From ccfebca0499165887f3f2e76cd0f0a4177c2855f Mon Sep 17 00:00:00 2001 From: "flyingscorpio@clevo" Date: Sat, 12 Mar 2022 17:33:10 +0100 Subject: [PATCH] Add mariadb role for 2px --- playbook.yml | 1 + roles/common/defaults/main.yml | 17 +++---------- roles/mariadb-2px/meta/main.yml | 2 ++ roles/mariadb-2px/tasks/main.yml | 14 +++++++++++ roles/mariadb-2px/vars/main.yml | 4 +++ roles/mariadb-2px/vars/vault.yml | 7 ++++++ roles/mariadb-conf-2px/meta/main.yml | 2 -- roles/mariadb-conf-2px/tasks/main.yml | 12 --------- roles/mariadb-install/handlers/main.yml | 7 ++++++ roles/mariadb-install/tasks/main.yml | 33 +++++++++++++++++++++++-- 10 files changed, 69 insertions(+), 30 deletions(-) create mode 100644 roles/mariadb-2px/meta/main.yml create mode 100644 roles/mariadb-2px/tasks/main.yml create mode 100644 roles/mariadb-2px/vars/main.yml create mode 100644 roles/mariadb-2px/vars/vault.yml delete mode 100644 roles/mariadb-conf-2px/meta/main.yml delete mode 100644 roles/mariadb-conf-2px/tasks/main.yml create mode 100644 roles/mariadb-install/handlers/main.yml diff --git a/playbook.yml b/playbook.yml index 4927709..defacfb 100644 --- a/playbook.yml +++ b/playbook.yml @@ -3,3 +3,4 @@ roles: - role: apache-2px - role: apache-tunuifranken + - role: mariadb-2px diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml index d6373e8..cbf555f 100644 --- a/roles/common/defaults/main.yml +++ b/roles/common/defaults/main.yml @@ -1,19 +1,8 @@ --- -# 2px -2px_db_name: "deux_puissance_x" -2px_db_user: "flyingscorpio" -2px_db_password: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 66336631303666626239643339643838323463653262656463333166373231303465306238343438 - 3363646665623433393030613063306364363034666239640a653564316330303066323437393835 - 35306636663830333635653431656430653231633339633561633162333762616134613563646339 - 6631346331363334360a376264613634663065623433623532633930343336346139633931333266 - 61376538656137653730393333356535323330613132346361373465393434306361 - # gitea -gitea_db_name: "giteadb" -gitea_db_user: "gitea" -gitea_db_password: !vault | +name_gitea_db: giteadb +user_gitea_db: gitea +pass_gitea_db: !vault | $ANSIBLE_VAULT;1.1;AES256 35643364663730613834303933646532363065636366396264303730303739336462316433333564 6162363431326533653131303366653638663961663261340a313631623133663663366261366136 diff --git a/roles/mariadb-2px/meta/main.yml b/roles/mariadb-2px/meta/main.yml new file mode 100644 index 0000000..bb4692e --- /dev/null +++ b/roles/mariadb-2px/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: + - role: mariadb-install diff --git a/roles/mariadb-2px/tasks/main.yml b/roles/mariadb-2px/tasks/main.yml new file mode 100644 index 0000000..a5f2534 --- /dev/null +++ b/roles/mariadb-2px/tasks/main.yml @@ -0,0 +1,14 @@ +--- +- include_vars: vault.yml + +- name: Create 2px database + mysql_db: + name: "{{ name_2px_db }}" + state: present + +- name: Set 2px user and privileges + mysql_user: + name: "{{ user_2px_db }}" + password: "{{ pass_2px_db }}" + priv: "{{ name_2px_db }}.*:ALL" + state: present diff --git a/roles/mariadb-2px/vars/main.yml b/roles/mariadb-2px/vars/main.yml new file mode 100644 index 0000000..c1a49a6 --- /dev/null +++ b/roles/mariadb-2px/vars/main.yml @@ -0,0 +1,4 @@ +--- +name_2px_db: deux_puissance_x +user_2px_db: flyingscorpio +pass_2px_db: "{{ vault_pass_2px_db }}" diff --git a/roles/mariadb-2px/vars/vault.yml b/roles/mariadb-2px/vars/vault.yml new file mode 100644 index 0000000..ba34c04 --- /dev/null +++ b/roles/mariadb-2px/vars/vault.yml @@ -0,0 +1,7 @@ +$ANSIBLE_VAULT;1.1;AES256 +65626164393231656332333733616333366366326662623333373965303037613739396437653932 +6631336262666233313565643763633161376665613630630a396461613232333639323832656265 +65666664333133306638316630303961363962396165616263363238326238643938616333663931 +6232356464363139300a646333633265613162383462366333386332396632303933646666613161 +31633563326637616165303331623962343833336263393130356665393365663134373931613366 +3665633630376565356239376230666436333935383336353730 diff --git a/roles/mariadb-conf-2px/meta/main.yml b/roles/mariadb-conf-2px/meta/main.yml deleted file mode 100644 index 9711b33..0000000 --- a/roles/mariadb-conf-2px/meta/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -dependencies: - - role: common diff --git a/roles/mariadb-conf-2px/tasks/main.yml b/roles/mariadb-conf-2px/tasks/main.yml deleted file mode 100644 index b369547..0000000 --- a/roles/mariadb-conf-2px/tasks/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- name: "Create 2px database" - mysql_db: - name: "{{ 2px_db_name }}" - state: present - -- name: "Set 2px user and privileges" - mysql_user: - name: "{{ 2px_db_user }}" - password: "{{ 2px_db_password }}" - priv: "{{ 2px_db_name }}.*:ALL" - state: present diff --git a/roles/mariadb-install/handlers/main.yml b/roles/mariadb-install/handlers/main.yml new file mode 100644 index 0000000..28f36ad --- /dev/null +++ b/roles/mariadb-install/handlers/main.yml @@ -0,0 +1,7 @@ +--- +- name: Start mysqld service + systemd: + name: mysqld + state: started + enabled: true + scope: system diff --git a/roles/mariadb-install/tasks/main.yml b/roles/mariadb-install/tasks/main.yml index 9ff2f61..8e5da5b 100644 --- a/roles/mariadb-install/tasks/main.yml +++ b/roles/mariadb-install/tasks/main.yml @@ -1,6 +1,35 @@ --- -- name: "Install mariadb" +- name: Install mariadb + become: true apt: - name: "mariadb-server" + name: mariadb-server state: present update_cache: yes + +- name: Initialize mariadb + become: true + command: mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql + register: result + changed_when: "'table already exists!' not in result.stdout" + notify: Start mysqld service + +- name: Secure the installation + become: true + block: + - name: Set root password + mysql_user: user=root password="" host=localhost + no_log: true + - name: Remove anonymous user for ansible_fqdn + mysql_user: user="" host={{ ansible_fqdn }} state=absent + - name: Remove anonymous user for localhost + mysql_user: user="" state=absent + - name: Remove remote root access + mysql_user: user=root password="" host={{ item }} + no_log: true + with_items: + - "::1" + - "127.0.0.1" + - localhost + - name: Remove test database + mysql_db: db=test state=absent + when: "'table already exists!' not in result.stdout"