我已经使用 SaltStack 创建了 mysql 用户,但它不包含 SSL。
我的盐代码:
{{ pillar['mysql_user'] }}:
mysql_user.present:
- host: "{{ mysql_bind_address }}"
- password: "{{ pillar['db_password'] }}"
- connection_user: root
- connection_pass: "{{ pillar['mysql_root_password'] }}"
- connection_charset: utf8
mysql_grants.present:
- grant: TRIGGER, INSERT, UPDATE, DELETE
- database: mydatabase.*
- user: {{ pillar['mysql_user'] }}
- host: "{{ mysql_bind_address }}"
- ssl_option:
- SSL: True
它创建普通的 mysql 用户,但不需要 SSL 进行登录。
我还需要做什么吗?或者这是盐中的错误,我不能用盐来做这个?
谢谢
答案1
看起来像是盐里的虫子。
如果在用户尚不存在时以不同的顺序运行它,则REQUIRE SSL可以正确应用:
my_user@my_host:
mysql_grants.present:
- grant: USAGE
- database: '*.*'
- user: my_user
- host: my_host
- ssl_option:
- SSL: true
mysql_user.present:
- name: my_user
- host: my_host
- password: my_password
- connection_user: root
- connection_pass: my_password
- connection_host: localhost
- connection_unix_socket: /var/run/mysqld/mysqld.sock
- connection_charset: utf8