diff --git a/salt/modules/_modules/mysql.py b/salt/modules/_modules/mysql.py
new file mode 100644
index 0000000..678b63b
--- /dev/null
+++ b/salt/modules/_modules/mysql.py
@@ -0,0 +1,75 @@
+"""
+mysql execution module
+"""
+
+import salt
+import subprocess
+import logging
+
+LOG = logging.getLogger(__name__)
+
+__virtualname__ = "mysql"
+
+def __virtual__():
+    """
+    only load module if mysql client is installed
+    """
+    if salt.utils.path.which("mysql") is None:
+        return (False, "mysql isn't installed on this minion")
+    elif salt.utils.path.which("mysqladmin") is None:
+        return (False, "mysqladmin isn't installed on this minion")
+    else:
+        return __virtualname__
+
+def _execute(cmd):
+    """
+    executes the cmd and returns a salt ret dictionary
+    """
+    ret = {}
+    LOG.debug(f"Executing: {cmd}")
+    process = subprocess.Popen(cmd.split(), stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    stdout, stderr = process.communicate()
+    if stdout:
+        ret["out"] = stdout
+    if stderr:
+        ret["err"] = stderr
+    LOG.debug(f"Exit code: { process.returncode }")
+    if process.returncode == 0:
+        ret["result"] = True
+    else:
+        ret["result"] = False
+    return ret
+
+def check_credentials(username, password, host="127.0.0.1", port="3306"):
+    """
+    Check if able to login with credentials
+
+    :param str username: The username to check
+    
+    :param str password: The password for username
+
+    :param str host: Optional, the IP or fqdn to the server (default: 127.0.0.1)
+
+    :param str port: Optional, port the mysql is listening on (default: 3306)
+
+    CLI Example:
+
+        salt '*' mysql.check_credentials root secret
+    """
+    cmd = f"mysql --host={host} --port={port} --user={username} --password={password} --execute=;"
+    return _execute(cmd)["result"]
+
+
+def set_root_password(password):
+    """
+    Set the mysql/mariadb root password
+
+    :param str password: The password to set
+
+    CLI Example:
+    
+        salt '*' mysql.set_root_password secret
+    """
+    cmd = f"mysqladmin password {password}"
+    return _execute(cmd)
+
diff --git a/salt/modules/_states/mysql.py b/salt/modules/_states/mysql.py
new file mode 100644
index 0000000..14872a8
--- /dev/null
+++ b/salt/modules/_states/mysql.py
@@ -0,0 +1,29 @@
+import salt.exceptions
+
+def root_password(name):
+    """
+    Set the mysql/mariadb root password
+
+    password
+        the password to user for root
+    """
+    ret = {
+            "name": "root password",
+            "changes": {},
+            "result": False,
+            "comment": ""
+        }
+
+    if __salt__["mysql.check_credentials"]("root", name):
+        ret["comment"]="Password is in correct state"
+        ret["result"] = True
+        return ret
+
+    result = __salt__["mysql.set_root_password"](name)
+    if not result["result"]:
+        ret["comment"] = result["err"]
+        return ret
+
+    ret["changes"].update({"root password": {"old": "######", "new": "******"}})
+    ret["result"]=True
+    return ret
diff --git a/salt/pillars/mariadb.sls b/salt/pillars/mariadb.sls
new file mode 100644
index 0000000..f92aa4a
--- /dev/null
+++ b/salt/pillars/mariadb.sls
@@ -0,0 +1,2 @@
+mariadb:
+  root_password: linux
diff --git a/salt/pillars/top.sls b/salt/pillars/top.sls
index f2e3e36..5766e20 100644
--- a/salt/pillars/top.sls
+++ b/salt/pillars/top.sls
@@ -2,6 +2,7 @@ base:
   '*':
     - network
     - chrony
+    - mariadb
 {% if salt['file.file_exists']('local.sls') %}
     - local
 {% endif %}
diff --git a/salt/states/mariadb/init.sls b/salt/states/mariadb/init.sls
new file mode 100644
index 0000000..b25d147
--- /dev/null
+++ b/salt/states/mariadb/init.sls
@@ -0,0 +1,12 @@
+Install mariadb:
+  pkg.installed:
+    - name: mariadb
+
+Start mariadb:
+  service.running:
+    - name: mariadb
+    - enable: True
+
+Check Root password:
+  mysql.root_password:
+    - name: {{ pillar['mariadb']['root_password'] }}
diff --git a/salt/states/nginx/init.sls b/salt/states/nginx/init.sls
new file mode 100644
index 0000000..d3dda5a
--- /dev/null
+++ b/salt/states/nginx/init.sls
@@ -0,0 +1,10 @@
+Install nginx:
+  pkg.installed:
+    - name: nginx
+
+
+
+Start nginx:
+  service.running:
+    - name: nginx
+      enable: True
diff --git a/salt/states/top.sls b/salt/states/top.sls
index 993a23e..6a14fb5 100644
--- a/salt/states/top.sls
+++ b/salt/states/top.sls
@@ -5,3 +5,4 @@ base:
     - chrony
     - atftp
     - dnsmasq
+    - nginx