For mysql how to use a hashed password when setting up root on install ?
664 views
Skip to first unread message
Helder Oliveira
May 15, 2014, 3:43:46 PM5/15/14
to salt-...@googlegroups.com
Hi,
I'm learning Saltstack and now I've created a state, pillar, based on this https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/server.sls
I've got my root password hash (sha512, generated with python), and that's all I'd like to keep on my /srv/pillar/mysql/init.sls file!
I think at the moment is not really possible, is it ?
Thanks for looking!
>> This is what I'm doing on Ubuntu 14.04 LTS
# /srv/salt/mysql/init.sls
{% set mysql_root_password = salt['pillar.get']('mysql:server:root_password', 'root') %}
mysql:
pkg:
- installed
- name: mysql-client
mysql-debconf:
debconf.set:
- name: mysql-server
- data:
'mysql-server/root_password': {'type': 'password', 'value': '{{ mysql_root_password }}'}
'mysql-server/root_password_again': {'type': 'password', 'value': '{{ mysql_root_password }}'}
'mysql-server/start_on_boot': {'type': 'boolean', 'value': 'true'}
mysqld:
pkg:
- installed
- name: mysql-server
- require:
- debconf: mysql-debconf
service:
- running
- name: mysql
- enable: True
- watch:
- pkg: mysqld
my.cnf:
file.managed:
- name: /etc/mysql/my.cnf
- source: salt://mysql/files/my.cnf
- user: root
- group: root
- mode: 644
- template: jinja
- watch_in:
- service: mysqld
I'm learning Saltstack and now I've created a state, pillar, based on this https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/server.sls
I've got my root password hash (sha512, generated with python), and that's all I'd like to keep on my /srv/pillar/mysql/init.sls file!
I think at the moment is not really possible, is it ?
Thanks for looking!
>> This is what I'm doing on Ubuntu 14.04 LTS
# /srv/salt/mysql/init.sls
{% set mysql_root_password = salt['pillar.get']('mysql:server:root_password', 'root') %}
mysql:
pkg:
- installed
- name: mysql-client
mysql-debconf:
debconf.set:
- name: mysql-server
- data:
'mysql-server/root_password': {'type': 'password', 'value': '{{ mysql_root_password }}'}
'mysql-server/root_password_again': {'type': 'password', 'value': '{{ mysql_root_password }}'}
'mysql-server/start_on_boot': {'type': 'boolean', 'value': 'true'}
mysqld:
pkg:
- installed
- name: mysql-server
- require:
- debconf: mysql-debconf
service:
- running
- name: mysql
- enable: True
- watch:
- pkg: mysqld
my.cnf:
file.managed:
- name: /etc/mysql/my.cnf
- source: salt://mysql/files/my.cnf
- user: root
- group: root
- mode: 644
- template: jinja
- watch_in:
- service: mysqld
Colton Myers
May 19, 2014, 3:45:44 PM5/19/14
to salt-...@googlegroups.com
Sure you can just have your password hash in your pillar file.
Just put this into your init.sls file:
mysql_root_password: <hash>
Then instead of referencing it with mysql:server:root_password, you just reference it with mysq_root_password like this:
{% set mysql_root_password = salt['pillar.get']('mysql_root_password', 'root') %}
Pillar is just a dictionary that stores data. They way you store it is definitely flexible.
--
Colton Myers
--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages