MariaDB Configuration
The MariaDB configuration is going to closely match that of the last chapter, minus a few of the steps, so I am not going to go into too much detail.
The default variables for this part of the role in roles/stack-config/defaults/main.yml are:
mariadb:
bind: "127.0.0.1"
server_config: "/etc/my.cnf.d/mariadb-server.cnf"
username: "root"
password: "Pa55W0rd123"
hosts:
- "127.0.0.1"
- "::1"
- "{{ ansible_nodename }}"
- "localhost"
As you can see, we are now using a nested variable, and we have removed root access on the host wildcard, the %, as the first part of the task in roles/stack-config/tasks/main.yml binds MariaDB to the localhost:
- name: configure the mariadb bind address
lineinfile:
dest: "{{ mariadb.server_config }}"
regexp: "#bind-address=0.0.0.0"
line: "bind-address={{ mariadb.bind }}"
backup: "yes"
backrefs: "yes"
From there, we then start MariaDB, set the root password, configure the ~/.my.cnf file, and then remove the anonymous user and test database:
- name: start mariadb
service:
name: "mariadb"
state: "started"
enabled: "yes"
- name: change mysql root password
mysql_user:
name: "{{ mariadb.username }}"
host: "{{ item }}"
password: "{{ mariadb.password }}"
check_implicit_admin: "yes"
priv: "*.*:ALL,GRANT"
with_items: "{{ mariadb.hosts }}"
- name: set up .my.cnf file
template:
src: "my.cnf.j2"
dest: "~/.my.cnf"
- name: delete anonymous MySQL user
mysql_user:
user: ""
host: "{{ item }}"
state: "absent"
with_items: "{{ mariadb.hosts }}"
- name: remove the MySQL test database
mysql_db:
db: "test"
state: "absent"
The template used for the .my.cnf file, which can be found in roles/stack-config/templates/my.cnf.j2, now looks as follows:
# {{ ansible_managed }}
[client]
password='{{ mariadb.password }}'
This means that we will not need to pass the root username and password with each database-related task from where we copied the .my.cnf file.