Home Explore Help
Sign In
pbarriat
/
Brevet
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6c12c00fc9
Branches Tags
Brevet
/
dev
/
provisioning
/
ansible
/
roles
/
mariadb
/
tasks
/
config
/
secure.yml

secure.yml 968 B
History Raw

12345678910111213141516171819202122232425262728293031 
  1. ---
    2. 

  2. - name: Update MySQL root password for localhost root account (5.7.x).
    3. 

  3.   shell: >
    4. 

  4.     mysql -u root -NBe
    5. 

  5.     "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('{{ mysql_root_password }}'); FLUSH PRIVILEGES;"
    6. 

  6.   register: result
    7. 

  7.   ignore_errors: true
    8. 

  8. 

  9. - name: Disallow root login remotely
    10. 

  10.   command: 'mysql -NBe "{{ item }}" -p"{{ mysql_root_password }}"'
    11. 

  11.   with_items:
    12. 

  12.     - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')
    13. 

  13.   changed_when: false
    14. 

  14.   when: (disable_remote_root_login|bool) and (result is succeeded)
    15. 

  15. 

  16. - name: Remove anonymous MySQL users
    17. 

  17.   mysql_user:
    18. 

  18.     name: ''
    19. 

  19.     host_all: yes
    20. 

  20.     login_user: root
    21. 

  21.     login_password: "{{ mysql_root_password }}"
    22. 

  22.     state: absent
    23. 

  23.     login_unix_socket: "{{ mariadb_socket }}"
    24. 

  24. 

  25. - name: Remove MySQL test database
    26. 

  26.   mysql_db:
    27. 

  27.     name: test
    28. 

  28.     login_user: root
    29. 

  29.     login_password: "{{ mysql_root_password }}"
    30. 

  30.     state: absent
    31. 

  31.     login_unix_socket: "{{ mariadb_socket }}"
    32.