Blog

How to install and secure MySQL 5.5 from source with Sprinkle

I recently fell in love with Sprinkle as a way to provision servers for Ruby on Rails applications. I had heard about Chef and Puppet a long time ago and I knew that at some point I would have to start using one of them if I didn't want to do the same repetitive tasks over and over again.

The thing is that I actually enjoy working with a new and fresh server! It's that new car smell and you know you get to set up the latest and greatest everything! Still, after doing it multiple times in the last months, I realized the time had come and I set aside half a day to get down and dirty with Chef.

I picked Chef because I had seen that Ryan Bates of Railscast fame had done an episode on it and I normally trust him and have never been disappointed in his sense of picking the best tool for a job.

Complexity vs. Simplicity

What I saw in that episode was really off-putting, though. There is just too much magic happening behind the scenes, especially for the modest requirements I normally have in my projects (most of the time only a single VPS). So I started looking for a simpler alternative and I found it in Sprinkle.

Sprinkle is based on Capistrano, everybody's favorite tool to deploy Rails applications. This makes setting up Sprinkle extremely easy because it reuses all configuration that you already have in your Capistrano files.

Another great advantage is that many people share their Sprinkle recipes on Github, so for most default components (Apache, Nginx, MySQL, Postgres, Redis, etc.) you can just copy and paste an existing recipe and maybe check if there's a newer version available that you might want to use. I like to compile most programs from source because some Linux distros that are still in use (most notably Ubuntu 10.04) only have access to very old versions of some programs by default. Instead of looking for precompiled deb packages of those programs I use to compile from source which guarantees access to the latest version.

Long story short: The only recipe I could not find anywhere was one to compile MySQL 5.5 from source. Since MySQL doesn't really follow the default ./configure && make && sudo make install pattern but uses cmake instead of a configure script, a small but not too difficult customization is necessary.

The Code

Check out the package definitions below. You can find the referenced init script, my.cnf, and mysql_secure_installation_no_ask in the gist.

Let me know if you have any questions in the comments!

Discuss this post on Hacker News

Ideas? Constructive criticism? Think I'm stupid? Let me know in the comments!