pbarriat
/
Brevet


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
							---
- name: "[mySQL] - Service is installed."
  ansible.builtin.package:
    name: "{{ 'default-' if ((ansible_distribution|lower) == 'debian' and nextcloud_db_backend == 'mysql') else '' }}{{ nextcloud_db_backend }}-server"
    state: present
  register: nc_mysql_db_install

- name: "[mySQL] - Check if MySQL packages were installed."
  ansible.builtin.set_fact:
    mysql_install_packages: "{{ nc_mysql_db_install is defined and nc_mysql_db_install.changed }}"

- name: "[mySQL] - Get MySQL version."
  ansible.builtin.command: 'mysql --version'
  register: mysql_cli_version
  changed_when: false
  check_mode: false

- name: "[mySQL] - Packages are installed."
  ansible.builtin.package:
    name: "{{ nc_mysql_deps }}"
    state: present
  vars:
    nc_mysql_deps:
      - "php{{ php_ver }}-mysql"
      - "python3-pymysql"

- name: "[mySQL] - Ensure MySQL is started and enabled on boot."
  ansible.builtin.service:
    name: "{{ mysql_daemon }}"
    state: started
    enabled: "{{ nextcloud_db_enabled_on_startup }}"
  register: mysql_service_configuration

- name: "[mySQL] - Get list of hosts for the root user."
  ansible.builtin.command: mysql -NBe
    "SELECT Host
    FROM mysql.user
    WHERE User = 'root'
    ORDER BY (Host='localhost') ASC"
  register: mysql_root_hosts
  changed_when: false
  check_mode: false
  when: mysql_install_packages | bool or nextcloud_mysql_root_pwd_update

# Note: We do not use mysql_user for this operation, as it doesn't always update
# the root password correctly. See: https://goo.gl/MSOejW
- name: "[mySQL] - Update MySQL root password for localhost root account (5.7.x)."
  ansible.builtin.shell: >
    mysql -u root -NBe
    'ALTER USER "root"@"{{ item }}"
    IDENTIFIED WITH mysql_native_password BY "{{ nextcloud_mysql_root_pwd }}"; FLUSH PRIVILEGES;'
  with_items: "{{ mysql_root_hosts.stdout_lines|default([]) }}"
  when: >
    ((mysql_install_packages | bool) or nextcloud_mysql_root_pwd_update)
    and ('5.7.' in mysql_cli_version.stdout or '8.0.' in mysql_cli_version.stdout)

- name: "[mySQL] - Update MySQL root password for localhost root account (< 5.7.x)."
  ansible.builtin.shell: >
    mysql -NBe
    'SET PASSWORD FOR "root"@"{{ item }}" = PASSWORD("{{ nextcloud_mysql_root_pwd }}"); FLUSH PRIVILEGES;'
  with_items: "{{ mysql_root_hosts.stdout_lines|default([]) }}"
  when: >
    ((mysql_install_packages | bool) or nextcloud_mysql_root_pwd_update)
    and ('5.7.' not in mysql_cli_version.stdout and '8.0.' not in mysql_cli_version.stdout)

- name: "[mySQL] - Copy .my.cnf file with root password credentials."
  ansible.builtin.template:
    src: "root-my.cnf.j2"
    dest: "/root/.my.cnf"
    owner: root
    group: root
    mode: 0600
  when: mysql_install_packages | bool or nextcloud_mysql_root_pwd_update

- name: "[mySQL] - Get list of hosts for the anonymous user."
  ansible.builtin.command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""'
  register: mysql_anonymous_hosts
  changed_when: false
  check_mode: false

- name: "[mySQL] - Remove anonymous MySQL users."
  mysql_user:
    name: ""
    host: "{{ item }}"
    state: absent
  with_items: "{{ mysql_anonymous_hosts.stdout_lines|default([]) }}"

- name: "[mySQL] - Remove MySQL test database."
  mysql_db:
    name: 'test'
    state: absent

- name: "[mySQL] - Set mysql config option for Nextcloud"
  ansible.builtin.copy:
    dest: /etc/mysql/conf.d/nextcloud.cnf
    src: files/mysql_nextcloud.cnf
    mode: 0600
  notify: restart mysql

- name: "[mySQL] - Add Database {{ nextcloud_db_name }}."
  mysql_db:
    name: "{{ nextcloud_db_name }}"
    login_user: root
    login_password: "{{ nextcloud_mysql_root_pwd }}"
    config_file: "{{ mysql_credential_file[(ansible_os_family|lower)] | default(omit) }}"
    state: present

- name: "[mySQL] - Configure the database user."
  mysql_user:
    name: "{{ nextcloud_db_admin }}"
    password: "{{ nextcloud_db_pwd }}"
    priv: "{{ nextcloud_db_name }}.*:ALL"
    login_user: root
    login_password: "{{ nextcloud_mysql_root_pwd }}"
    config_file: "{{ mysql_credential_file[(ansible_os_family|lower)] | default(omit) }}"
    state: present