Commit b2ce138a authored by Robin Sonnabend's avatar Robin Sonnabend
Browse files

Only setup backup when rsnapshot is configured, don't use password for root auth

parent ee8cddd9
Pipeline #3257 passed with stage
in 28 seconds
......@@ -24,56 +24,41 @@
state: started
enabled: true
- name: ensure the mysql root user exists and has the correct password
mysql_user:
name: root
password: "{{ mysql_root_password }}"
login_user: root
login_password: "{{ mysql_root_password }}"
register: mysql_root_creation_result
no_log: true
ignore_errors: true
- name: setup mysql backups with rsnapshot
when: '"servers_rsnapshot" in group_names'
block:
- name: ensure a read-only mysql user for backups exists
mysql_user:
name: "{{ mysql_backup_user }}"
password: "{{ mysql_backup_password }}"
priv: "*.*:SELECT,LOCK TABLES"
no_log: true
- name: initialize the mysql root user
mysql_user:
name: root
password: "{{ mysql_root_password }}"
no_log: true
when: mysql_root_creation_result is failed
- name: ensure the backup procedure can access the backup password
template:
src: my.cnf
dest: "/root/.mysql-{{ mysql_backup_user }}.cnf"
owner: root
group: root
mode: '0600'
- name: ensure a read-only mysql user for backups exists
mysql_user:
name: "{{ mysql_backup_user }}"
password: "{{ mysql_backup_password }}"
login_user: root
login_password: "{{ mysql_root_password }}"
priv: "*.*:SELECT,LOCK TABLES"
- name: deploy the mysql backup script
template:
src: mysqlbackup.sh
dest: /usr/local/bin/
owner: root
group: root
mode: '0755'
- name: ensure the backup procedure can access the backup password
template:
src: my.cnf
dest: "/root/.mysql-{{ mysql_backup_user }}.cnf"
owner: root
group: root
mode: '0600'
- name: ensure we backup all the mysql databases with rsnapshot
copy:
src: rsnapshot.conf
dest: /etc/rsnapshot.d/mysql.conf
owner: root
group: root
mode: '0644'
- name: deploy the mysql backup script
template:
src: mysqlbackup.sh
dest: /usr/local/bin/
owner: root
group: root
mode: '0755'
- name: ensure we backup all the mysql databases with rsnapshot
copy:
src: rsnapshot.conf
dest: /etc/rsnapshot.d/mysql.conf
owner: root
group: root
mode: '0644'
- name: remove obsolete crontab
file:
path: /etc/cron.d/mysql-snapshot
state: absent
- name: remove obsolete crontab
file:
path: /etc/cron.d/mysql-snapshot
state: absent
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment