2016-09-29 16:33:48 +02:00
|
|
|
---
|
|
|
|
|
2021-09-30 10:13:11 +02:00
|
|
|
- name: Python dependencies for Ansible are installed
|
2016-09-29 16:33:48 +02:00
|
|
|
apt:
|
2021-09-29 18:39:29 +02:00
|
|
|
name:
|
|
|
|
- python-mysqldb
|
|
|
|
- python-pymysql
|
2017-01-12 17:37:48 +01:00
|
|
|
state: present
|
2021-05-01 22:17:17 +02:00
|
|
|
tags:
|
|
|
|
- mysql
|
2016-09-29 16:33:48 +02:00
|
|
|
|
|
|
|
- name: create a password for mysqladmin
|
2017-08-12 18:11:13 +02:00
|
|
|
command: "apg -n 1 -m 16 -M lcN"
|
2016-09-29 16:33:48 +02:00
|
|
|
register: mysql_admin_password
|
2016-12-16 01:27:12 +01:00
|
|
|
changed_when: False
|
2018-04-13 12:07:55 +02:00
|
|
|
check_mode: False
|
2016-09-29 16:33:48 +02:00
|
|
|
tags:
|
2021-09-30 10:13:11 +02:00
|
|
|
- mysql
|
2016-09-29 16:33:48 +02:00
|
|
|
|
|
|
|
- name: there is a mysqladmin user
|
|
|
|
mysql_user:
|
|
|
|
name: mysqladmin
|
|
|
|
password: '{{ mysql_admin_password.stdout }}'
|
|
|
|
priv: "*.*:ALL,GRANT"
|
|
|
|
update_password: on_create
|
|
|
|
state: present
|
2017-06-12 15:11:05 +02:00
|
|
|
config_file: "/etc/mysql/debian.cnf"
|
2021-09-30 10:13:11 +02:00
|
|
|
login_user: root
|
|
|
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
2016-09-29 16:33:48 +02:00
|
|
|
register: create_mysqladmin_user
|
2017-01-04 18:53:37 +01:00
|
|
|
tags:
|
2021-09-30 10:13:11 +02:00
|
|
|
- mysql
|
2017-01-04 18:53:37 +01:00
|
|
|
|
2016-09-29 16:33:48 +02:00
|
|
|
- name: mysqladmin is the default user
|
|
|
|
ini_file:
|
|
|
|
dest: /root/.my.cnf
|
2017-03-23 16:59:43 +01:00
|
|
|
mode: "0600"
|
2016-09-29 16:33:48 +02:00
|
|
|
section: client
|
|
|
|
option: '{{ item.option }}'
|
|
|
|
value: '{{ item.value }}'
|
2017-06-12 15:11:05 +02:00
|
|
|
create: yes
|
2021-05-04 14:18:40 +02:00
|
|
|
loop:
|
2018-04-17 10:24:12 +02:00
|
|
|
- { option: 'user', value: 'mysqladmin' }
|
|
|
|
- { option: 'password', value: '{{ mysql_admin_password.stdout }}' }
|
2021-05-09 23:06:42 +02:00
|
|
|
when: create_mysqladmin_user is changed
|
2016-09-29 16:33:48 +02:00
|
|
|
tags:
|
2021-09-30 10:13:11 +02:00
|
|
|
- mysql
|
2017-07-12 18:03:07 +02:00
|
|
|
|
|
|
|
- name: create a password for debian-sys-maint
|
2017-08-12 18:11:13 +02:00
|
|
|
command: "apg -n 1 -m 16 -M lcN"
|
2017-07-12 18:03:07 +02:00
|
|
|
register: mysql_debian_password
|
|
|
|
changed_when: False
|
2018-04-13 12:07:55 +02:00
|
|
|
check_mode: False
|
2017-07-12 18:03:07 +02:00
|
|
|
tags:
|
2021-09-30 10:13:11 +02:00
|
|
|
- mysql
|
2017-07-12 18:03:07 +02:00
|
|
|
|
|
|
|
- name: there is a debian-sys-maint user
|
|
|
|
mysql_user:
|
|
|
|
name: debian-sys-maint
|
|
|
|
password: '{{ mysql_debian_password.stdout }}'
|
|
|
|
priv: "*.*:ALL,GRANT"
|
|
|
|
update_password: on_create
|
|
|
|
state: present
|
|
|
|
config_file: "/root/.my.cnf"
|
|
|
|
register: create_debian_user
|
|
|
|
tags:
|
2021-05-04 14:29:50 +02:00
|
|
|
- mysql
|
2017-07-12 18:03:07 +02:00
|
|
|
|
|
|
|
- name: store debian-sys-maint user credentials
|
|
|
|
ini_file:
|
|
|
|
dest: /etc/mysql/debian.cnf
|
|
|
|
mode: "0600"
|
|
|
|
section: "{{ item[0] }}"
|
|
|
|
option: '{{ item[1].option }}'
|
|
|
|
value: '{{ item[1].value }}'
|
|
|
|
create: yes
|
2021-05-04 14:29:50 +02:00
|
|
|
loop: "{{ _sections | product(_credentials) | list }}"
|
|
|
|
vars:
|
|
|
|
_sections: [ 'client', 'mysql_upgrade' ]
|
|
|
|
_credentials:
|
|
|
|
- { option: 'user', value: 'debian-sys-maint' }
|
|
|
|
- { option: 'password', value: '{{ mysql_debian_password.stdout }}' }
|
2021-05-09 23:06:42 +02:00
|
|
|
when: create_debian_user is changed
|
2017-07-12 18:03:07 +02:00
|
|
|
tags:
|
2021-05-04 14:29:50 +02:00
|
|
|
- mysql
|
2017-07-12 18:03:07 +02:00
|
|
|
|
2021-09-30 10:13:11 +02:00
|
|
|
- name: root user is absent
|
2016-09-29 16:33:48 +02:00
|
|
|
mysql_user:
|
|
|
|
name: root
|
2017-07-12 18:03:07 +02:00
|
|
|
host_all: yes
|
|
|
|
config_file: "/root/.my.cnf"
|
2016-09-29 16:33:48 +02:00
|
|
|
state: absent
|
|
|
|
tags:
|
2021-05-04 14:29:50 +02:00
|
|
|
- mysql
|