mirror of
https://github.com/dev-sec/ansible-collection-hardening
synced 2024-09-20 05:11:53 +00:00
40 lines
1.6 KiB
YAML
40 lines
1.6 KiB
YAML
---
|
|
- name: Wrapper playbook for kitchen testing "ansible-mysql-hardening"
|
|
hosts: all
|
|
become: true
|
|
environment:
|
|
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
|
|
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
|
|
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
|
|
tasks:
|
|
- name: Determine required MySQL Python libraries (Ubuntu Focal Fossa ++)
|
|
ansible.builtin.set_fact:
|
|
mysql_python_package_debian: python3-pymysql
|
|
when:
|
|
- mysql_python_package_debian is not defined
|
|
- ansible_distribution == "Ubuntu"
|
|
- ansible_distribution_major_version|int > 19
|
|
|
|
- name: Determine required MySQL Python libraries.
|
|
ansible.builtin.set_fact:
|
|
mysql_python_package_debian: "{% if 'python3' in ansible_python_interpreter | default('') %}python3-mysqldb{% else %}python-mysqldb{% endif %}"
|
|
when:
|
|
- mysql_python_package_debian is not defined
|
|
- ansible_distribution != "Ubuntu"
|
|
- ansible_distribution_major_version|int < 20
|
|
|
|
- name: Use Python 3 on Suse
|
|
ansible.builtin.set_fact:
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
when:
|
|
- ansible_os_family == 'Suse'
|
|
|
|
- name: Include mysql_hardening role
|
|
ansible.builtin.include_role:
|
|
name: devsec.hardening.mysql_hardening
|
|
vars:
|
|
overwrite_global_mycnf: false
|
|
mysql_root_password: iloverandompasswordsbutthiswilldo
|
|
mysql_user_password: iloverandompasswordsbutthiswilldo
|
|
mysql_config_file: /etc/mysql/mariadb.cnf
|
|
mysql_root_password_update: true
|