Woring :)

9 years ago · 571d321d63
3 changed files with 23 additions and 35 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,11 +1,5 @@
 ---
 - include: ubuntu.yml
-  when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '16.04'
-
- name: Add configuration
-  template: src={{ mysql_conf_tpl }} dest={{ mysql_conf_dir[ansible_distribution] }}/{{ mysql_conf_file }} owner=root group=root mode=0644
-  when: mysql_conf_tpl != 'change_me'
-  notify: restart mysql

 - name: Start and enable service
  service: name=mysql state=started enabled=yes
--- a/tasks/mysql_secure_installation.yml
+++ b/tasks/mysql_secure_installation.yml
@ -3,34 +3,35 @@
 # UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root';
 # FLUSH PRIVILEGES;

- name: Set root Password
-  mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present
-  with_items:
-    - localhost
-    - 127.0.0.1
-    - ::1

- name: Reload privilege tables
-  command: 'mysql -ne "{{ item }}"'
-  with_items:
-    - FLUSH PRIVILEGES
-  changed_when: False
+- name: Update database root password
+  mysql_user:
+    name: 'root'
+    host: 'localhost'
+    password: '{{ mysql_root_password }}'

- name: Add .my.cnf
-  template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600
+- name: Create /root/.my.cnf file with root credentials
+  template:
+    src  : 'my.cnf.j2'
+    dest : '/root/.my.cnf'
+    owner: 'root'
+    group: 'root'
+    mode : '0600'

- name: Remove anonymous users
-  command: 'mysql -ne "{{ item }}"'
-  with_items:
-    - DELETE FROM mysql.user WHERE User=''
-  changed_when: False
+- name: Delete anonymous database user
+  mysql_user:
+    user : ""
+    host : '{{ item }}'
+    state: 'absent'
+  with_items: [ '{{ ansible_hostname }}', 'localhost' ]

- name: Disallow root login remotely
+- name: Reload privilege tables
  command: 'mysql -ne "{{ item }}"'
  with_items:
-    - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
+    - FLUSH PRIVILEGES
  changed_when: False

+
 - name: Remove test database and access to it
  command: 'mysql -ne "{{ item }}"'
  with_items:
--- a/tasks/ubuntu.yml
+++ b/tasks/ubuntu.yml
@ -3,21 +3,14 @@
  apt_key:
    state    : 'present'
    keyserver: 'keyserver.ubuntu.com'
-    id       : '0xcbcb082a1bb943db'
+    id       : '0xF1656F24C74CD1D8'

 - name: Setup MariaDB Repo
  apt_repository:
    repo: 'deb [arch=amd64,i386] http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.1/ubuntu xenial main'

 - name: Install MariaDB
-  apt: name=mariadb-server state=latest update_cache=yes
-
- name: Update apt cache
-  apt: update_cache=yes
-  when: mariadb_list.changed == True or mariadb_key.changed == True
-
- name: Install MariaDB
-  apt: pkg={{ item }} state=present
+  apt: pkg={{ item }} state=present update_cache=yes
  with_items:
    - mariadb-server
    - mariadb-client