--- - name: Python dependencies for Ansible are installed apt: name: - python-mysqldb - python-pymysql state: present tags: - mysql - name: create a password for mysqladmin command: "apg -n 1 -m 16 -M lcN" register: mysql_admin_password changed_when: False check_mode: False tags: - mysql - name: there is a mysqladmin user mysql_user: name: mysqladmin password: '{{ mysql_admin_password.stdout }}' priv: "*.*:ALL,GRANT" update_password: on_create state: present config_file: "/etc/mysql/debian.cnf" login_user: root login_unix_socket: /var/run/mysqld/mysqld.sock register: create_mysqladmin_user tags: - mysql - name: mysqladmin is the default user ini_file: dest: /root/.my.cnf mode: "0600" section: client option: '{{ item.option }}' value: '{{ item.value }}' create: yes loop: - { option: 'user', value: 'mysqladmin' } - { option: 'password', value: '{{ mysql_admin_password.stdout }}' } when: create_mysqladmin_user is changed tags: - mysql - name: create a password for debian-sys-maint command: "apg -n 1 -m 16 -M lcN" register: mysql_debian_password changed_when: False check_mode: False tags: - mysql - name: there is a debian-sys-maint user mysql_user: name: debian-sys-maint password: '{{ mysql_debian_password.stdout }}' priv: "*.*:ALL,GRANT" update_password: on_create state: present config_file: "/root/.my.cnf" register: create_debian_user tags: - mysql - name: store debian-sys-maint user credentials ini_file: dest: /etc/mysql/debian.cnf mode: "0600" section: "{{ item[0] }}" option: '{{ item[1].option }}' value: '{{ item[1].value }}' create: yes loop: "{{ _sections | product(_credentials) | list }}" vars: _sections: [ 'client', 'mysql_upgrade' ] _credentials: - { option: 'user', value: 'debian-sys-maint' } - { option: 'password', value: '{{ mysql_debian_password.stdout }}' } when: create_debian_user is changed tags: - mysql - name: root user is absent mysql_user: name: root host_all: yes config_file: "/root/.my.cnf" state: absent tags: - mysql