diff options
Diffstat (limited to 'roles/common-SQL/tasks/main.yml')
| -rw-r--r-- | roles/common-SQL/tasks/main.yml | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/roles/common-SQL/tasks/main.yml b/roles/common-SQL/tasks/main.yml index 9064a68..73b6878 100644 --- a/roles/common-SQL/tasks/main.yml +++ b/roles/common-SQL/tasks/main.yml @@ -1,51 +1,45 @@ -# XXX If #742046 gets fixed, we should preseed mysql-server to use -# auth_socket as auth_plugin once the fix enters stable. -- name: Install MySQL +- name: Install MariaDB apt: pkg={{ item }} with_items: - # XXX: In non-interactive mode apt-get doesn't put a password on - # MySQL's root user; we fix that on the next task, but an intruder - # could exploit the race condition and for instance create dummy - # users. - - mysql-common - - mysql-server + - mariadb-common + - mariadb-server - python-mysqldb # for the 'mysql_' munin plugin - libcache-cache-perl - name: Copy MySQL's configuration copy: src=etc/mysql/my.cnf dest=/etc/mysql/my.cnf owner=root group=root mode=0644 register: r notify: - Restart MySQL # We need to restart now and load the relevant authplugin before we # connect to the database. - meta: flush_handlers # XXX Dirty fix for #742046 - name: Force root to use UNIX permissions - mysql_user2: name=root password= auth_plugin=auth_socket + mysql_user2: name=root password= auth_plugin=unix_socket soname=auth_socket.so state=present - name: Disallow anonymous and TCP/IP root login mysql_user2: name={{ item.name|default('') }} host={{ item.host }} state=absent with_items: - { host: '{{ inventory_hostname_short }}' } - { host: 'localhost' } - { host: '127.0.0.1'} - { host: '::1'} - { name: root, host: '{{ inventory_hostname_short }}' } - { name: root, host: '127.0.0.1'} - { name: root, host: '::1'} - name: Start MySQL service: name=mysql state=started - name: Install 'mysql_' Munin wildcard plugin file: src=/usr/share/munin/plugins/mysql_ |