From 8d5dcef84998a74bfeffa6306de8973cf431557e Mon Sep 17 00:00:00 2001 From: LinuxSquare Date: Mon, 2 Dec 2024 19:54:07 +0100 Subject: [PATCH] add gaming mysql configs & user --- mysql/files/my.cnf.j2 | 7 +++++++ mysql/init.ansible.yml | 2 ++ .../files/pterodactyl-mariadb-server.cnf.j2 | 2 ++ mysql/modes/gaming.ansible.yml | 18 ++++++++++++++++++ mysql/secure.ansible.yml | 18 ++++++++++++++---- 5 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 mysql/files/my.cnf.j2 create mode 100644 mysql/modes/files/pterodactyl-mariadb-server.cnf.j2 create mode 100644 mysql/modes/gaming.ansible.yml diff --git a/mysql/files/my.cnf.j2 b/mysql/files/my.cnf.j2 new file mode 100644 index 0000000..b332131 --- /dev/null +++ b/mysql/files/my.cnf.j2 @@ -0,0 +1,7 @@ +[client] +user=root +password={{MYSQL_ROOT_PASSWORD}} + +[mysql] +user=root +password={{MYSQL_ROOT_PASSWORD}} diff --git a/mysql/init.ansible.yml b/mysql/init.ansible.yml index 9dc5869..19763a3 100644 --- a/mysql/init.ansible.yml +++ b/mysql/init.ansible.yml @@ -2,3 +2,5 @@ - import_playbook: directory.ansible.yml - import_playbook: service.ansible.yml - import_playbook: secure.ansible.yml +- import_playbook: modes/gaming.ansible.yml + when: installation_type == 'gaming' diff --git a/mysql/modes/files/pterodactyl-mariadb-server.cnf.j2 b/mysql/modes/files/pterodactyl-mariadb-server.cnf.j2 new file mode 100644 index 0000000..874f08e --- /dev/null +++ b/mysql/modes/files/pterodactyl-mariadb-server.cnf.j2 @@ -0,0 +1,2 @@ +[mysqld] +bind-address={{IPv4}} diff --git a/mysql/modes/gaming.ansible.yml b/mysql/modes/gaming.ansible.yml new file mode 100644 index 0000000..85b67de --- /dev/null +++ b/mysql/modes/gaming.ansible.yml @@ -0,0 +1,18 @@ +- hosts: localhost + tasks: + - name: Set bind-address + template: + src: files/pterodactyl-mariadb-server.cnf.j2 + dest: /etc/my.cnf.d/pterodactyl-mariadb-server.cnf + owner: root + group: root + mode: '0644' + vars: + IPv4: "{{ansible_default_ipv4.address}}" + - name: Create pterodactyl user + mysql_user: + name: pterodactyl + password: "{{mysql_root_password}}" + host: "{{ansible_default_ipv4.address}}" + priv: '*.*:ALL,GRANT' + state: present diff --git a/mysql/secure.ansible.yml b/mysql/secure.ansible.yml index 7a2ce51..112b73d 100644 --- a/mysql/secure.ansible.yml +++ b/mysql/secure.ansible.yml @@ -5,26 +5,36 @@ path: /var/lib/mysql/.secured register: MYSQL_SECURED_RESULT - name: Set the root password - mysql_user: login_user=root login_password="" user=root password="{{mysql_root_password}}" host="{{item}}" + mysql_user: user=root password="{{mysql_root_password}}" host="{{item}}" with_items: - 127.0.0.1 - ::1 - localhost no_log: true when: not MYSQL_SECURED_RESULT.stat.exists + - name: Set root my.cnf + template: + src: files/my.cnf.j2 + dest: /root/.my.cnf + owner: root + group: root + mode: '0644' + vars: + MYSQL_ROOT_PASSWORD: "{{mysql_root_password}}" + no_log: true - name: Delete anonymous MySQL user - mysql_user: login_user=root login_password="{{mysql_root_password}}" name="" host="{{item}}" state=absent + mysql_user: name="" host="{{item}}" state=absent with_items: - localhost - "{{ansible_nodename}}" no_log: true when: not MYSQL_SECURED_RESULT.stat.exists - name: Delete Hostname based MySQL user - mysql_user: login_user=root login_password="{{mysql_root_password}}" user=root host="{{ansible_nodename}}" state=absent + mysql_user: user=root host="{{ansible_nodename}}" state=absent no_log: true when: not MYSQL_SECURED_RESULT.stat.exists - name: Remove MySQL test database - mysql_db: login_user=root login_password="{{mysql_root_password}}" name=test state=absent + mysql_db: name=test state=absent no_log: true when: not MYSQL_SECURED_RESULT.stat.exists - name: Create .secured lock file