olli/debian.ansible.mariadb.server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mariadb.yml aktualisiert

Browse Source
This commit is contained in:
olli 2024-05-27 11:43:57 +02:00
parent 54d09e8cee
commit 66fc3ec4ba
1 changed files with 34 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
mariadb.yml
View File

@ -95,11 +95,11 @@
chdir: /home/docker/mariadb.{{inventory_hostname}} chdir: /home/docker/mariadb.{{inventory_hostname}}
creates: /home/docker/mariadb.{{inventory_hostname}}/ssl/client-cert.pem creates: /home/docker/mariadb.{{inventory_hostname}}/ssl/client-cert.pem
- name: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf (generate SSL-Certificate) - name: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf (use ssl in mariadb)
blockinfile: blockinfile:
path: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf path: /home/docker/mariadb.{{inventory_hostname}}/ssl.cnf
create: yes create: yes
mode: 0550 mode: 0444
owner: root owner: root
group: docker group: docker
marker: "# {mark} ANSIBLE MANAGED BLOCK" marker: "# {mark} ANSIBLE MANAGED BLOCK"
@ -111,6 +111,29 @@
ssl-key=/etc/mysql/server-key.pem ssl-key=/etc/mysql/server-key.pem
backup: yes backup: yes
- name: /home/docker/mariadb.{{inventory_hostname}}/config.user.inc.php (use ssl in phpmyadmin)
blockinfile:
path: /home/docker/mariadb.{{inventory_hostname}}/phpmyadmin-config.user.inc.php
create: yes
mode: 0444
owner: root
group: docker
marker: "# {mark} ANSIBLE MANAGED BLOCK"
block: |
// IP address / host of your instance
$cfg['Servers'][$i]['host'] = 'mariadb.{{inventory_hostname}}';
// Use SSL for connection
$cfg['Servers'][$i]['ssl'] = true;
// Client secret key
$cfg['Servers'][$i]['ssl_key'] = '/etc/phpmyadmin/client-key.pem';
// Client certificate
$cfg['Servers'][$i]['ssl_cert'] = '/etc/phpmyadmin/client-cert.pem';
// Server certification authority
$cfg['Servers'][$i]['ssl_ca'] = '/etc/phpmyadmin/ca-cert.pem';
// Disable SSL verification
//$cfg['Servers'][$i]['ssl_verify'] = false;
backup: yes
- name: /home/docker/mariadb.{{inventory_hostname}}/docker-compose.yml Container Configuration - name: /home/docker/mariadb.{{inventory_hostname}}/docker-compose.yml Container Configuration
blockinfile: blockinfile:
path: /home/docker/mariadb.{{inventory_hostname}}/docker-compose.yml path: /home/docker/mariadb.{{inventory_hostname}}/docker-compose.yml
@ -133,11 +156,11 @@
volumes: volumes:
- ./db-data:/var/lib/mysql - ./db-data:/var/lib/mysql
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- /home/docker/_defaults/mariadb/99-server.cnf:/etc/mysql/mariadb.conf.d/99-server.cnf - /home/docker/_defaults/mariadb/99-server.cnf:/etc/mysql/mariadb.conf.d/99-server.cnf:ro
- ./ssl.cnf:/etc/mysql/mariadb.conf.d/99-ssl.cnf - ./ssl.cnf:/etc/mysql/mariadb.conf.d/99-ssl.cnf:ro
- ./ssl/ca-cert.pem:/etc/mysql/ca-cert.pem - ./ssl/ca-cert.pem:/etc/mysql/ca-cert.pem:ro
- ./ssl/server-cert.pem:/etc/mysql/server-cert.pem - ./ssl/server-cert.pem:/etc/mysql/server-cert.pem:ro
- ./ssl/server-key.pem:/etc/mysql/server-key.pem - ./ssl/server-key.pem:/etc/mysql/server-key.pem:ro
env_file: env_file:
- env.db - env.db
- /home/docker/_defaults/mariadb/mariadb.env - /home/docker/_defaults/mariadb/mariadb.env
@ -153,6 +176,10 @@
- PMA_HOST=mariadb.{{inventory_hostname}} - PMA_HOST=mariadb.{{inventory_hostname}}
volumes: volumes:
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
- ./phpmyadmin-config.user.inc.php:/etc/phpmyadmin/config.user.inc.php:ro
- ./ssl/ca-cert.pem:/etc/phpmyadmin/ca-cert.pem:ro
- ./ssl/client-cert.pem:/etc/phpmyadmin/client-cert.pem:ro
- ./ssl/client-key.pem:/etc/phpmyadmin/client-key.pem:ro
networks: networks:
- mariadb.{{inventory_hostname}}--network - mariadb.{{inventory_hostname}}--network
- traefik - traefik