Fedora 42

Signed-off-by: Jason Rothstein <fdragon@fdragon.org>

templates/Fedora/42/etc/my.cnf.d/auth_gssapi.cnf

@@ -0,0 +1,2 @@
+[mariadb]
+#plugin-load-add=auth_gssapi.so

templates/Fedora/42/etc/my.cnf.d/client.cnf

@@ -0,0 +1,14 @@
+#
+# These two groups are read by the client library
+# Use it for options that affect all clients, but not the server
+#
+[client]
+default-character-set = utf8mb4
+
+# This group is not read by mysql client library,
+# If you use the same .cnf file for MySQL and MariaDB,
+# use it for MariaDB-only client options
+[client-mariadb]
+ssl
+ssl-verify-server-cert
+

templates/Fedora/42/etc/my.cnf.d/cracklib_password_check.cnf

@@ -0,0 +1,2 @@
+[mariadb]
+#plugin-load-add=cracklib_password_check.so

templates/Fedora/42/etc/my.cnf.d/enable_encryption.preset

@@ -0,0 +1,20 @@
+#
+# !include this file into your my.cnf (or any of *.cnf files in /etc/my.cnf.d)
+# and it will enable data at rest encryption. This is a simple way to
+# ensure that everything that can be encrypted will be and your
+# data will not leak unencrypted.
+#
+# DO NOT EDIT THIS FILE! On MariaDB upgrades it might be replaced with a
+# newer version and your edits will be lost. Instead, add your edits
+# to the .cnf file after the !include directive.
+#
+# NOTE that you also need to install an encryption plugin for the encryption
+# to work. See https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/#encryption-key-management
+#
+[mariadb]
+aria-encrypt-tables
+encrypt-binlog
+encrypt-tmp-disk-tables
+encrypt-tmp-files
+loose-innodb-encrypt-log
+loose-innodb-encrypt-tables

templates/Fedora/42/etc/my.cnf.d/hashicorp_key_management.cnf

@@ -0,0 +1,117 @@
+# Copyright (C) 2019-2022 MariaDB Corporation
+#
+# This is a default configuration for the Hashicorp Vault plugin.
+# You can read more about the parameters of this plugin in the
+# hashicorp_key_management.txt file.
+#
+# NOTE THAT YOU MUST MANUALLY UNCOMMENT THE "plugin-load-add"
+# LINE AND ALL THE NECESSARY PARAMETERS BELOW, SETTING THEM
+# TO APPROPRIATE VALUES!
+#
+[mariadb]
+
+#
+# To use Hashicorp Vault KMS, the plugin must be preloaded and
+# activated on the server:
+#
+#plugin-load-add=hashicorp_key_management.so
+
+# Most of its parameters should not be changed during plugin
+# operation and therefore must be preconfigured as part of
+# the server configuration:
+
+#
+# HTTP[s] URL that is used to connect to the Hashicorp Vault server.
+# It must include the name of the scheme ("https://" for a secure
+# connection) and, according to the API rules for storages of the
+# key-value type in Hashicorp Vault, after the server address, the
+# path must begin with the "/v1/" string (as prefix), for example:
+# "https://127.0.0.1:8200/v1/my_secrets"
+#
+#hashicorp-key-management-vault-url="<url>"
+
+#
+# Authentication token that passed to the Hashicorp Vault
+# in the request header:
+#
+#hashicorp-key-management-token="<token>"
+
+#
+# Optional path to the Certificate Authority (CA) bundle
+# (is a file that contains root and intermediate certificates):
+#
+#hashicorp-key-management-vault-ca="<path>"
+
+#
+# Set the duration (in seconds) for the Hashicorp Vault server
+# connection timeout. The allowed range is from 1 to 86400 seconds.
+# The user can also specify a zero value, which means the default
+# timeout value set by the libcurl library (currently 300 seconds):
+#
+#hashicorp-key-management-timeout=15
+
+#
+# Number of server request retries in case of timeout:
+#
+#hashicorp-key-management-retries=3
+
+#
+# Enable key caching (storing key values received from
+# the Hashicorp Vault server in the local memory):
+#
+#hashicorp-key-management-caching-enabled="on"
+
+#
+# This parameter instructs the plugin to use the key values
+# or version numbers taken from the cache in the event of a
+# timeout when accessing the vault server. By default this
+# option is disabled.
+#
+# Please note that key values or version numbers will be read
+# from the cache when the timeout expires only after the number
+# of attempts to read them from the storage server that specified
+# by the hashicorp-key-management-retries parameter has been
+# exhausted:
+#
+#hashicorp-key-management-use-cache-on-timeout="off"
+
+#
+# The time (in milliseconds) after which the value of the key
+# stored in the cache becomes invalid and an attempt to read this
+# data causes a new request send to the vault server. By default,
+# cache entries become invalid after 60,000 milliseconds (after
+# one minute).
+#
+# If the value of this parameter is zero, then the keys will always
+# be considered invalid, but they still can be used if the vault
+# server is unavailable and the corresponding cache operating mode
+# (--[loose-]hashicorp-key-management-use-cache-on-timeout="on")
+# is enabled.
+#
+#hashicorp-key-management-cache-timeout=0
+
+#
+# The time (in milliseconds) after which the information about
+# latest version number of the key (which stored in the cache)
+# becomes invalid and an attempt to read this information causes
+# a new request send to the vault server.
+#
+# If the value of this parameter is zero, then information abount
+# latest key version numbers always considered invalid, unless
+# there is no communication with the vault server and use of the
+# cache is allowed when the server is unavailable.
+#
+# By default, this parameter is zero, that is, the latest version
+# numbers for the keys stored in the cache are considered always
+# invalid, except when the vault server is unavailable and use
+# of the cache is allowed on server failures.
+#
+#hashicorp-key-management-cache-version-timeout=0
+
+#
+# This parameter enables ("on", this is the default value) or disables
+# ("off") checking the kv storage version during plugin initialization.
+# The plugin requires storage to be version 2 or older in order for it
+# to work properly.
+#
+#hashicorp-key-management-check-kv-version=on

templates/Fedora/42/etc/my.cnf.d/mariadb-server.cnf

@@ -0,0 +1,59 @@
+#
+# These groups are read by MariaDB server.
+# Use it for options that only the server (but not clients) should see
+#
+# See the examples of server my.cnf files in /usr/share/mysql/
+#
+
+# this is read by the standalone daemon and embedded servers
+[server]
+
+# this is only for the mysqld standalone daemon
+# Settings user and group are ignored when systemd is used.
+# If you need to run mysqld under a different user or group,
+# customize your systemd unit file for mysqld/mariadb according to the
+# instructions in http://fedoraproject.org/wiki/Systemd
+[mysqld]
+datadir=/var/lib/mysql
+socket=/var/lib/mysql/mysql.sock
+log-error=/var/log/mariadb/mariadb.log
+pid-file=/run/mariadb/mariadb.pid
+character-set-server = utf8mb4
+ssl-cert=/etc/my.cnf.d/certificates/pubcert.epm
+ssl-key=/etc/my.cnf.d/certificates/privkey.epm
+tls-version=TLSv1.2,TLSv1.3
+
+
+#
+# * Galera-related settings
+#
+[galera]
+# Mandatory settings
+#wsrep_on=ON
+#wsrep_provider=
+#wsrep_cluster_address=
+#binlog_format=row
+#default_storage_engine=InnoDB
+#innodb_autoinc_lock_mode=2
+#
+# Allow server to accept connections on all interfaces.
+#
+#bind-address=0.0.0.0
+#
+# Optional setting
+#wsrep_slave_threads=1
+#innodb_flush_log_at_trx_commit=0
+
+# this is only for embedded server
+[embedded]
+
+# This group is only read by MariaDB servers, not by MySQL.
+# If you use the same .cnf file for MySQL and MariaDB,
+# you can put MariaDB-only options here
+[mariadb]
+
+# This group is only read by MariaDB-10.11 servers.
+# If you use the same .cnf file for MariaDB of different versions,
+# use this group for options that older servers don't understand
+[mariadb-10.11]
+

templates/Fedora/42/etc/my.cnf.d/mysql-clients.cnf

@@ -0,0 +1,23 @@
+#
+# These groups are read by MariaDB command-line tools
+# Use it for options that affect only one utility
+#
+
+[mysql]
+
+[mysql_upgrade]
+
+[mysqladmin]
+
+[mysqlbinlog]
+
+[mysqlcheck]
+
+[mysqldump]
+
+[mysqlimport]
+
+[mysqlshow]
+
+[mysqlslap]
+

templates/Fedora/42/etc/my.cnf.d/provider_bzip2.cnf

@@ -0,0 +1,3 @@
+[server]
+plugin_load_add=provider_bzip2
+provider_bzip2=force_plus_permanent

templates/Fedora/42/etc/my.cnf.d/provider_lz4.cnf

@@ -0,0 +1,3 @@
+[server]
+plugin_load_add=provider_lz4
+provider_lz4=force_plus_permanent

templates/Fedora/42/etc/my.cnf.d/provider_lzma.cnf

@@ -0,0 +1,3 @@
+[server]
+plugin_load_add=provider_lzma
+provider_lzma=force_plus_permanent

templates/Fedora/42/etc/my.cnf.d/provider_lzo.cnf

@@ -0,0 +1,3 @@
+[server]
+plugin_load_add=provider_lzo
+provider_lzo=force_plus_permanent

templates/Fedora/42/etc/my.cnf.d/provider_snappy.cnf

@@ -0,0 +1,3 @@
+[server]
+plugin_load_add=provider_snappy
+provider_snappy=force_plus_permanent

templates/Fedora/42/etc/my.cnf.d/spider.cnf

@@ -0,0 +1,7 @@
+[mariadb]
+#
+# Uncomment line to enable
+#
+#plugin-load-add = ha_spider
+
+# Read more at https://mariadb.com/kb/en/spider/