2
0
mirror of https://github.com/frappe/bench.git synced 2024-11-12 08:16:28 +00:00
bench/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml

56 lines
1.5 KiB
YAML
Raw Normal View History

2017-08-28 09:20:50 +00:00
---
2017-09-07 03:27:58 +00:00
- debug:
msg: "{{ mysql_root_password }}"
2017-08-28 09:20:50 +00:00
2018-06-09 08:48:20 +00:00
# create root .my.cnf config file
2017-08-28 09:20:50 +00:00
- name: Add .my.cnf
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600
2018-06-09 08:48:20 +00:00
# Set root password
# UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root';
# FLUSH PRIVILEGES;
2017-09-07 03:27:58 +00:00
- name: Set root Password
2019-06-21 03:10:13 +00:00
mysql_user: login_password={{ mysql_root_password }} check_implicit_admin=yes name=root host={{ item }} password={{ mysql_root_password }} state=present
with_items:
2018-06-09 08:48:20 +00:00
- localhost
- 127.0.0.1
- ::1
2017-08-28 09:20:50 +00:00
- name: Reload privilege tables
command: 'mysql -ne "{{ item }}"'
with_items:
- FLUSH PRIVILEGES
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Remove anonymous users
command: 'mysql -ne "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Disallow root login remotely
command: 'mysql -ne "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Remove test database and access to it
command: 'mysql -ne "{{ item }}"'
with_items:
2018-06-09 08:48:20 +00:00
- DROP DATABASE IF EXISTS test
2017-08-28 09:20:50 +00:00
- DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Reload privilege tables
command: 'mysql -ne "{{ item }}"'
with_items:
- FLUSH PRIVILEGES
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined