mysql-ubuntu/README.md

# MySQL for Ubuntu 24.04 Server
[![OS](https://img.shields.io/badge/ubuntu-24.04-E95420)](#)
[![Shell](https://img.shields.io/badge/shell-bash-121011)](#)
[![MySQL](https://img.shields.io/badge/db-mysql-4479A1)](#)
[![Auth](https://img.shields.io/badge/auth-no_socket-blue)](#)
[![License](https://img.shields.io/badge/License-MIT-green)](./LICENSE)

Install MySQL on Ubuntu 24.04 server.

This is not a guide and not a toy.  
This script is built for consistent, repeatable deployments.

## Why this installer exists
Different distros ship different defaults, often requiring manual cleanup. This installer standardizes configuration.

## What this installer does  
✔ Enforces `mysql_native_password`  
✔ No socket login — predictable auth  
✔ Removes anonymous users + test DB  
✔ Creates `/root/.my.cnf` for CLI access  
✔ Safe to re-run without wiping data  

## What this installer does *NOT* do
It won’t stop you from running the script without reading the documentation like there’s no tomorrow.  
Skip the README, and whatever happens next is your headache, not a bug report.

---

## Requirements

You need:

✔ Ubuntu 24.04 Server (or equivalent)  
✔ Root access (direct or via `sudo`)  
✔ No existing MySQL service already running

If MySQL is already running, the script will exit to avoid damaging an existing installation.

---

## 1. Prepare the system

```
sudo apt update -y
```

---

## 2. Download the installer

``` 
git clone https://git.x-files.dk/database/mysql-ubuntu.git
```

```
cd mysql-ubuntu
```

---

## 3. Install MySQL

``` 
sudo ./mysqlinstall -p <rootpassword>
```

Example:

``` 
sudo ./mysqlinstall -p StrongRootPass1986
```

The `-p` flag is **required**. If omitted, the script exits with an error.

---

## Authentication Mode (Default)

This installer configures MySQL to use **password-based authentication only** for the `root` user.

| Mode | Status | Notes |
|---|---|---|
| `mysql_native_password` | ✔ Enabled | Root must use a password |
| `auth_socket`           | ✘ Disabled | No implicit root login via socket |

This makes MySQL easier to use with:

- GUI tools (DBeaver, HeidiSQL, etc.)  
- Remote automation (Ansible, backup scripts)  
- Other services that expect TCP + password auth

---

## Security Hardening (Automatic)

The script applies hardening equivalent to `mysql_secure_installation`:

| Task | Status |
|---|---|
| Remove anonymous users | ✔ |
| Disallow remote root login | ✔ |
| Drop `test` database | ✔ |
| Remove `test_%` databases | ✔ |
| Flush privileges | ✔ |

---

## Post‑Install Login

Because `/root/.my.cnf` is created, you can log in as root with:

``` 
mysql
```

Or explicitly:

``` 
mysql -u root -p
```

Credentials file:

``` 
/root/.my.cnf
```

File mode is set to `400` (root read‑only).

---

## Switching Authentication Modes

### 1. Switch back to socket authentication (optional)

If you prefer the default Ubuntu‑style **socket auth** for root (no password when local), run:

``` 
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH auth_socket;
FLUSH PRIVILEGES;
```

After this:

``` 
mysql          # works without password (as root on the server)
mysql -p       # will fail unless you set a password again
```

Because this installer created `/root/.my.cnf`, you should **remove it** when switching back to socket auth to avoid confusing clients and tools:

``` 
rm -f /root/.my.cnf
```

Otherwise, tools that rely on `/root/.my.cnf` may try password auth while MySQL expects socket auth, leading to login errors.

### 2. Switch from socket auth back to password auth

If you later decide to restore password‑based login again:

``` 
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YourNewPasswordHere';
FLUSH PRIVILEGES;
```

Then recreate `/root/.my.cnf` if desired:

``` 
cat > /root/.my.cnf <<EOF
[client]
user=root
password=YourNewPasswordHere
EOF

chmod 400 /root/.my.cnf
```

---

## Troubleshooting

| Issue | Cause | Fix |
|---|---|---|
| Script exits: “MySQL is already running” | Existing MySQL install detected | Stop/remove old instance or migrate manually |
| `Access denied for user 'root'@'localhost'` | Wrong root password used | Restart MySQL in safe mode and reset password |
| Tools fail after switching to socket auth | `/root/.my.cnf` still present | Remove `/root/.my.cnf` or switch back to password auth |
| Cannot connect from remote host as root | Remote root login disabled | Create a dedicated admin user for remote access |

---

### More Information

More guides and documentation can be found on [wiki.x-files.dk](https://wiki.x-files.dk)

---

### License
Licensed under the [MIT License](./LICENSE).