added mysql role

6 files changed, 57 insertions, 0 deletions

diff --git a/dan/ele-media.yml b/dan/ele-media.yml
index 2d9e1f67..0232ec3a 100644
--- a/dan/ele-media.yml
+++ b/dan/ele-media.yml
@@ -7,4 +7,6 @@
   - role: zsh
   - role: admin-user
   - role: docker
+  - role: acmetool/base
+  - role: mysql
   - role: elevate/media
diff --git a/dan/host_vars/ele-media.yml b/dan/host_vars/ele-media.yml
new file mode 100644
index 00000000..1fa4fc1f
--- /dev/null
+++ b/dan/host_vars/ele-media.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.2;AES256;dan
+30663237323334376561303332396535346330303539656235633362316637313866623130663466
+3936313461393937626366353437303836316462363936390a613065613535366361306365636337
+30666263316566343766663465376339323332313031346331333035343861613431666539393062
+3366386366326466320a363364623762353634383064643036653466383639336434613135346330
+34326163366133343236313134643363366563303138363565306337303937633431633236333934
+35383337386138303464633434366164313765303466353330643036663434366466333135323865
+62613539313631363031336337393566646566386134343033633337646366663634343063353161
+35383766623965613462
diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml
index e4cdb1a8..4b509097 100644
--- a/inventory/host_vars/ele-media.yml
+++ b/inventory/host_vars/ele-media.yml
@@ -12,6 +12,8 @@ install:
   disks:
     primary: /dev/disk/by-id/ata-Samsung_SSD_840_Series_S14GNEACC92243K
 
+mysql_root_password: "{{ vault_ele_media.mysql_root_password }}"
+
 docker_lvm:
   vg: "{{ host_name }}"
   lv: docker
diff --git a/roles/mysql/defaults/main.yml b/roles/mysql/defaults/main.yml
new file mode 100644
index 00000000..737711a1
--- /dev/null
+++ b/roles/mysql/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+mysql_pkg_provider: distro
+mysql_pkg_name: mysql-server
+
+### not done yet
+# mysql_pkg_provider: percona
+# mysql_pkg_name: percona-server-server
diff --git a/roles/mysql/tasks/main.yml b/roles/mysql/tasks/main.yml
new file mode 100644
index 00000000..ecd0ef90
--- /dev/null
+++ b/roles/mysql/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+- name: prepare package provider
+  when: mysql_pkg_provider != 'distro'
+  include_tasks: "{{ mysql_pkg_provider }}.yml"
+
+- name: install mysql packages
+  apt:
+    name:
+      - "{{ mysql_pkg_name }}"
+      - python-mysqldb
+    state: present
+    force: yes
+
+- name: remove unsecure defaults
+  import_tasks: mysql-secure-installation.yml
diff --git a/roles/mysql/tasks/mysql-secure-installation.yml b/roles/mysql/tasks/mysql-secure-installation.yml
new file mode 100644
index 00000000..28674cfd
--- /dev/null
+++ b/roles/mysql/tasks/mysql-secure-installation.yml
@@ -0,0 +1,22 @@
+---
+- name: set mysql root password
+  mysql_user:
+    login_user: root
+    login_password: "{{ mysql_root_password }}"
+    user: root
+    password: "{{ mysql_root_password }}"
+    host: localhost
+
+- name: delete anonymous MySQL server user
+  mysql_user:
+    login_user: root
+    login_password: "{{ mysql_root_password }}"
+    user: ""
+    state: absent
+
+- name: remove the MySQL test database
+  mysql_db:
+    login_user: root
+    login_password: "{{ mysql_root_password }}"
+    db: test
+    state: absent