|
@ -3,34 +3,35 @@ |
|
|
# UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root'; |
|
|
# UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root'; |
|
|
# FLUSH PRIVILEGES; |
|
|
# FLUSH PRIVILEGES; |
|
|
|
|
|
|
|
|
- name: Set root Password |
|
|
|
|
|
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present |
|
|
|
|
|
with_items: |
|
|
|
|
|
- localhost |
|
|
|
|
|
- 127.0.0.1 |
|
|
|
|
|
- ::1 |
|
|
|
|
|
|
|
|
|
|
|
- name: Reload privilege tables |
|
|
- name: Update database root password |
|
|
command: 'mysql -ne "{{ item }}"' |
|
|
mysql_user: |
|
|
with_items: |
|
|
name: 'root' |
|
|
- FLUSH PRIVILEGES |
|
|
host: 'localhost' |
|
|
changed_when: False |
|
|
password: '{{ mysql_root_password }}' |
|
|
|
|
|
|
|
|
- name: Add .my.cnf |
|
|
- name: Create /root/.my.cnf file with root credentials |
|
|
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600 |
|
|
template: |
|
|
|
|
|
src : 'my.cnf.j2' |
|
|
|
|
|
dest : '/root/.my.cnf' |
|
|
|
|
|
owner: 'root' |
|
|
|
|
|
group: 'root' |
|
|
|
|
|
mode : '0600' |
|
|
|
|
|
|
|
|
- name: Remove anonymous users |
|
|
- name: Delete anonymous database user |
|
|
command: 'mysql -ne "{{ item }}"' |
|
|
mysql_user: |
|
|
with_items: |
|
|
user : "" |
|
|
- DELETE FROM mysql.user WHERE User='' |
|
|
host : '{{ item }}' |
|
|
changed_when: False |
|
|
state: 'absent' |
|
|
|
|
|
with_items: [ '{{ ansible_hostname }}', 'localhost' ] |
|
|
|
|
|
|
|
|
- name: Disallow root login remotely |
|
|
- name: Reload privilege tables |
|
|
command: 'mysql -ne "{{ item }}"' |
|
|
command: 'mysql -ne "{{ item }}"' |
|
|
with_items: |
|
|
with_items: |
|
|
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') |
|
|
- FLUSH PRIVILEGES |
|
|
changed_when: False |
|
|
changed_when: False |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- name: Remove test database and access to it |
|
|
- name: Remove test database and access to it |
|
|
command: 'mysql -ne "{{ item }}"' |
|
|
command: 'mysql -ne "{{ item }}"' |
|
|
with_items: |
|
|
with_items: |
|
|