2
0
mirror of https://github.com/frappe/bench.git synced 2024-11-12 08:16:28 +00:00
bench/playbooks/roles/mariadb/tasks/mysql_secure_installation.yml

84 lines
2.3 KiB
YAML
Raw Normal View History

2017-08-28 09:20:50 +00:00
---
# Set root password
# UPDATE mysql.user SET Password=PASSWORD('mysecret') WHERE User='root';
# FLUSH PRIVILEGES;
2017-09-07 03:27:58 +00:00
- debug:
msg: "{{ mysql_root_password }}"
2017-08-28 09:20:50 +00:00
- name: Set root Password
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present
with_items:
- localhost
ignore_errors: yes
- name: Add .my.cnf
template: src=my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0600
2017-09-07 03:27:58 +00:00
- name: display .my.cnf
command: cat /root/.my.cnf
register: details
- debug:
msg: "{{ details.stdout_lines }}"
- name: Set root Password
mysql_user: name=root host={{ item }} password={{ mysql_root_password }} state=present
with_items:
- 127.0.0.1
- ::1
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Reload privilege tables
command: 'mysql -ne "{{ item }}"'
with_items:
- FLUSH PRIVILEGES
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Remove anonymous users
command: 'mysql -ne "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User=''
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Disallow root login remotely
command: 'mysql -ne "{{ item }}"'
with_items:
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Remove test database and access to it
command: 'mysql -ne "{{ item }}"'
with_items:
- DROP DATABASE if exists test
- DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: Reload privilege tables
command: 'mysql -ne "{{ item }}"'
with_items:
- FLUSH PRIVILEGES
changed_when: False
2017-09-18 11:14:59 +00:00
when: run_travis is not defined
2017-08-28 09:20:50 +00:00
- name: add launchagents folder mac
file: path=~/Library/LaunchAgents state=directory
when: ansible_distribution == 'MacOSX'
- name: add mysql to mac startup
file: src=/usr/local/opt/mariadb/homebrew.mxcl.mariadb.plist path=~/Library/LaunchAgents/homebrew.mxcl.mariadb.plist state=link force=yes
when: ansible_distribution == 'MacOSX'
- name: stop mysql mac
command: launchctl unload ~/Library/LaunchAgents/homebrew.mxcl.mariadb.plist
when: ansible_distribution == 'MacOSX'
- name: start mysql mac
command: launchctl load ~/Library/LaunchAgents/homebrew.mxcl.mariadb.plist
when: ansible_distribution == 'MacOSX'
2018-02-05 09:37:14 +00:00
...