Role: mariadb

ANSIBLE/group_vars/dev_roundcube/main.yml

@@ -66,4 +66,20 @@ httpd_tls_vhost_raw: |
         # X-Content-Type-Options
         # It prevents Google Chrome and Internet Explorer from trying to mime-sniff the content-type of a response away from the one being declared by the server.
         #Header set X-Content-Type-Options "nosniff"
-      </IfModule>
+      </IfModule>
+mariadb_manage: true
+mariadb_users:
+  - user: roundcube
+    password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          31383138383839383861303464383230363265323536636336306530316337333266373730643835
+          6130356163343631616663666132346633346336333538650a303932343831386132326261313433
+          61306462623666353831626136633633623331666338663239373236376464303338633364656364
+          3333653363653838300a326662626333666135366130366466633466353366666235316633383135
+          39323532623037656635356266666434333831363834646232373031336134626166666664653662
+          6266313336656565303663353436626334313865313330303538
+    priv: "'roundcubedb.*'': 'ALL,GRANT'"
+mariadb_databases: 
+  - roundcubedb
+roundcube_db_dsnw: "mysql://roundcube:{{ mariadb_users[0].password }}@localhost/roundcubedb"
+# roundcube_db_dsnw: 'mysql://roundcube:pass@localhost/roundcubemail'

ANSIBLE/inventory/telos_digital.yml

@@ -14,3 +14,11 @@ dev_roundcube:
   hosts:
     test-webmail.telos.digital:
       httpd_site_name: 'test-webmail.telos.digital'
+      mariadb_root_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          63353366356333386164316433646431393932623666353235656666363833653339616162633765
+          3738313666653431383936643035326338313935303065360a643135666638373235313532326135
+          63376637646130373863383366313538623938656531376234616234336534356539306536356363
+          3364323038316565300a646239646636386363373664323530623130663130653337363861313434
+          61643933643263633363643436366261623934346339333032663935386135313264646637306464
+          3438303435373562363163363939386565336535363165303639

ANSIBLE/roles/mariadb/defaults/main.yml

@@ -1,3 +1,5 @@
 ---
 # defaults file for roles/mariadb
-mariadb_manage: false
+mariadb_manage: false
+mariadb_users: []
+mariadb_databases: []

ANSIBLE/roles/mariadb/tasks/create_dbs.yml

@@ -0,0 +1,9 @@
+---
+- name: Try to create databases
+  community.mysql.mysql_db:
+    login_user: root
+    login_password: "{{ mariadb_root_password }}"
+    login_unix_socket: /run/mysqld/mysqld.sock
+    name: "{{ item }}"
+    state: present
+  loop: "{{ mariadb_databases }}"

ANSIBLE/roles/mariadb/tasks/install_initilise.yml

@@ -24,6 +24,9 @@
   register: mysql_root_status
   failed_when: false
   changed_when: false
+- name:  Value of mysql_root_status
+  ansible.builtin.debug:
+    msg: "{{mysql_root_status}}"
 
 - name: Set MariaDB root password if not already set
   community.mysql.mysql_user:
@@ -35,8 +38,8 @@
     state: present
   loop:
     - localhost
-    - 127.0.0.1
-    - ::1
+#    - 127.0.0.1
+#    - ::1
   when: mysql_root_status.rc != 0
 
 - name: Check MariaDB root password is set

ANSIBLE/roles/mariadb/tasks/main.yml

@@ -2,4 +2,7 @@
   ansible.builtin.include_tasks: install_initilise.yml
 - name: Mariadb db create
   when: mariadb_manage
-  ansible.builtin.include_tasks: install_initilise.yml
+  ansible.builtin.include_tasks: create_dbs.yml
+- name: Mariadb users create
+  when: mariadb_manage
+  ansible.builtin.include_tasks: create_users.yml

ANSIBLE/roles/roundcube/tasks/roundcube-config.yml

@@ -5,7 +5,7 @@
     dest: "{{ roundcube_base_dir }}/roundcubemail-{{ roundcube_version }}/config/config.inc.php"
     mode: '640'
     owner: "{{ roundcube_user }}"
-- name: Remove Roundcube Installer Dir 
+- name: Remove Roundcube Installer Dir
   ansible.builtin.file:
     dest: "{{ roundcube_base_dir }}/roundcubemail-{{ roundcube_version }}/installer/"
     state: absent