majic-ansible-roles Files · roles/database/tasks/main.yml

Files @ 8d272d91d3d2

Branch filter:

Location: majic-ansible-roles/roles/database/tasks/main.yml - annotation

8d272d91d3d2 587 B text/x-yaml Show Source Show as Raw Download as Raw

branko

MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:

- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.

40689344a8f3
40689344a8f3
40689344a8f3
0ffaf31692ce
0ffaf31692ce
0ffaf31692ce
acd104ed9b5e
40689344a8f3
40689344a8f3
0ffaf31692ce
0ffaf31692ce
0ffaf31692ce
0ffaf31692ce
0ffaf31692ce
acd104ed9b5e
b668f8894d52
b668f8894d52
b668f8894d52
7387caca37f3
7387caca37f3
7387caca37f3
7387caca37f3
fcf5abdd3ad5
7387caca37f3
0ffaf31692ce

---

- name: "Create database {{ db_name }}"
  mysql_db:
    name: "{{ db_name }}"
    state: present
    login_unix_socket: "/var/run/mysqld/mysqld.sock"

- name: "Create database user {{ db_name }}"
  mysql_user:
    name: "{{ db_name }}"
    password: "{{ db_password }}"
    priv: "{{ db_name }}.*:ALL"
    state: present
    login_unix_socket: "/var/run/mysqld/mysqld.sock"

- name: Enable backup
  include: backup.yml
  when: enable_backup

- name: Explicitly run all handlers
  include: ../handlers/main.yml
  when: "run_handlers | default(False) | bool()"
  tags:
    - handlers