ansible-roles/nextcloud/tasks/mysql.yml

---
- name: Generate Mysql password
  shell: 'apg -n 1 -m 16 -M lcN'
  register: nextcloud_apg_password
  check_mode: no
  changed_when: False
  with_items: "{{ nextcloud_instances | list }}"
  tags:
    - nextcloud

- name: Set Mysql password
  set_fact:
    nextcloud_instances: "{{ nextcloud_instances | combine({ item[0]: nextcloud_instances[item[0]] | combine({ 'db_pass': item[1].stdout }) }, recursive=True) }}"
  with_together:
    - "{{ nextcloud_instances | list }}"
    - "{{ nextcloud_apg_password.results }}"
  tags:
    - nextcloud

- name: Create Mysql database
  mysql_db:
    name: "{{ item }}"
    config_file: "/root/.my.cnf"
    state: present
  with_items: "{{ nextcloud_instances | list }}"
  tags:
    - nextcloud

- name: Create Mysql user
  mysql_user:
    name: "{{ item.key }}"
    password: '{{ item.value.db_pass }}'
    priv: "{{ item.key }}.*:ALL"
    config_file: "/root/.my.cnf"
    update_password: always
    state: present
  with_dict: "{{ nextcloud_instances }}"
  tags:
    - nextcloud

- name: Store credentials in my.cnf
  ini_file:
    dest: "/home/{{ item }}/.my.cnf"
    owner: "{{ item }}"
    group: "{{ item }}"
    mode: "0600"
    section: client
    option: 'user'
    value: '{{ item }}'
  with_items: "{{ nextcloud_instances | list }}"
  tags:
    - nextcloud

- name: Store credentials in my.cnf
  ini_file:
    dest: "/home/{{ item }}/.my.cnf"
    owner: "{{ item }}"
    group: "{{ item }}"
    mode: "0600"
    section: client
    option: 'database'
    value: '{{ item }}'
  with_items: "{{ nextcloud_instances | list }}"
  tags:
    - nextcloud

- name: Store credentials in my.cnf
  ini_file:
    dest: "/home/{{ item.key }}/.my.cnf"
    owner: "{{ item.key }}"
    group: "{{ item.key }}"
    mode: "0600"
    section: client
    option: 'password'
    value: '{{ item.value.db_pass }}'
  with_dict: "{{ nextcloud_instances }}"
  tags:
    - nextcloud