27 lines
788 B
YAML
27 lines
788 B
YAML
- hosts: localhost
|
|
tasks:
|
|
- name: Test if mysql has been secured
|
|
shell: |
|
|
test /var/lib/mysql/.secured
|
|
register: MYSQL_SECURED
|
|
- name: mysql_secure_installation
|
|
mysql_secure_installation:
|
|
login_password: ''
|
|
new_password: "{{mysql_root_password}}"
|
|
user: root
|
|
login_host: localhost
|
|
hosts: ['localhost', '127.0.0.1', '::1']
|
|
change_root_password: true
|
|
remove_anonymous_user: true
|
|
disallow_root_login_remotely: true
|
|
remove_test_db: true
|
|
when: not MYSQL_SECURED
|
|
- name: Create .secured lock file
|
|
file:
|
|
state: file
|
|
path: /var/lib/mysql/.secured
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
attr: "+i"
|
|
when: not MYSQL_SECURED
|