Mirrors/ansible-collection-hardening
2
0
Fork 0
mirror of https://github.com/dev-sec/ansible-collection-hardening synced 2024-11-14 02:47:06 +00:00
Code Issues Projects Releases Packages Wiki Activity
ansible-collection-hardening/molecule/mysql_hardening/prepare.yml
Martin Schurz 62340c79c6 re-add mysql config directory because it is needed by some os 
Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de>
2023-12-06 16:33:31 +01:00

81 lines
3 KiB
YAML
Raw Blame History

---
- name: Wrapper playbook for kitchen testing "ansible-mysql-hardening"
hosts: all
become: true
environment:
http_proxy: "{{ lookup('env', 'http_proxy') | default(omit) }}"
https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
vars:
overwrite_global_mycnf: false
mysql_root_password: iloverandompasswordsbutthiswilldo
mysql_user_password: iloverandompasswordsbutthiswilldo
mysql_config_file: /etc/mysql/mariadb.cnf
mysql_root_password_update: true
tasks:
- name: Use Python 3 on Debian 11
ansible.builtin.set_fact:
ansible_python_interpreter: /usr/bin/python3
when:
- ansible_distribution == 'Debian'
- ansible_distribution_major_version|int >= 11
- name: Use Python 3 on Suse
ansible.builtin.set_fact:
ansible_python_interpreter: /usr/bin/python3
when:
- ansible_os_family == 'Suse'
- name: Use Python 2 on Debian 10
ansible.builtin.set_fact:
ansible_python_interpreter: /usr/bin/python
when:
- ansible_distribution == 'Debian'
- ansible_distribution_major_version|int == 10
- name: Run the equivalent of "apt-get update && apt-get upgrade"
ansible.builtin.apt:
upgrade: safe
update_cache: true
when: ansible_os_family == 'Debian'
- name: Install required python packages on Suse
ansible.builtin.command: zypper -n install python-xml python3-rpm python3-PyMySQL
changed_when: false
when: ansible_os_family == 'Suse'
- name: Create missing directory
ansible.builtin.file:
path: /etc/mysql
state: directory
mode: "0755"
- name: Determine required MySQL Python libraries (Ubuntu Focal Fossa ++)
ansible.builtin.set_fact:
mysql_python_package_debian: python3-pymysql
when:
- mysql_python_package_debian is not defined
- ansible_distribution == "Ubuntu"
- ansible_distribution_major_version|int > 19
- name: Determine required MySQL Python libraries.
ansible.builtin.set_fact:
mysql_python_package_debian: "{% if 'python3' in ansible_python_interpreter | default('') %}python3-mysqldb{% else %}python-mysqldb{% endif %}"
when:
- mysql_python_package_debian is not defined
- ansible_distribution != "Ubuntu"
- ansible_distribution_major_version|int < 20
- name: Install required MySQL Python libraries on RHEL
ansible.builtin.yum:
name: "{% if 'python3' in ansible_python_interpreter | default('') %}python36-PyMySQL{% else %}python2-PyMySQL{% endif %}"
when:
- ansible_os_family == "RedHat"
- ansible_distribution_major_version == "7"
- name: Install mysql with a generic Ansible role
ansible.builtin.include_role:
name: dev-sec.mysql
- name: Include MySQL user prepare tasks
ansible.builtin.include_tasks: prepare_tasks/mysql_users.yml
Reference in a new issue View git blame Copy permalink