66 lines
1.8 KiB
YAML
66 lines
1.8 KiB
YAML
---
|
|
# 'localhost' needs to be the last item for idempotency, the mysql_user docs
|
|
- name: configure_root_access | Secure the mysql root user with a password
|
|
community.mysql.mysql_user:
|
|
name: root
|
|
host: "{{ item }}"
|
|
password: "{{ mysql_root_password }}"
|
|
login_unix_socket: "{{ mysql_socket }}"
|
|
no_log: true
|
|
when: mysql_root_password is defined
|
|
loop:
|
|
- 127.0.0.1
|
|
- ::1
|
|
- '{{ ansible_hostname }}'
|
|
- localhost
|
|
# ignore_errors: true
|
|
tags: ['mysql', 'mysql_root']
|
|
|
|
- name: configure_root_access | Secure the mysql root user when no password has been defined
|
|
community.mysql.mysql_user:
|
|
name: root
|
|
host: "{{ item }}"
|
|
password: ""
|
|
login_unix_socket: "{{ mysql_socket }}"
|
|
when: mysql_root_password is not defined
|
|
loop:
|
|
- 127.0.0.1
|
|
- ::1
|
|
- '{{ ansible_hostname }}'
|
|
- localhost
|
|
no_log: true
|
|
# ignore_errors: true
|
|
tags: ['mysql', 'mysql_root']
|
|
|
|
- name: configure_root_access | Install the .my.cnf file with root password credentials
|
|
ansible.builtin.template:
|
|
src: dot_my.cnf.j2
|
|
dest: /root/.my.cnf
|
|
owner: root
|
|
group: root
|
|
mode: "0400"
|
|
when: mysql_root_password is defined
|
|
tags: ['mysql', 'mysql_root']
|
|
|
|
- name: configure_root_access | Delete anonymous MySQL server user for the server hostname
|
|
community.mysql.mysql_user:
|
|
user: ""
|
|
host: "{{ ansible_hostname }}"
|
|
state: "absent"
|
|
login_unix_socket: "{{ mysql_socket }}"
|
|
tags: ['mysql', 'mysql_root']
|
|
|
|
- name: configure_root_access | Delete anonymous MySQL server user for localhost
|
|
community.mysql.mysql_user:
|
|
user: ""
|
|
state: "absent"
|
|
login_unix_socket: "{{ mysql_socket }}"
|
|
tags: mysql
|
|
|
|
- name: configure_root_access | Remove the MySQL test database
|
|
community.mysql.mysql_db:
|
|
db: test
|
|
state: absent
|
|
login_unix_socket: "{{ mysql_socket }}"
|
|
tags: mysql
|