From 5d444eec07895a0eab345e741e30aea33a15ccf5 Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 28 Dec 2019 13:47:17 +0100 Subject: [PATCH] Delete root password management On Buster, it uses socket auth. --- defaults/main.yml | 1 - tasks/install/mariadb/default.yml | 24 ------------------------ tasks/main.yml | 17 ----------------- tasks/secure.yml | 11 ----------- templates/root/my.cnf | 7 ------- 5 files changed, 60 deletions(-) delete mode 100644 templates/root/my.cnf diff --git a/defaults/main.yml b/defaults/main.yml index de21149..113f9b6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,7 +5,6 @@ # ------------------------------------- mariadb_origin: 'default' mariadb_use_galera: false -mariadb_root_password: null mariadb_notify_restart: true mariadb_upstream_apt_src: false mariadb_manage_logrotate: true diff --git a/tasks/install/mariadb/default.yml b/tasks/install/mariadb/default.yml index 485f8e4..993ce1c 100644 --- a/tasks/install/mariadb/default.yml +++ b/tasks/install/mariadb/default.yml @@ -1,29 +1,5 @@ --- -- name: SHELL | Get MariaDB target version - shell: "LANG=C apt-cache depends mariadb-server | awk -F '-' '/Depends/ { print $NF }'" - register: apt_mariadb_version - changed_when: false - -- block: - - - name: DEBCONF | Prepare MariaDB silent installation (root password) - debconf: - name: 'mariadb-server-{{ apt_mariadb_version.stdout }}' - question: 'mysql-server/root_password' - vtype: 'password' - value: '{{ mariadb_root_password }}' - when: not mariadb_exists.stat.exists - - - name: DEBCONF | Prepare MariaDB silent installation (root password again) - debconf: - name: 'mariadb-server-{{ apt_mariadb_version.stdout }}' - question: 'mysql-server/root_password_again' - vtype: 'password' - value: '{{ mariadb_root_password }}' - - when: not mariadb_exists.stat.exists and mariadb_root_password is string - - name: APT | Install MariaDB server apt: pkg: mariadb-server diff --git a/tasks/main.yml b/tasks/main.yml index 67ad4f8..5573da9 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,13 +1,5 @@ --- -- block: - - - name: SET_FACT | Bypass https://github.com/ansible/ansible/issues/19874 - set_fact: - ansible_distribution_release: 'buster' - - when: ansible_facts.distribution_major_version == "buster/sid" - - name: INCLUDE_VARS | Related to OS version include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml" @@ -40,15 +32,6 @@ (config.changed or extraconfig.changed) and not mariadb_galera_resetup -- name: TEMPLATE Create .my.cnf for root - template: - src: root/my.cnf - dest: /root/.my.cnf - owner: root - group: root - mode: 0600 - backup: yes - - name: INCLUDE | Galera import_tasks: galera/main.yml when: mariadb_use_galera diff --git a/tasks/secure.yml b/tasks/secure.yml index 53b8d6d..9f1b5c4 100644 --- a/tasks/secure.yml +++ b/tasks/secure.yml @@ -1,16 +1,5 @@ --- -- name: MYSQL_USER | Update mysql root password for all root accounts - mysql_user: - name: root - host: "{{ item }}" - password: "{{ mariadb_root_password }}" - loop: - - "{{ ansible_hostname }}" - - 127.0.0.1 - - ::1 - - localhost - - name: MYSQL_USER | Remove all anonymous users mysql_user: name: '' diff --git a/templates/root/my.cnf b/templates/root/my.cnf deleted file mode 100644 index 8330ef7..0000000 --- a/templates/root/my.cnf +++ /dev/null @@ -1,7 +0,0 @@ -# ------------------------------------------ -# {{ ansible_managed }} -# ------------------------------------------ - -[client] -user=root -password="{{ mariadb_root_password }}"