main.yml 1.78 KB
Newer Older
1
2
3
---
# file: roles/mysql/tasks/main.yml

4
- name: ensure mysql packages are installed
Robin Sonnabend's avatar
Robin Sonnabend committed
5
6
7
  apt:
    name:
      - mariadb-server
8
      - python3-mysqldb
Robin Sonnabend's avatar
Robin Sonnabend committed
9
    state: present
10
11
12
13
  tags:
    - packages
    - mysql

14
15
16
17
18
19
20
- name: ensure legacy mysql packages are installed
  apt:
    name:
      - python-mysqldb
    state: present
  when: ansible_distribution_major_version|int(default=99) < 11

21
- name: ensure mysql is started
Lars Beckers's avatar
Lars Beckers committed
22
23
24
25
  service:
    name: mysql
    state: started
    enabled: true
26
27
28
29

- name: ensure the mysql root user exists and has the correct password
  mysql_user:
    name: root
30
    password: "{{ mysql_root_password }}"
31
    login_user: root
32
    login_password: "{{ mysql_root_password }}"
33
  register: mysql_root_creation_result
Lars Beckers's avatar
Lars Beckers committed
34
35
  no_log: true
  ignore_errors: true
36
37
38
39

- name: initialize the mysql root user
  mysql_user:
    name: root
40
    password: "{{ mysql_root_password }}"
Lars Beckers's avatar
Lars Beckers committed
41
  no_log: true
42
  when: mysql_root_creation_result is failed
43
44
45
46
47
48
49
50
51
52
53
54

- name: ensure a read-only mysql user for backups exists
  mysql_user:
    name: "{{ mysql_backup_user }}"
    password: "{{ mysql_backup_password }}"
    login_user: root
    login_password: "{{ mysql_root_password }}"
    priv: "*.*:SELECT,LOCK TABLES"

- name: ensure the backup procedure can access the backup password
  template:
    src: my.cnf
Thomas Schneider's avatar
Thomas Schneider committed
55
    dest: "/root/.mysql-{{ mysql_backup_user }}.cnf"
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
    owner: root
    group: root
    mode: '0600'

- name: deploy the mysql backup script
  template:
    src: mysqlbackup.sh
    dest: /usr/local/bin/
    owner: root
    group: root
    mode: '0755'

- name: ensure we backup all the mysql databases with rsnapshot
  copy:
    src: rsnapshot.conf
    dest: /etc/rsnapshot.d/mysql.conf
    owner: root
    group: root
    mode: '0644'

76
77
78
79
- name: remove obsolete crontab
  file:
    path: /etc/cron.d/mysql-snapshot
    state: absent