Php Ansible mysql_用户模块不接受加密密码
在编写设置MySQL和adminer的剧本时,我在添加加密的根密码时遇到了问题 当使用纯文本密码而不包括Php Ansible mysql_用户模块不接受加密密码,php,mysql,ansible,ansible-playbook,Php,Mysql,Ansible,Ansible Playbook,在编写设置MySQL和adminer的剧本时,我在添加加密的根密码时遇到了问题 当使用纯文本密码而不包括encrypted=yes时,一切似乎都正常 我想在我的剧本中包括一个加密密码[选择密码('test')] 从下面的代码中可以看出,我已在密码字段和我的~/.my.cnf文件中添加了加密密码,并将encrypted=yes添加到播放中 但是在运行剧本之后,我得到了错误。请帮助我找出我在哪里犯了错误,或向我指出适当的文档或修复方法。我搜索了StackExchange网络,并查看了Ansible及
encrypted=yes
时,一切似乎都正常
我想在我的剧本中包括一个加密密码[选择密码('test')]
从下面的代码中可以看出,我已在密码字段和我的~/.my.cnf
文件中添加了加密密码,并将encrypted=yes
添加到播放中
但是在运行剧本之后,我得到了错误。请帮助我找出我在哪里犯了错误,或向我指出适当的文档或修复方法。我搜索了StackExchange网络,并查看了Ansible及其mysql_用户模块的官方文档,但运气不佳
系统:Debian8.1
错误消息:
msg: unsupported parameter for module: encrypted
剧本代码:
---
- hosts: Databases
remote_user: admin
sudo: yes
tasks:
#Get current hostname
- name: Getting current hostname.
raw: "hostname"
register: current_hostname
# Update all installed packages to the latest version
- name: Update all installed packages to the latest version.
apt: upgrade=dist update_cache=yes
# Installing software
- name: Installing HTTP Server.
apt: name=apache2 state=latest
- name: Installing MySQL Server.
apt: name={{ item }} state=latest
with_items:
- mysql-server
- python-mysqldb
- name: Start the MySQL service
service:
name: mysql
state: started
enabled: true
- name: update mysql root password for all root accounts
mysql_user:
name=root
host={{ item }}
password="*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29"
encrypted=yes
login_user=root
login_password=""
check_implicit_admin=yes
priv="*.*:ALL,GRANT"
with_items:
- "{{ current_hostname.stdout }}"
- 127.0.0.1
- ::1
- localhost
- name: Copy the root credentials as .my.cnf file
template: src=files/home/admin/my.cnf dest=~/.my.cnf mode=0600
- name: Installing php5
apt: name={{ item }} state=latest
with_items:
- php5
- php5-mysql
# Config adminer
- name: Making new adminer folder
file: path=/usr/share/adminer state=directory
- name: Downloading latest version of adminer
command: 'wget "http://www.adminer.org/latest.php" -O /usr/share/adminer/latest.php'
- name: Making symbolic link. latest.php --> adminer.php
file: path=/usr/share/adminer/adminer.php src=/usr/share/adminer/latest.php state=link
- name: Writing alias to apache2 adminer.conf
raw: 'echo "Alias /adminer.php /usr/share/adminer/adminer.php" | sudo tee /etc/apache2/conf-available/adminer.conf'
- name: Enabling adminer.conf in apache2
command: 'a2enconf adminer.conf'
- name: Restarting Apache2
command: '/etc/init.d/apache2 restart'
我的~/.My.conf
文件如下所示
[client]
user=root
password=*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29
-----------------最初的问题到此为止-----------------
在下面@ydaetskcoR和评论部分用户的帮助下,我发现问题出在ansible 1.7(Debian 8.1中的默认设置)没有加密模块。我能够使用命令模块解决这个问题
我的工作代码:
---
- hosts: Database
remote_user: admin
sudo: yes
tasks:
#Get current hostname
- name: Getting current hostname.
command: hostname
register: current_hostname
# Update all installed packages to the latest version
- name: Update all installed packages to the latest version.
apt: upgrade=dist update_cache=yes
# Installing software
- name: Installing HTTP Server.
apt: name=apache2 state=latest
- name: Installing MySQL Server.
apt: name={{ item }} state=latest
with_items:
- mysql-server
- python-mysqldb
- name: Start the MySQL service
service:
name: mysql
state: started
enabled: true
- name: Check if root pass is blank
shell: mysql -u root -e ";"
register: blank_root_pass
failed_when: false
- name: update mysql root password for all root accounts
shell: mysql -u root -e "SET PASSWORD FOR 'root'@'{{ item }}' = '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';"
with_items:
- "{{ current_hostname.stdout }}"
- 127.0.0.1
- ::1
- localhost
when: 'blank_root_pass.stderr==""'
- name: Installing php5
apt: name={{ item }} state=latest
with_items:
- php5
- php5-mysql
# Config adminer
- name: Making new adminer folder
file: path=/usr/share/adminer state=directory
- name: Downloading latest version of adminer
command: 'wget "http://www.adminer.org/latest.php" -O /usr/share/adminer/latest.php'
- name: Making symbolic link. latest.php --> adminer.php
file: path=/usr/share/adminer/adminer.php src=/usr/share/adminer/latest.php state=link
- name: Writing alias to apache2 adminer.conf
shell: 'echo "Alias /adminer.php /usr/share/adminer/adminer.php" | sudo tee /etc/apache2/conf-available/adminer.conf'
- name: Enabling adminer.conf in apache2
command: 'a2enconf adminer.conf'
- name: Restarting Apache2
command: '/etc/init.d/apache2 restart'
如果您看到任何危险或不合适的地方,请留下评论。请停止编辑我的呼叫以获得反馈。如前所述,Ansible 2.0中添加了对的加密选项
显然,如果您升级到Ansible 2.0,那么您现在就可以使用它了
或者,您必须通过shell模块直接添加用户
- name: check if root pass is blank
shell: mysql -uroot -e ";"
register: blank_root_pass
failed_when: false
changed_when: false
########################################################
- name: update mysql root password for all root accounts
shell: mysql -uroot -e "SET PASSWORD FOR 'root'@'{{ item }}' = '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';"
with_items:
- "{{ current_hostname.stdout }}"
- 127.0.0.1
- ::1
- localhost
#Error 1045 returned when unable to login with user/pass combo
when: 'ERROR 1045' in blank_root_pass.stderr
我还添加了一个初步检查,以确保根密码实际上为空,并将此作为第二个任务的条件。当您以root用户身份登录并更改密码时,如果不进行此检查,第二个任务将在第二次运行时失败。Ansible 2.0中添加了
encrypted
选项。我想你用ansible 1.x?在Ansible 1中,您不能使用mysql\u用户
模块进行此操作。@udondan您知道任何解决方法吗?可能是通过ansible命令或原始模块添加加密密码?是的,我想这是ansible 1、shell
或command
模块中的唯一选项。不需要raw
模块。但是我没有一个确切的解决方案,因为我已经很久没有使用MySQL了,也没有什么可以测试的。有了这个解决方案,我甚至需要担心~/.my.cnf文件吗?Debian 8.1似乎没有在该位置使用该文件。有一个/etc/mysql/my.cnf,但添加root用户和密码似乎没有任何效果。我没有一个Debian 8.1系统可以轻松检查,但除非mysql客户端包中有错误,否则如果您不提供用户名和密码,它仍然应该读取主目录中.my.cnf文件的客户端部分。显然,如果您在CLI上指定凭据,它将不会