Set mysql root password using ansible
This is a variant of the tip provided here http://stackoverflow.com/a/16446163/12754 and earlier at https://coderwall.com/p/yez9yw
My goal was to ensure that no passwords are stored in plain text files anywhere on the server
Solution :
- name: update mysql root password for all root accounts from local servers
mysql_user: login_user=root login_password={{ current_password }} name=root host=$item password={{ new_password }} priv=*.*:ALL,GRANT
with_items:
- $ansible_hostname
- 127.0.0.1
- ::1
- localhost
And in the vars file
current_password=foobar
new_password={{ current_password }}
When not changing the mysql password run ansible playbook on command line as usual.
When changing the mysql password, add the following to the command line. Specifying it on the commandline allows the parameter set on the command line to take precedence over the one defaulted to in the vars file.
$ ansible-playbook ........ --extra-vars "new_password=buzzz"
After running the command change the vars file as follows
current_password=buzzz
new_password={{ current_password }}
Written by Dhananjay Nene
Related protips
Have a fresh tip? Share with Coderwall community!
Post
Post a tip
Best
#Ansible
Authors
Misha Behersky
78.97K
tartansandal
73.31K
Related Tags
#ansible
Sponsored by #native_company# — Learn More
#native_title#
#native_desc#