Ansible: Install MySQL

From Glitchdata
Jump to navigation Jump to search
---
- hosts: webservers
  gather_facts: yes
  vars:
    - docroot: ./ansible/files/public
    # These passwords are temporary. Update it again manually.
#    - mysql_root_pass: ''
    - mysql_root_pass: 'yyyyyy'
    - remote_password: 'xxxxxx'
  remote_user: root


  tasks:
    - name: Add group mysql
      group: name=mysql state=present
      tags:
       - groups

    - name: Add user mysql
      user: name=mysql group=mysql password={{ remote_password }}
      tags:
       - users

    - name: Installs MySQL
      apt: package={{ item }} state=installed force=yes update_cache=yes cache_valid_time=3600
      when: ansible_os_family == 'Debian'
      with_items:
       - mysql-server
       - mysql-client
       - python-mysqldb
       - php5-mysqlnd
      tags:
       - mysql

    # +++++++++++++++++++++++++++++++++++++++
    # Improve MySQL Security
    # +++++++++++++++++++++++++++++++++++++++
    - name: delete anonymous MySQL server user
      mysql_user: login_user=root
                  login_password='{{mysql_root_pass}}'
                  name=''
                  host={{ item }}
                  state=absent
      with_items:
        - localhost
        - "{{ ansible_hostname }}"
      tags:
       - secure


    - name: remove MySQL test database
      mysql_db: login_user=root
                login_password='{{mysql_root_pass}}'
                db=test
                state=absent
      tags:
       - secure

    - name: Secure root password
      mysql_user: login_user=root
                  login_password='{{mysql_root_pass}}'
                  name=root
                  password={{ mysql_root_pass }}
                  priv=*.*:ALL,GRANT
                  state=present
                  host={{item}}
      with_items:
       - "{{ ansible_hostname }}"
       - 127.0.0.1
       - ::1
       - localhost
      tags:
       - secure


#    - name: copy .my.cnf file with root password credentials
#      template: src=templates/root/.my.cnf dest=/root/.my.cnf owner=root mode=0600


    - name: Start MySQL Service
      service: name=mysql state=restart enabled=yes
      tags:
       - mysql





Links