I have a django project which when deployed provides mysql-nss services. This dule use database setup requires automatic deployment by any basic server user. The first part is the creation of an sql database on localhost, followed by the configuration of mysql-nss for the server.
Each client machine that wants to authentication then requires not just pointing at the new server's mysql database, but a very specific list of SQL commands which access the data. This specify leads me to believe that the server and client setups should be packaged for deployment.
Should I use JuJu charms for server/client, should I use Debian packages to set everything just so, including over-riding the mysql-nss-bg package's config files. Or should I force users to learn pupper or similar technology to manage their clients and simply just provide a template config with the required sql commands?
The least complex, most secure solution is preferable.
(I've asked more experienced people to look at this question but here's my kneejerk fast-response that might or might not be the right answer.)
Juju doesn't really do what you want here, it's the wrong tool for the job. Juju is for deploying to clouds, it's not really designed for you to be able to mess with individual client machines.
Your idea about custom .deb's seems like a better idea, however this sort of "I need these packages installed on these machines and then I want to configure them this exact way" looks more like a use case for puppet or chef.
You can install the stock mysql packages and then do all your database-y things as scripts. If you had custom mysql debs then you'd end up having to maintain these debs over time.
Given the amount of work being put into security updates and maintenance, you're probably better off using the stock packages and chef/puppeting to your needs post installation than maintaining your own custom debs. I'm not sure what your requirements are, just something to think about.