Changes between Version 17 and Version 18 of Csle2022/Agenda/Ansible

Timestamp:

Nov 21, 2022, 4:12:44 AM (2 years ago)

Author:

dushmantha

Comment:

--

Csle2022/Agenda/Ansible

@@ -205 +205 @@
 
 {{{
-- name: setup mysql 
+- name: setup mysql
+  hosts: all
   become: yes
-  hosts: Dbservers
+  gather_facts: false
   vars:
-    - user: test
-    - password: M@#567uers
-    - db: testdb
+    root_password: Redact#12
+    db_name: new
+    user_name: newuser
+    user_password: Redact#13
   tasks:
-    - name: installing mysql and dependencies
-      package:
-       name: "{{item}}"
-       state: present
-       update_cache: yes
-     loop:
-       - mysql-server
-       - mysql-client 
-       - python3-mysqldb
-       - libmysqlclient-dev
-     become: yes
-    - name: start and enable mysql service
-      service:
-        name: mysql
-        state: started
-        enabled: yes
-    - name: creating mysql user 
+    - name: Update
+      shell:  apt update
+
+    - name: install python, pip etc
+      shell: apt-get -y install "{{ item }}"
+      with_items:
+        - pip
+        - python3-dev
+        - default-libmysqlclient-dev
+        - build-essential
+
+    - name: Install MySQL server
+      shell: apt-get -y install mysql-server
+
+    - name: Install MySQL client
+      shell: apt-get -y install mysql-client
+
+    - name: pip install mysqlclient
+      shell: pip install mysqlclient
+
+    - name: Start the MySQL service
+      action: service name=mysql state=started
+
+    - name: copy .my.cnf file with root password credentials
+      template: src=/home/docker/my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600
+
+    - name: update mysql root password for all root accounts
       mysql_user:
-        name: "{{user}}"
-        password: "{{password}}"
-        priv: '*.*:ALL'
-        host: '%'
-        state: present
-    - name: creating db
-      mysql_db:
-        name: "{{db}}"
-        state: present
-  handlers:
-    - name: restart mysql
-      service:
-        name: mysql
-        state: restarted
-}}}
+        name: root
+        host: localhost
+        password: "{{ root_password }}"
+
+    - name: Create database
+      shell: mysql -u root -p{{ root_password }} -e 'CREATE DATABASE IF NOT EXISTS {{ db_name }};'
+
+    - name: Create user
+      shell: mysql -u root -p{{ root_password }} -e "CREATE USER '{{ user_name }}'@'%' IDENTIFIED BY '{{ user_password }}';"
+
+    - name: Grant permissions
+      shell: mysql -u root -p{{ root_password }} -e "GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,CREATE TEMPORARY TABLES,DROP,INDEX,ALTER ON {{ db_name }}.* TO '{{ user_name }}'@'%';"
+
+    - name: Reload privileges
+      shell: mysql -u root -p{{ root_password }} -e "FLUSH PRIVILEGES;"
+
+}}}
+
+Create template
+
+
+{{{
+nano my.cnf.j2.yml
+}}}
+
+
+{{{
+[client]
+user=root
+password={{ root_password }}
+}}}
+
+
 
 '''Run the Playbook - In control node - As root'''
 
 {{{
-ansible-playbook <playbook name>.yml -e
-}}}
+ansible-playbook --ask-become-pass -i inventory <playbook name>.yml 
+}}}
+
+Give the managed VM password (only one password as the VMs have the same password) when prompted. 
 
 '''Verify results - In managed nodes'''