cafe24-testserver/lxc/setup_mariadb.sh

#!/bin/bash
# Rocky Linux 9 LXC - MariaDB 10.6.5 설치 및 초기 설정 (고정 버전)
# 서비스 서버(호스팅)와 동일한 DB 환경 재현 목적
# root 계정에서 실행
# curl | bash 실행 지원

set -euo pipefail

DOTFILES_BASE_URL="https://git.siane.kr/firstgarden/cafe24-testserver/raw/branch/main"

LINUX_USER=""
DB_USER=""
DB_NAME=""

############################################
# 입력 헬퍼 (pipe 대응)
############################################
read_input() {
    local prompt="$1"
    local var_name="$2"
    local is_secret="${3:-false}"

    if [ "$is_secret" = "true" ]; then
        read -s -p "$prompt" "$var_name" < /dev/tty
        echo "" >&2
    else
        read -p "$prompt" "$var_name" < /dev/tty
    fi
}

############################################
# 오류 발생 시 정리
############################################
cleanup() {
    EXIT_CODE=$?
    if [ $EXIT_CODE -ne 0 ]; then
        echo ""
        echo "❌ 설정 중 오류 발생 ($EXIT_CODE)"
        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
        echo "MariaDB / 사용자 상태를 확인하세요."
    fi
    exit $EXIT_CODE
}
trap cleanup EXIT

echo "=== Rocky Linux 9 LXC - MariaDB 10.6.5 고정 설치 시작 ==="
echo ""

############################################
# 0. Timezone
############################################
timedatectl set-timezone Asia/Seoul
echo "✓ Timezone 설정 완료"

############################################
# 1. 필수 패키지
############################################
dnf update -y
dnf install -y sudo vim wget curl policycoreutils-python-utils

############################################
# 2. Linux 사용자
############################################
read_input "Linux 사용자 이름: " LINUX_USER

if ! id "$LINUX_USER" &>/dev/null; then
    while true; do
        read_input "Linux 사용자 비밀번호: " LINUX_PW true
        read_input "비밀번호 확인: " LINUX_PW_CONFIRM true
        [ "$LINUX_PW" = "$LINUX_PW_CONFIRM" ] && break
        echo "❌ 비밀번호 불일치"
    done
    useradd -m -s /bin/bash "$LINUX_USER"
    echo "$LINUX_USER:$LINUX_PW" | chpasswd
    usermod -aG wheel "$LINUX_USER"
    echo "✓ Linux 사용자 생성 완료"
else
    echo "ℹ️  기존 Linux 사용자 사용: $LINUX_USER"
fi

############################################
# 3. DB 계정 설정 (수정됨)
############################################
read_input "MariaDB 계정을 Linux 계정과 동일하게 사용할까요? (Y/n): " SAME_ACCOUNT
SAME_ACCOUNT=${SAME_ACCOUNT:-Y}

if [[ "$SAME_ACCOUNT" =~ ^[Yy]$ ]]; then
    DB_USER="$LINUX_USER"

    # 기존 Linux 사용자 재사용 시 → DB 비밀번호를 새로 입력
    if [ -z "${LINUX_PW:-}" ]; then
        while true; do
            read_input "MariaDB 비밀번호: " DB_PW true
            read_input "MariaDB 비밀번호 확인: " DB_PW_CONFIRM true
            [ "$DB_PW" = "$DB_PW_CONFIRM" ] && break
            echo "❌ MariaDB 비밀번호가 일치하지 않습니다."
        done
    else
        # 새 Linux 사용자 생성 케이스
        DB_PW="$LINUX_PW"
    fi
else
    read_input "MariaDB 사용자 이름: " DB_USER
    while true; do
        read_input "MariaDB 비밀번호: " DB_PW true
        read_input "MariaDB 비밀번호 확인: " DB_PW_CONFIRM true
        [ "$DB_PW" = "$DB_PW_CONFIRM" ] && break
        echo "❌ MariaDB 비밀번호가 일치하지 않습니다."
    done
fi

DB_NAME="$DB_USER"

############################################
# 4. dotfiles
############################################
USER_HOME="/home/$LINUX_USER"
mkdir -p "$USER_HOME"

curl -fsSL -o "$USER_HOME/.vimrc" "$DOTFILES_BASE_URL/dotfiles/vimrc" || true
curl -fsSL -o "/tmp/.bashrc_addon" "$DOTFILES_BASE_URL/dotfiles/bashrc_addon" || true

if [ -f /tmp/.bashrc_addon ]; then
    cat /tmp/.bashrc_addon >> "$USER_HOME/.bashrc"
    rm -f /tmp/.bashrc_addon
fi

chown -R "$LINUX_USER:$LINUX_USER" "$USER_HOME"

############################################
# 5. MariaDB 10.6.5 설치 (Archive Repo)
############################################
echo ""
echo "▶ MariaDB 10.6.5 설치 중 (Archive Repo 고정)"

# Rocky AppStream 완전 차단
dnf module disable mariadb -y || true
dnf remove -y mariadb mariadb-server mariadb-libs 2>/dev/null || true

cat > /etc/yum.repos.d/MariaDB.repo <<'EOF'
[mariadb]
name = MariaDB 10.6.5 Archive
baseurl = https://archive.mariadb.org/mariadb-10.6.5/yum/rhel/9/x86_64/
gpgkey = https://archive.mariadb.org/PublicKey
gpgcheck = 1
enabled = 1
EOF

dnf clean all
dnf makecache
dnf install -y MariaDB-server MariaDB-client

systemctl enable --now mariadb

############################################
# 6. 버전 검증 (중요)
############################################
MYSQL_VER=$(mysql --version)
echo "설치된 버전: $MYSQL_VER"

if ! echo "$MYSQL_VER" | grep -q "10.6.5-MariaDB"; then
    echo "❌ MariaDB 10.6.5가 아닙니다. 중단합니다."
    exit 1
fi

############################################
# 7. MariaDB 보안 초기화
############################################
mysql -u root <<EOF
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost','127.0.0.1','::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db LIKE 'test%';
FLUSH PRIVILEGES;
EOF

############################################
# 8. DB / 사용자 생성
############################################
mysql -u root <<EOF
CREATE DATABASE IF NOT EXISTS \`$DB_NAME\`
  CHARACTER SET utf8mb4
  COLLATE utf8mb4_unicode_ci;

CREATE USER IF NOT EXISTS '$DB_USER'@'%' IDENTIFIED BY '$DB_PW';
CREATE USER IF NOT EXISTS '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PW';

GRANT ALL PRIVILEGES ON \`$DB_NAME\`.* TO '$DB_USER'@'%';
GRANT ALL PRIVILEGES ON \`$DB_NAME\`.* TO '$DB_USER'@'localhost';

FLUSH PRIVILEGES;
EOF

############################################
# 9. MariaDB 설정 (서비스 서버 호환)
############################################
cat > /etc/my.cnf.d/50-server.cnf <<EOF
[mysqld]
bind-address = 0.0.0.0
port = 3306
sql_mode=
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
EOF

systemctl restart mariadb

############################################
# 10. 완료
############################################
echo ""
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "✅ MariaDB 10.6.5 설치 및 설정 완료"
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
echo "Linux 사용자 : $LINUX_USER"
echo "DB 사용자    : $DB_USER"
echo "DB 이름      : $DB_NAME"
echo "MariaDB 버전 : 10.6.5 (고정)"
echo ""
echo "접속 예시:"
echo "  mysql -h <LXC_IP> -u $DB_USER -p"
echo ""