Blagovest Petrov
9 years ago
commit
d95311d92d
9 changed files with 167 additions and 0 deletions
@ -0,0 +1,53 @@ |
|||||
|
# Ansible Role: MariaDB |
||||
|
|
||||
|
Installs MariaDB |
||||
|
|
||||
|
## Supported platforms |
||||
|
|
||||
|
``` |
||||
|
Ubuntu 16.04 |
||||
|
``` |
||||
|
|
||||
|
## Post install |
||||
|
|
||||
|
Run `mysql_secure_installation` |
||||
|
|
||||
|
## Requirements |
||||
|
|
||||
|
None |
||||
|
|
||||
|
## Role Variables |
||||
|
|
||||
|
MariaDB version: |
||||
|
|
||||
|
``` |
||||
|
mariadb_version: 10.1 |
||||
|
``` |
||||
|
|
||||
|
|
||||
|
### Experimental unattended mysql_secure_installation |
||||
|
|
||||
|
``` |
||||
|
ansible-playbook release.yml --extra-vars "mysql_secure_installation=true mysql_root_password=your_very_secret_password" |
||||
|
``` |
||||
|
|
||||
|
## Dependencies |
||||
|
|
||||
|
None |
||||
|
|
||||
|
## Example Playbook |
||||
|
|
||||
|
``` |
||||
|
- hosts: servers |
||||
|
roles: |
||||
|
- { role: eniac111.mariadb } |
||||
|
``` |
||||
|
|
||||
|
## License |
||||
|
|
||||
|
MIT / BSD |
||||
|
|
||||
|
## Author Information |
||||
|
|
||||
|
Created by [Blagovest Petrov](http://petrovs.info) |
||||
|
Based on the role of [Attila van der Velde](https://github.com/vdvm) |
@ -0,0 +1,3 @@ |
|||||
|
--- |
||||
|
|
||||
|
mysql_secure_installation: false |
@ -0,0 +1,3 @@ |
|||||
|
--- |
||||
|
- name: restart mysql |
||||
|
service: name=mysql state=restarted |
@ -0,0 +1,15 @@ |
|||||
|
--- |
||||
|
galaxy_info: |
||||
|
author: "Blagovest Petrov" |
||||
|
description: "Installs MariaDB" |
||||
|
company: "Veriosoft" |
||||
|
license: "license (MIT, BSD)" |
||||
|
min_ansible_version: 1.8 |
||||
|
platforms: |
||||
|
- name: Ubuntu |
||||
|
versions: |
||||
|
- xenial |
||||
|
categories: |
||||
|
- database:sql |
||||
|
|
||||
|
dependencies: [] |
@ -0,0 +1,14 @@ |
|||||
|
--- |
||||
|
- include: ubuntu.yml |
||||
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '16.04' |
||||
|
|
||||
|
- name: Add configuration |
||||
|
template: src={{ mysql_conf_tpl }} dest={{ mysql_conf_dir[ansible_distribution] }}/{{ mysql_conf_file }} owner=root group=root mode=0644 |
||||
|
when: mysql_conf_tpl != 'change_me' |
||||
|
notify: restart mysql |
||||
|
|
||||
|
- name: Start and enable service |
||||
|
service: name=mysql state=started enabled=yes |
||||
|
|
||||
|
- include: mysql_secure_installation.yml |
||||
|
when: mysql_secure_installation and mysql_root_password is defined |
@ -0,0 +1,46 @@ |
|||||
|
--- |
||||
|
# Set root password |
||||
|
# UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root'; |
||||
|
# FLUSH PRIVILEGES; |
||||
|
|
||||
|
- name: Set root Password |
||||
|
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present |
||||
|
with_items: |
||||
|
- localhost |
||||
|
- 127.0.0.1 |
||||
|
- ::1 |
||||
|
|
||||
|
- name: Reload privilege tables |
||||
|
command: 'mysql -ne "{{ item }}"' |
||||
|
with_items: |
||||
|
- FLUSH PRIVILEGES |
||||
|
changed_when: False |
||||
|
|
||||
|
- name: Add .my.cnf |
||||
|
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600 |
||||
|
|
||||
|
- name: Remove anonymous users |
||||
|
command: 'mysql -ne "{{ item }}"' |
||||
|
with_items: |
||||
|
- DELETE FROM mysql.user WHERE User='' |
||||
|
changed_when: False |
||||
|
|
||||
|
- name: Disallow root login remotely |
||||
|
command: 'mysql -ne "{{ item }}"' |
||||
|
with_items: |
||||
|
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') |
||||
|
changed_when: False |
||||
|
|
||||
|
- name: Remove test database and access to it |
||||
|
command: 'mysql -ne "{{ item }}"' |
||||
|
with_items: |
||||
|
- DROP DATABASE test |
||||
|
- DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%' |
||||
|
changed_when: False |
||||
|
ignore_errors: True |
||||
|
|
||||
|
- name: Reload privilege tables |
||||
|
command: 'mysql -ne "{{ item }}"' |
||||
|
with_items: |
||||
|
- FLUSH PRIVILEGES |
||||
|
changed_when: False |
@ -0,0 +1,27 @@ |
|||||
|
--- |
||||
|
- name: Add MariaDB Repository Key |
||||
|
apt_key: |
||||
|
state : 'present' |
||||
|
keyserver: 'keyserver.ubuntu.com' |
||||
|
id : '0xcbcb082a1bb943db' |
||||
|
|
||||
|
- name: Setup MariaDB Repo |
||||
|
apt_repository: |
||||
|
repo: 'deb [arch=amd64,i386] http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.1/ubuntu xenial main' |
||||
|
|
||||
|
- name: Install MariaDB |
||||
|
apt: name=mariadb-server state=latest update_cache=yes |
||||
|
|
||||
|
- name: Update apt cache |
||||
|
apt: update_cache=yes |
||||
|
when: mariadb_list.changed == True or mariadb_key.changed == True |
||||
|
|
||||
|
- name: Install MariaDB |
||||
|
apt: pkg={{ item }} state=present |
||||
|
with_items: |
||||
|
- mariadb-server |
||||
|
- mariadb-client |
||||
|
|
||||
|
- name: Install MySQLdb Python package for secure installations. |
||||
|
apt: pkg=python-mysqldb state=present |
||||
|
when: mysql_secure_installation and mysql_root_password is defined |
@ -0,0 +1,3 @@ |
|||||
|
[client] |
||||
|
user=root |
||||
|
password={{ mysql_root_password }} |
@ -0,0 +1,3 @@ |
|||||
|
--- |
||||
|
mysql_conf_dir: |
||||
|
"Ubuntu": /etc/mysql/conf.d |
Loading…
Reference in new issue