}"
-    host: "%"
-    priv: '{{database_name}}.*:ALL'
-    state: present
-    login_user: root
-    login_password: "{{mariadb_root_pwd}}"
-    login_host: 127.0.0.1
-    login_port: "{{database_port}}"
-
-# Deactivated due to https://chatgpt.com/share/683ba14b-0e74-800f-9ad1-a8979bc77093
-# @todo Remove if this works fine in the future. 
-#- name: Grant database privileges
-#  ansible.builtin.shell:
-#    cmd: "docker exec {{mariadb_hostname }} mariadb -u root -p{{ mariadb_root_pwd }} -e \"GRANT ALL PRIVILEGES ON `{{database_name}}`.* TO '{{database_username}}'@'%';\""
-#  args:
-#    executable: /bin/bash
+- name: "Initialize database for '{{ database_name }}'"
+  include_tasks: init.yml
+  when: "{{ mariadb_init }}"
 
 - name: run the docker_mariadb tasks once
   set_fact:
diff --git a/roles/svc-db-mariadb/vars/main.yml b/roles/svc-db-mariadb/vars/main.yml
index 9f0ec4ad..030ba8bb 100644
--- a/roles/svc-db-mariadb/vars/main.yml
+++ b/roles/svc-db-mariadb/vars/main.yml
@@ -1,3 +1,11 @@
-application_id:   svc-db-mariadb
-mariadb_hostname: "{{ applications | get_app_conf(application_id, 'hostname', True) }}"
-mariadb_root_pwd: "{{ applications['svc-db-mariadb'].credentials.root_password }}"
+application_id:       svc-db-mariadb
+mariadb_hostname:     "{{ applications | get_app_conf(application_id,'hostname', True) }}"
+mariadb_root_pwd:     "{{ applications | get_app_conf(application_id,'credentials.root_password', True) }}"
+mariadb_init:         "{{ database_username is defined and database_password is defined and database_name is defined }}"
+mariadb_subnet:       "{{ networks.local['svc-db-mariadb'].subnet  }}"
+mariadb_network_name: "{{ applications | get_app_conf(application_id,'network', True) }}"
+mariadb_volume:       "{{ applications | get_app_conf(application_id,'docker.services.mariadb.volume', True) }}"
+mariadb_image:        "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb', True) }}"
+mariadb_version:      "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version', True) }}"
+mariadb_port:         "{{ database_port | default(ports.localhost.database[ application_id ]) }}"
+