mariadb: Add TLS support for server
This commit is contained in:
parent
606ea7285e
commit
45ed2678e7
2 changed files with 21 additions and 0 deletions
|
|
@ -34,6 +34,23 @@
|
||||||
line: datadir=/srv/mariadb
|
line: datadir=/srv/mariadb
|
||||||
notify: restart mariadb
|
notify: restart mariadb
|
||||||
|
|
||||||
|
- name: create additional config directory
|
||||||
|
file:
|
||||||
|
path: /etc/mysql
|
||||||
|
state: directory
|
||||||
|
mode: 0750
|
||||||
|
owner: root
|
||||||
|
group: mysql
|
||||||
|
|
||||||
|
- name: create tls configuration
|
||||||
|
template:
|
||||||
|
dest: /etc/my.cnf.d/tls.cnf
|
||||||
|
src: tls.cnf.j2
|
||||||
|
mode: 0644
|
||||||
|
owner: root
|
||||||
|
group: "{{ ansible_wheel }}"
|
||||||
|
notify: restart mariadb
|
||||||
|
|
||||||
- name: enable service
|
- name: enable service
|
||||||
service:
|
service:
|
||||||
name: mariadb
|
name: mariadb
|
||||||
|
|
|
||||||
4
roles/mariadb/templates/tls.cnf.j2
Normal file
4
roles/mariadb/templates/tls.cnf.j2
Normal file
|
|
@ -0,0 +1,4 @@
|
||||||
|
[mariadb]
|
||||||
|
ssl-cert = {{ tls_certs }}/{{ inventory_hostname }}.crt
|
||||||
|
ssl-key = {{ tls_private }}/{{ inventory_hostname }}.key
|
||||||
|
ssl-ca = {{ tls_certs }}/ca.crt
|
||||||
Loading…
Add table
Add a link
Reference in a new issue