38 lines
1.4 KiB
YAML
38 lines
1.4 KiB
YAML
- hosts: localhost
|
|
tasks:
|
|
- name: Test if mysql has been secured
|
|
stat:
|
|
path: /var/lib/mysql/.secured
|
|
register: MYSQL_SECURED_RESULT
|
|
- name: Set the root password
|
|
mysql_user: login_user=root login_password="" user=root password="{{mysql_root_password}}" host="{{item}}"
|
|
with_items:
|
|
- 127.0.0.1
|
|
- ::1
|
|
- localhost
|
|
no_log: true
|
|
when: not MYSQL_SECURED_RESULT.stat.exists
|
|
- name: Delete anonymous MySQL user
|
|
mysql_user: login_user=root login_password="{{mysql_root_password}}" name="" host="{{item}}" state=absent
|
|
with_items:
|
|
- localhost
|
|
- "{{ansible_nodename}}"
|
|
no_log: true
|
|
when: not MYSQL_SECURED_RESULT.stat.exists
|
|
- name: Delete Hostname based MySQL user
|
|
mysql_user: login_user=root login_password="{{mysql_root_password}}" user=root host="{{ansible_nodename}}" state=absent
|
|
no_log: true
|
|
when: not MYSQL_SECURED_RESULT.stat.exists
|
|
- name: Remove MySQL test database
|
|
mysql_db: login_user=root login_password="{{mysql_root_password}}" name=test state=absent
|
|
no_log: true
|
|
when: not MYSQL_SECURED_RESULT.stat.exists
|
|
- name: Create .secured lock file
|
|
file:
|
|
state: touch
|
|
path: /var/lib/mysql/.secured
|
|
owner: root
|
|
group: root
|
|
mode: '0600'
|
|
attr: "+i"
|
|
when: not MYSQL_SECURED_RESULT.stat.exists
|