From c55c1f21ed2729140109960e089b161a31d596d6 Mon Sep 17 00:00:00 2001
From: Sebastian Gumprich <rndmh3ro@users.noreply.github.com>
Date: Wed, 10 Feb 2021 15:54:57 +0100
Subject: [PATCH] add restart handler variable for mysql role (#399)

* add restart handler variable for mysql role

Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>

* add prettierignore file to ignore CHANGELOG

Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>
---
 .prettierignore                         | 1 +
 roles/mysql_hardening/README.md         | 3 +++
 roles/mysql_hardening/defaults/main.yml | 2 ++
 roles/mysql_hardening/handlers/main.yml | 5 ++++-
 4 files changed, 10 insertions(+), 1 deletion(-)
 create mode 100644 .prettierignore

diff --git a/.prettierignore b/.prettierignore
new file mode 100644
index 00000000..1b763b1b
--- /dev/null
+++ b/.prettierignore
@@ -0,0 +1 @@
+CHANGELOG.md
diff --git a/roles/mysql_hardening/README.md b/roles/mysql_hardening/README.md
index 5a3c107b..40342fe2 100644
--- a/roles/mysql_hardening/README.md
+++ b/roles/mysql_hardening/README.md
@@ -75,5 +75,8 @@ This role expects an existing installation of MySQL or MariaDB. Please ensure th
 - `mysql_remove_test_database`
   - Default: true
   - Description: remove test database
+- `mysql_hardening_restart_mysql`
+  - Default: true
+  - Description: Restart mysql after running this role
 
 Further information is available at [Deutsche Telekom (German)](http://www.telekom.com/static/-/155996/7/technische-sicherheitsanforderungen-si) and [Symantec](http://www.symantec.com/connect/articles/securing-mysql-step-step)
diff --git a/roles/mysql_hardening/defaults/main.yml b/roles/mysql_hardening/defaults/main.yml
index 57ce9670..018fce67 100644
--- a/roles/mysql_hardening/defaults/main.yml
+++ b/roles/mysql_hardening/defaults/main.yml
@@ -4,6 +4,8 @@ mysql_hardening_enabled: true
 
 mysql_daemon_enabled: true
 
+mysql_hardening_restart_mysql: true
+
 # general configuration
 mysql_datadir: '/var/lib/mysql'
 mysql_hardening_mysql_hardening_conf_file: '{{mysql_hardening_mysql_confd_dir}}/hardening.cnf'
diff --git a/roles/mysql_hardening/handlers/main.yml b/roles/mysql_hardening/handlers/main.yml
index 3a31d86a..9f8b2f27 100644
--- a/roles/mysql_hardening/handlers/main.yml
+++ b/roles/mysql_hardening/handlers/main.yml
@@ -1,4 +1,7 @@
 ---
 
 - name: restart mysql
-  service: name='{{ mysql_daemon }}' state=restarted
+  service:
+    name: '{{ mysql_daemon }}'
+    state: restarted
+  when: mysql_hardening_restart_mysql | bool