mysql: adding option to create databases and users

[ecraven]

This adds an option databases = [ { name = "mydb", users = [ { username = "myuser"; password = "mysecret"; } ]; } ]; to mysql, which runs mysqladmin create mydb (if the database doesn't exist, if it does exist nothing happens), and then runs mysql to grant access to that db for the given credentials. It only ensures these exist, it never removes or deletes anything.
This is meant to ensure that a certain database and user exist, in contrast to initialDatabases it runs every time mysql is started, not just on first installation.

[copumpkin]

Is there some way to make it clear to users that it won't delete databases? I could see it being both scary (you'll delete my data) and counterintuitive (why doesn't my database list match my configuration.nix?)

[edolstra]

Does mysqladmin create work when the MySQL server isn't running yet?

[ecraven]

@copumpkin a good point, I was trying to get exactly that message across, but somehow getting it into the parameter name would be even better..
@edolstra no, it seems it does not, I'd probably have to use something similar to what the rest of mysql.nix already does.

Do I understand correctly that in general this is something that would be merged, if we can figure out those details?

[the-kenny]

Is there a reason we still need initialDatabases? With this?

[kevincox]

Is this still in progress? Otherwise it should be closed as abandoned.

[davidak]

@kevincox i watch this issue because i would like to have this feature. i think nobody is working on it.

[kevincox]

Would you be interesting in taking over the PR? Because it appears that the author has left.

[davidak]

i looked at the current implementation. it is good when you have one database per user but most of the time a user has multiple databases.

for manual configuration i use this:

CREATE USER 'user1'@'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON `user1\_%`.* TO 'user1'@'%';
FLUSH PRIVILEGES;
CREATE DATABASE user1_db1 CHARACTER SET utf8 COLLATE utf8_general_ci;
CREATE DATABASE user1_db2 CHARACTER SET utf8 COLLATE utf8_general_ci;

it would be good if that is possible.

we may call this option users instead of databases so a user can have access to multiple databases and multiple users can have access to the same database:

users = [
  { name = "user1"; host = "localhost"; password = "mysecret"; databases = ["db1" "wordpress"]; };
  { name = "user2"; host = "%"; password = "mysecret"; databases = ["wordpress" "user2\_%"]; };
];

what do you think?

[florianjacob]

@davidak Are you still around and willing to work on this? Your proposal looks suitable! 😃
I found this PR looking for such a functionality for implementing #25266 without adding mysql commands in that module, like other packages do.

[florianjacob]

The difference between the current initialDatabases and what's proposed here is that initialDatabases is only run at the very first start after mysql got installed, and can't be used to add more databases later.

[florianjacob]

I made PR #29387 with a different approach to this, hopefully circumventing the issues with this approach.

[florianjacob]

My PR was merged now, implementing what this PR was aiming for but simplified to localhost users + Unix socket authentication only. I'd say this can be closed now, if anybody needs more than that they should create a follow-up PR.