https://www.whatan00b.com/enSat, 13 Jul 2019 04:41:02 GMThttps://getnikola.com/http://blogs.law.harvard.edu/tech/rsshttps://www.whatan00b.com/posts/mysql-secure-installation-using-ansible/Wyatt<div><p>Recently I was setting up MySQL using Ansible, and wanted to ensure the mysql_secure_installation script or an equivalent was run to get rid of the default users and db. Turned out that writing a task in Ansible wasn't all that bad using the check_implicit_admin feature of the MySQL plugins, it could even be idempotent.</p> <p> </p><div class="gist"> <script src="https://gist.github.com/127e3ae7df9a6bf951d787d6cfdd8314.js"></script> <noscript> <pre>- name: delete anonymous MySQL server user for {{ ansible_nodename }} mysql_user: login_user=root login_password='{{ mysql_root }}' check_implicit_admin=yes user="" host={{ item }} state="absent" with_items: - "" - "{{ ansible_nodename }}" - localhost - name: Change root user password on first run mysql_user: login_user=root login_password="{{ mysql_root }}" check_implicit_admin=yes name=root password={{ mysql_root }} priv=*.*:ALL,GRANT host={{ item }} with_items: - "{{ ansible_nodename }}" - 127.0.0.1 - ::1 - localhost - name: remove the MySQL test database action: mysql_db login_user=root login_password="{{ mysql_root }}" db=test state=absent</pre> </noscript> </div> </div>ansiblemysqlhttps://www.whatan00b.com/posts/mysql-secure-installation-using-ansible/Sat, 23 Jan 2016 03:56:28 GMT