This PR addresses #22 and allows the playbook to work with a remote MySQL server (tested here with Cloud SQL).
The approach is to separate out the MySQL security tasks from the MySQL package installation task into a separate role. This allows a new playbook lemp7_cloudsql.yml to be defined which omits the MySQL package installation but still executes the security tasks against the remote instance.
A few notes:
The assumption is made that the remote MySQL has already been provisioned by some other process before running the playbook. I've tested with Cloud SQL but it should work with any remote MySQL server. I have not attempted to get it to install MySQL packages on a remote host, but that's probably possible with a little work.
Like the local MySQL installation the assumption is made that the remote server's initial root password is also empty. It would be unwise to use this to configure a instance on the public Internet. It should only be used on a private network. It wouldn't be hard to add support for a non-empty initial root password, it just wasn't a priority.
This has only been tested on Ubuntu but should work fine for Debian too. It's not tested on Red Hat/CentOS as that's not our stack. It should be easy to adapt the Reh Hat/CentOS specific tasks too though.
Local MySQL installation all works fine as before.
When touching tasks, I updated their syntax to use native YAML as the "equals" parameters was less robust.
This PR addresses #22 and allows the playbook to work with a remote MySQL server (tested here with Cloud SQL).
The approach is to separate out the MySQL security tasks from the MySQL package installation task into a separate role. This allows a new playbook lemp7_cloudsql.yml to be defined which omits the MySQL package installation but still executes the security tasks against the remote instance.
A few notes:
The assumption is made that the remote MySQL has already been provisioned by some other process before running the playbook. I've tested with Cloud SQL but it should work with any remote MySQL server. I have not attempted to get it to install MySQL packages on a remote host, but that's probably possible with a little work.
Like the local MySQL installation the assumption is made that the remote server's initial root password is also empty. It would be unwise to use this to configure a instance on the public Internet. It should only be used on a private network. It wouldn't be hard to add support for a non-empty initial root password, it just wasn't a priority.
This has only been tested on Ubuntu but should work fine for Debian too. It's not tested on Red Hat/CentOS as that's not our stack. It should be easy to adapt the Reh Hat/CentOS specific tasks too though.
Local MySQL installation all works fine as before.
When touching tasks, I updated their syntax to use native YAML as the "equals" parameters was less robust.