-
Notifications
You must be signed in to change notification settings - Fork 729
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #15 from fitz123/alt_version
alt version initial commit
- Loading branch information
Showing
9 changed files
with
111 additions
and
32 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DELETE FROM mysql.user WHERE User=''; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
--- | ||
|
||
- name: protect my.cnf | ||
file: path='{{mysql_hardening_mysql_conf}}' mode=0600 owner=root group=root | ||
|
||
- name: ensure permissions on mysql-datadir are correct | ||
file: path='{{mysql_datadir}}' state=directory owner='{{mysql_hardening_user}}' group='{{mysql_hardening_user}}' | ||
|
||
- name: check mysql configuration-directory exists and has right permissions | ||
file: path='/etc/mysql/conf.d' state=directory owner='{{mysql_hardening_user}}' group='{{mysql_hardening_group}}' mode=0470 | ||
|
||
- name: check include-dir directive is present in my.cnf | ||
lineinfile: dest='{{mysql_hardening_mysql_conf}}' line='!includedir /etc/mysql/conf.d/' insertafter='EOF' state=present backup=yes | ||
notify: restart mysql | ||
|
||
- name: apply hardening configuration | ||
template: src='hardening.cnf.j2' dest='{{mysql_hardening_hardening_conf}}' owner='{{mysql_hardening_user}}' group='{{mysql_hardening_group}}' mode=0460 | ||
notify: restart mysql |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
--- | ||
|
||
# supported for ansible ver => 2.0 | ||
#- name: Install python-mysqldb for Ansible | ||
# package: pkg=python-mysqldb state=present | ||
|
||
|
||
- name: Install MySQL-python for Ansible | ||
apt: name=python-mysqldb state=present | ||
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu' | ||
|
||
- name: Install python-mysqldb for Ansible | ||
yum: name=MySQL-python state=present | ||
when: ansible_os_family == 'RedHat' or ansible_os_family == 'Oracle Linux' | ||
|
||
- debug: msg="WARNING - you have to change default mysql_root_password" | ||
when: mysql_root_password == '-----====>SetR00tPa$$wordH3r3!!!<====-----' | ||
|
||
- name: root password is present | ||
mysql_user: name=root host={{item}} password={{mysql_root_password | mandatory}} state=present | ||
with_items: | ||
- '::1' | ||
- '127.0.0.1' | ||
- 'localhost' | ||
|
||
- name: install .my.cnf with credentials | ||
template: src=my.cnf.j2 dest={{mysql_user_home}}/.my.cnf | ||
mode=0400 | ||
tags: my_cnf | ||
|
||
- name: test database is absent | ||
mysql_db: name=test state=absent | ||
when: mysql_remove_test_database | ||
|
||
# Can use only if ansible ver => 2.1 | ||
#- name: anonymous users are absent | ||
# mysql_user: name='' state=absent host_all=yes | ||
# when: mysql_remove_anonymous_users | ||
|
||
- name: copy mysql_remove_anonymous_users | ||
copy: src='{{item}}.sql' dest='/tmp/{{item}}.sql' | ||
with_items: | ||
- mysql_remove_anonymous_users | ||
when: mysql_remove_anonymous_users | ||
changed_when: false | ||
|
||
- name: apply mysql_remove_anonymous_users | ||
mysql_db: name='mysql' state=import target='/tmp/{{item}}.sql' | ||
with_items: | ||
- mysql_remove_anonymous_users | ||
when: mysql_remove_anonymous_users | ||
changed_when: false | ||
|
||
- name: copy mysql_remove_remote_root | ||
copy: src='{{item}}.sql' dest='/tmp/{{item}}.sql' | ||
with_items: | ||
- mysql_remove_remote_root | ||
when: mysql_remove_remote_root | ||
changed_when: false | ||
|
||
- name: apply mysql_remove_remote_root | ||
mysql_db: name='mysql' state=import target='/tmp/{{item}}.sql' | ||
with_items: | ||
- mysql_remove_remote_root | ||
when: mysql_remove_remote_root | ||
changed_when: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
[client] | ||
user=root | ||
password='{{ mysql_root_password | mandatory }}' | ||
#ssl |