diff --git a/manifests/init.pp b/manifests/init.pp
index 02301a9ad84852f030d3239da45e73ea6283ad95..fdcabda55bcc25229d637568bedd73878a2d89bd 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -189,36 +189,47 @@ class aim_control (
$db_name = 'homestead'
- class { 'mysql::server':
- root_password => $mysql_password,
- databases => {
- $db_name => {
- ensure => present,
- charset => 'utf8',
- },
- },
- users => {
- "${skadereg_ro_user}@%" => {
- ensure => present,
- password_hash => mysql_password($skadereg_ro_password),
- },
- },
- grants => {
- 'root@%/*.*' => {
- ensure => present,
- options => ['GRANT'],
- privileges => ['ALL'],
- table => '*.*',
- user => 'root@%',
- },
- },
- override_options => {
- mysqld => {
- 'bind-address' => '0.0.0.0',
- port => 33060,
- },
- },
+class { 'mysql::server':
+ root_password => $mysql_password,
+ override_options => {
+ 'mysqld' => {
+ 'bind-address' => '0.0.0.0',
+ 'port' => 33060,
+ }
}
+}
+
+mysql::db { $db_name:
+ user => $skadereg_ro_user,
+ password => $skadereg_ro_password,
+ host => '%',
+ charset => 'utf8',
+}
+
+mysql_user { 'root@%':
+ ensure => 'present',
+ password_hash => mysql_password($mysql_password),
+}
+
+mysql_grant { 'root@%/*.*':
+ ensure => 'present',
+ options => ['GRANT'],
+ privileges => ['ALL'],
+ table => '*.*',
+ user => 'root@%',
+}
+
+mysql_user { "${skadereg_ro_user}@%":
+ ensure => 'present',
+ password_hash => mysql_password($skadereg_ro_password),
+}
+
+mysql_grant { "${skadereg_ro_user}@%/${db_name}.*":
+ ensure => 'present',
+ privileges => ['SELECT'],
+ table => "${db_name}.*",
+ user => "${skadereg_ro_user}@%",
+}
# ['entries', 'guardian_confirmations', 'users'].each |String $table| {
# mysql_grant { "${skadereg_ro_user}@%/${db_name}.${table}":