diff --git a/docker.yml b/docker.yml index b964839..39e68a7 100644 --- a/docker.yml +++ b/docker.yml @@ -127,6 +127,45 @@ "ip6tables": true } + - name: /home/docker/_defaults/mariadb/genrootpw + blockinfile: + path: /home/docker/_defaults/mariadb/genrootpw + create: yes + mode: 0550 + owner: root + group: docker + marker: "# {mark} ANSIBLE MANAGED BLOCK" + block: | + cd /home/docker/_defaults/mariadb + + mysqlpassword=$(pwgen -s 32 1) + + [ -f env.db ] || echo "MARIADB_ROOT_PASSWORD=!MYSQLPASSWORD! + " >envroot.db + + [ -f env.phpmyadmin ] || echo "PMA_USER=root + PMA_PASSWORD=!MYSQLPASSWORD! + " >env.rootphpmyadmin + + chmod 440 envroot.db env.rootphpmyadmin + chown root:docker envroot.db env.rootphpmyadmin + sed -i "s/\!MYSQLPASSWORD\!/$mysqlpassword/g" envroot.db env.rootphpmyadmin + + backup: yes + validate: /bin/bash -n %s + + - name: /home/docker/_defaults/mariadb/genrootpw shebang + lineinfile: + path: /home/docker/_defaults/mariadb/genrootpw + insertbefore: BOF + line: "#!/bin/bash -e" + + - name: Gen initial passwords if not exists + ansible.builtin.shell: ./genpw.sh + args: + chdir: /home/docker/_defaults/mariadb/genrootpw + creates: /home/docker/_defaults/mariadb/envroot.db + - name: mariadb env defaults blockinfile: path: /home/docker/_defaults/mariadb/mariadb.env @@ -135,7 +174,6 @@ group: root create: yes block: | - MARIADB_RANDOM_ROOT_PASSWORD=1 MARIADB_AUTO_UPGRADE=1 MARIADB_INITDB_SKIP_TZINFO=1 # from here: save memory https://techroads.org/reducing-memory-use-on-my-mariadb-mysql-wordpress-docker-stack/ @@ -172,6 +210,7 @@ #innodb_buffer_pool_size=10K #innodb_log_buffer_size=512K backup: yes + - name: /usr/local/sbin/autoupdate.d/docker.update blockinfile: path: /usr/local/sbin/autoupdate.d/docker.update @@ -277,6 +316,7 @@ done backup: yes validate: /bin/bash -n %s + - name: docker-compose command/alias for backward compatibility - now docker compose blockinfile: path: /usr/local/sbin/docker-compose