Merge pull request #104 from CVL-GitHub/hpcidbranch3

Hpcidbranch3

roles/etcHosts/tasks/main.yml

@@ -12,6 +12,7 @@
   shell: source /root/.bash_profile; /tmp/makehosts.py /tmp/groups {{ domain }}
   delegate_to: 127.0.0.1
   run_once: True
+  sudo: true
   register: hosts_data
                
 - name: write hosts file
@@ -22,3 +23,22 @@
     state: present
   sudo: true
   with_items: hosts_data.stdout_lines
+
+- name: set hostname by sysctl
+  shell: sysctl kernel.hostname="{{ ansible_hostname }}"
+  sudo: true
+
+- name: set domainname by sysctl
+  shell: sysctl kernel.domainname="{{ domain }}"
+  sudo: true
+
+- name: set /etc/sysconfig/network on CentOS 6
+  lineinfile: dest=/etc/sysconfig/network line='HOSTNAME={{ ansible_hostname }}' regexp='^HOSTNAME'
+  sudo: true
+  when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "6"  
+
+- name: set /etc/sysctl.conf on Debian 8
+  lineinfile: dest=/etc/sysctl.conf line='kernel.domainname = {{ domain }}' regexp='^#kernel.domainname'
+  sudo: true
+  when: ansible_distribution == "Debian" and ansible_distribution_major_version == "8"
+

roles/extra_rpms/vars/main.yml

@@ -16,6 +16,7 @@ pkgs:
  - enchant
  - eog
  - evince
+ - finger
  - fftw
  - file-roller
  - firefox
@@ -174,6 +175,7 @@ pkgs:
  - python-babel
  - python-dateutil
  - python-devel
+ - python-ldap
  - python-matplotlib
  - python-nose
  - python-paramiko
@@ -205,6 +207,10 @@ pkgs:
  - unzip
  - util-linux-ng
  - uuid
+ - vim-X11
+ - vim-common 
+ - vim-enhanced
+ - vim-minimal
  - wacomexpresskeys
  - wdaemon
  - wxBase

roles/karaage3.1.17/handlers/main.yml

+---
+- name: restart apache2 
+  service: name=apache2 state=restarted
+  sudo: true

roles/karaage3.1.17/tasks/apacheDebian.yml

@@ -5,6 +5,7 @@
  with_items:
   - apache2
   - apache2-dev
+ sudo: true
 -
  name: "Setting default site"
  lineinfile: dest=/etc/apache2/sites-available/000-default.conf regexp="#ServerName" line="ServerName {{ ansible_nodename }}" backrefs=yes
@@ -15,14 +16,31 @@
   - { regexp : "^\\s+SSLCertificateFile", line : "		SSLCertificateFile {{ x509_cert_file }}" }
   - { regexp : "SSLCertificateKeyFile", line : "		SSLCertificateKeyFile {{ x509_key_file }}" }
   - { regexp : "SSLCACertificateFile", line : "		SSLCACertificateFile {{ x509_cacert_file }}" }
+-
+ name: "Templating default-ssl site"
+ template: src=default-ssl.j2 dest=/etc/apache2/sites-available/default-ssl.conf owner=www-data group=www-data
+ sudo: true
+-
+ name: "Templating default site"
+ template: src=default.j2 dest=/etc/apache2/sites-available/000-default.conf owner=www-data group=www-data
+ sudo: true
+-
+ name: "Templating ssl configuration"
+ template: src=ssl.conf.j2 dest=/etc/apache2/mods-available/ssl.conf owner=www-data group=www-data
+ sudo: true
+ notify: restart apache2
 -
  name: "Enable ssl module"
  apache2_module: state=present name=ssl
+ sudo: true
 
 -
  name: "Enable default-ssl site"
  shell: a2ensite default-ssl
+ sudo: true
 
 -
- name: "Restarting Apache2"
- service: name=apache2 state=restarted
+ name: "Starting Apache2"
+ service: name=apache2 state=started
+ sudo: true
+

roles/karaage3.1.17/tasks/apacheRedHat.yml

@@ -2,6 +2,7 @@
 
 -
  name: "Installing Apache"
+ sudo: true
  yum: name={{ item }} state=latest
  with_items:
   - mod_ssl
@@ -11,9 +12,11 @@
   - httpd-devel
 -
  name: Setting httpd.conf
+ sudo: true
  replace: dest=/etc/httpd/conf/httpd.conf regexp="^#ServerName www.example.com:80" replace="ServerName {{ ansible_fqdn }}"
 -
  name: Setting ssl.conf
+ sudo: true
  lineinfile: dest=/etc/httpd/conf.d/ssl.conf regexp="{{ item.regexp }}" line="{{ item.line }}" backrefs=yes
  with_items:
   - { regexp : "^SSLCertificateFile", line : "SSLCertificateFile {{ x509_cert_file }}" }
@@ -21,7 +24,9 @@
   - { regexp : "SSLCACertificateFile", line : "SSLCACertificateFile {{ x509_cacert_file }}" }
 -
  name: Templating wsgi.conf
+ sudo: true
  template: src=wsgi.conf.j2 dest=/etc/httpd/conf.d/wsgi.conf owner=root group=root
 -
  name: Restarting Apache
+ sudo: true
  service: name=httpd state=restarted

roles/karaage3.1.17/tasks/karaage.yml

@@ -2,6 +2,7 @@
 -
  name: "Installing prerequisites Debian"
  apt: name={{ item }} update_cache=yes
+ sudo: true
  with_items:
   - libxml2-dev
   - libxslt1-dev
@@ -11,10 +12,12 @@
   - ldap-utils
   - python-cracklib
   - git
+  - apache2-dev
  when: ansible_os_family == "Debian"
 -
  name: "Installing prerequisites Redhat"
  yum: name={{ item }} state=latest
+ sudo: true
  with_items:
   - libxml2-devel
   - libxslt-devel
@@ -35,12 +38,21 @@
  name: Install the latest pip
  shell: easy_install pip
  when: ansible_os_family == "RedHat"
+
 -
  name: "Getting Karaage from Github"
- git: repo="https://github.com/monash-merc/karaage.git" dest="/root/karaage3.1.7"
+ git: repo="https://github.com/monash-merc/karaage.git" dest="/root/karaage3.1.7" force=yes
+ sudo: true
+
+-
+ name: "Create log directory, start aoacge will have errors without it"
+ file: dest=/etc/apache2/logs state=directory
+ sudo: true
+
 -
  name: "Installing Karaage Dependencies"
  pip: name={{ item }}
+ sudo: true
  with_items:
   - six
   - MySQL-python
@@ -51,6 +63,7 @@
   - mod_wsgi
 -
  name: "Restrict Django version to 1.7.8"
+ sudo: true
  replace: dest=/root/karaage3.1.7/setup.py regexp="Django >= 1.7" replace="Django == 1.7.8"
 -
  name: "Installing Karaage from source"
@@ -58,9 +71,11 @@
  args:
   chdir: /root/karaage3.1.7
   creates: /root/karaage3.1.7/build/bdist.linux-x86_64
+ sudo: true
 -
  name: "Templating Karaage settings"
  template: src=settings.py.j2 dest=/etc/karaage3/settings.py owner=root group={{ apache_user }} mode=0640
+ sudo: true
 -
  name: "Creating karaage3 in /var directories log, lib "
  file: path={{ item }} state=directory owner=root group={{ apache_user }} mode=0775
@@ -68,12 +83,15 @@
   - /var/log/karaage3
   - /var/lib/karaage3
   - /var/cache/karaage3
+ sudo: true
 -
  name: "Change permissions for /var/www"
  file: path=/var/www state=directory owner=root group={{ apache_user }} mode=0775
+ sudo: true
 -
  name: "enabling Karaage configuration"
  shell: a2enconf karaage3-wsgi
+ sudo: true
  when: ansible_os_family == "Debian"
 -
  name: "enabling Karaage configuration"
@@ -86,6 +104,7 @@
   - python-kgusage
   - karaage-cluster-tools
   - karaage3-celery
+ sudo: true
  when: ansible_os_family == "Debian"
 -
  name: Downloading other packages RedHat
@@ -97,12 +116,14 @@
   - { repo : 'https://github.com/Karaage-Cluster/karaage-usage.git', dest : '/root/karaage-usage' }
   - { repo : 'https://github.com/Karaage-Cluster/karaage-applications.git', dest : '/root/karaage-applications' }
   - { repo : 'https://github.com/Karaage-Cluster/karaage-cluster-tools.git', dest : '/root/karaage-cluster-tools' }
+ sudo: true
  when: ansible_os_family == "RedHat"
 - 
   args: 
     chdir: "/root/{{ item }}"
     creates: "/root/{{ item }}/build/bdist.linux-x86_64"
   name: "Installing other packages RedHat"
+  sudo: true
   shell: "env python setup.py install"
   when: ansible_os_family == "RedHat"
   with_items: 
@@ -115,19 +136,45 @@
 -
  name: "Set Secret Key"
  lineinfile: dest=/etc/karaage3/settings.py regexp="SECRET_KEY = ''" line="SECRET_KEY = 'imkaraage'" state=present
+ sudo: true
+
+-
+ # TODO: Fix it
+ name: "Check DB tables has been created or not"
+ shell: ls /root/.karaage_db_init
+ ignore_errors: true
+ sudo: true
+ register: karaage_db_init
+
+-
+ name: "Enable wsgi config"
+ file: src=/etc/apache2/mods-available/wsgi.conf path=/etc/apache2/mods-enabled/wsgi.conf state=link 
+ sudo: true
+
+-
+ name: "Enable wsgi load"
+ file: src=/etc/apache2/mods-available/wsgi.load path=/etc/apache2/mods-enabled/wsgi.load state=link 
+ sudo: true
+
 -
  name: " Create DB tables"
- shell: kg-manage migrate 
+ shell: kg-manage migrate && touch /root/.karaage_db_init 
+ sudo: true
+ when: karaage_db_init is not defined
+
 -
  name: "Restarting Celery"
  service: name=karaage3-celery state=restarted
+ sudo: true
  when: ansible_os_family == "Debian"
 -
  name: "Reloading apache"
  service: name=apache2 state=reloaded
+ sudo: true
  when: ansible_os_family == "Debian"
 
 -
  name: "Reloading apache"
  service: name=httpd state=reloaded
+ sudo: true
  when: ansible_os_family == "RedHat"

roles/karaage3.1.17/tasks/main.yml

@@ -5,5 +5,4 @@
    when: ansible_os_family == "Debian"
  - include: apacheRedHat.yml
    when: ansible_os_family == 'RedHat'
- - include: mysql.yml
  - include: karaage.yml

roles/karaage3.1.17/tasks/mysql.yml

----
-- 
- name: "Installing MySQL Debian"
- apt: name="{{ item }}" update_cache=yes cache_valid_time=3600 state=present
- with_items:
-  - python
-  - python-dev
-  - libmysqlclient-dev
-  - python-pip
-  - libapache2-mod-wsgi
-  - python-mysql.connector
-  - mysql-server
-  - python-mysqldb
- when: ansible_os_family == "Debian"
--
- name: Installing MySQL RedHat
- yum: name="{{ item }}" state=latest
- with_items:
-  - python
-  - python-devel
-  - mysql-devel
-  - mysql-libs
-  - MySQL-python
-  - mysql-server
- when: ansible_os_family == "RedHat"
-- 
- name: "Starting MySQL"
- service: name=mysql state=started enabled=true
- when: ansible_os_family == "Debian"
-
-- 
- name: "Starting MySQL"
- service: name=mysqld state=started enabled=true
- when: ansible_os_family == "RedHat"
--
- name: "Templating karaage.cnf"
- template: src="karaage.cnf.j2" dest=/etc/mysql/conf.d/karaage.cnf owner=root group=root
- when: ansible_os_family == "Debian"
-
--
- name: "Adding root"
- sudo: true
- mysql_user: name=root host="{{ item }}" password="{{ mysql_root_password }}" login_user=root login_password="{{ mysql_root_password }}" check_implicit_admin=yes priv="*.*:ALL,GRANT"
- with_items:
-  - "{{ ansible_hostname }}"
-  - 127.0.0.1
-  - ::1
-  - localhost
--
- name: Setting mysql global variables
- mysql_variables: variable={{ item.var }} value={{ item.val }} login_user=root login_password="{{ mysql_root_password }}"
- with_items:
-  - { var : 'character_set_server', val : 'utf8' }
-  - { var : 'storage_engine', val : 'innodb' }
-  - { var : 'sql_mode', val : 'STRICT_ALL_TABLES' }
- when: ansible_os_family == "RedHat"
--
- name: "Editing my.cnf"
- lineinfile: dest=/etc/my.cnf  line="{{ item }}"
- with_items:
-  - '[client]'
-  - 'default-character-set = utf8'
- when: ansible_os_family == "RedHat"
--
- name: "Adding Karaage Database"
- mysql_db: name=karaage state=present login_user=root login_password={{ mysql_root_password }} 
--
- name: "Giving priviliges to karaage user"
- mysql_user: name=karaage password={{ karaage_sql_password }} login_user=root login_password={{ mysql_root_password }} priv=karaage.*:ALL state=present
-
-- 
- name: "Starting MySQL"
- service: name=mysql state=restarted
- when: ansible_os_family == "Debian"
--
- name: "Starting MySQL"
- service: name=mysqld state=restarted
- when: ansible_os_family == "RedHat"

roles/karaage3.1.17/tasks/prerequisitesDebian.yml

 ---
 -
   name: "Installing prereq packages"
+  sudo: true
   apt: name={{ item }} update_cache=yes
   with_items:
    - debian-keyring
 - 
   apt_key: "url=http://code.vpac.org/debian/vpac-debian-key.gpg state=present"
   name: "Installing the VPAC Debian Archive signing key"
+  sudo: true
 - 
   apt_repository: "repo='deb     http://code.vpac.org/debian  jessie main' state=present"
   name: "Adding VPAC repository in the source list"
+  sudo: true
 - 
   apt_repository: "repo='deb-src http://code.vpac.org/debian  jessie main' state=present"
   name: "Adding VPAC source repository"
+  sudo: true
 - 
   apt: update_cache=yes
   name: "Upgrading apt..."
+  sudo: true
+

roles/karaage3.1.17/templates/default-ssl.j2

 <IfModule mod_ssl.c>
 <VirtualHost _default_:443>
 	ServerAdmin webmaster@localhost
+    {% if hpcidDomain is defined %}
+    ServerName {{ hpcidDomain }}
+    {% endif %}
 
 	DocumentRoot /var/www
 	<Directory />
@@ -39,8 +42,8 @@
 	#   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
 	#   If both key and certificate are stored in the same file, only the
 	#   SSLCertificateFile directive is needed.
-	SSLCertificateFile    /etc/ssl/certs/server.crt
-	SSLCertificateKeyFile /etc/ssl/private/server.key
+	SSLCertificateFile    {{ x509_cert_file }}
+	SSLCertificateKeyFile {{ x509_key_file }} 
 	#   Server Certificate Chain:
 	#   Point SSLCertificateChainFile at a file containing the
 	#   concatenation of PEM encoded CA certificates which form the
@@ -56,8 +59,12 @@
 	#   Note: Inside SSLCACertificatePath you need hash symlinks
 	#         to point to the certificate files. Use the provided
 	#         Makefile to update the hash symlinks after changes.
+    {% if x509_cert_path is defined %}
+	SSLCACertificatePath {{ x509_cert_path }} 
+    {% else %}
 	SSLCACertificatePath /etc/ssl/certs/
-	SSLCACertificateFile /etc/ssl/certs/ca.crt
+    {% endif %}
+	SSLCACertificateFile {{ x509_cacert_file }}
 
 	#   Certificate Revocation Lists (CRL):
 	#   Set the CA revocation path where to find CA CRLs for client

roles/karaage3.1.17/templates/settings.py.j2

@@ -67,23 +67,32 @@ HTTP_HOST = "{{ x509_common_name }}"
 # exception information. Each member of the tuple should be a tuple of (Full
 # name, email address).
 ADMINS = (
+{% if karaageAdminName is defined and karaageAdminEmail is defined %}
+    ('{{ karaageAdminName }}', '{{ karaageAdminEmail }}'),
+{% else %}
     # ('Your Name', 'your_email@domain.com'),
+{% endif %}
 )
 
 # A tuple in the same format as ADMINS that specifies who should get broken
 # link notifications when BrokenLinkEmailsMiddleware is enabled.
 MANAGERS = ADMINS
 
+{% if defaultProject is defined and defaultMachineCategory is defined %}
+DEFAULT_PROJECT_PID = {{ defaultProject }}
+DEFAULT_MACHINE_CATEGORY_NAME = {{ defaultMachineCategory }}
+{% endif %}
+
 # A dictionary containing the settings for all databases to be used with
 # Django. It is a nested dictionary whose contents maps database aliases to a
 # dictionary containing the options for an individual database.
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.mysql',
-        'NAME': 'karaage',
-        'USER': 'karaage',
-        'PASSWORD': 'imkaraage',
-        'HOST': 'localhost',
+        'NAME': '{{ karaageDbName }}',
+        'USER': '{{ karaageDbUser }}',
+        'PASSWORD': '{{ karaagePassword }}',
+        'HOST': '{{ karaageDbHost }}',
         'PORT': '',
         'ATOMIC_REQUESTS': True,
     }
@@ -92,7 +101,7 @@ DATABASES = {
 LDAP = {
      'default': {
           'ENGINE': 'tldap.backend.fake_transactions',
-          'URI': 'ldaps://{% for host in groups['ldap-server'] %}{{ hostvars[host]['ansible_fqdn'] }}{% endfor %}/',
+          'URI': '{{ ldapURI }}',
           'USER': '{{ ldapManager }}',
           'PASSWORD': '{{ ldapManagerPassword }}',
           'REQUIRE_TLS': True,
@@ -114,8 +123,8 @@ MACHINE_CATEGORY_DATASTORES = {
                 'HOME_DIRECTORY': "/home/%(uid)s",
                 'LOCKED_SHELL': "/usr/local/sbin/locked",
                 'NUMBER_SCHEME': 'default',
-                'LDAP_ACCOUNT_BASE': 'ou=Accounts,dc=monash,dc=edu,dc=au',
-                'LDAP_GROUP_BASE': 'ou=Groups,dc=monash,dc=edu,dc=au',
+                'LDAP_ACCOUNT_BASE': 'ou=Accounts,{{ ldapDomain }}',
+                'LDAP_GROUP_BASE': 'ou=Groups,{{ ldapDomain }}',
           },
     ],
      'dummy': [
@@ -130,13 +139,13 @@ GLOBAL_DATASTORES = [
             'PERSON': 'karaage.datastores.ldap_schemas.openldap_person',
             'GROUP': 'karaage.datastores.ldap_schemas.openldap_person_group',
             'NUMBER_SCHEME': 'global',
-            'LDAP_PERSON_BASE': 'ou=People,dc=monash,dc=edu,dc=au',
-            'LDAP_GROUP_BASE': 'ou=People_Groups,dc=monash,dc=edu,dc=au',
+            'LDAP_PERSON_BASE': 'ou=People,{{ ldapDomain }}',
+            'LDAP_GROUP_BASE': 'ou=Groups,{{ ldapDomain }}',
       },
 ]
 # The email address that error messages come from, such as those sent to ADMINS
 # and MANAGERS.
-SERVER_EMAIL = 'karaage@example.org'
+SERVER_EMAIL = '{{ karaageAdminEmail }}'
 
 # The host to use for sending email.
 EMAIL_HOST = 'localhost'
@@ -258,7 +267,7 @@ LOGGING = {
 
 # Users are advised to contact this address if having problems.
 # This is also used as the from address in outgoing emails.
-ACCOUNTS_EMAIL = 'accounts@example.com'
+ACCOUNTS_EMAIL = '{{ karaageAdminEmail }}'
 
 # This organisation name, used in outgoing emails.
 ACCOUNTS_ORG_NAME = 'Example'

roles/karaage3.1.17/templates/ssl.conf.j2

@@ -70,7 +70,8 @@ SSLCryptoDevice builtin
 ## SSL Virtual Host Context
 ##
 
-<VirtualHost {{ ansible_fqdn }}:443>
+### <VirtualHost {{ ansible_fqdn }}:443>
+<VirtualHost {{ ansible_nodename }}.{{ ansible_domain }}:443>
 
 # General setup for the virtual host, inherited from global configuration
 #DocumentRoot "/var/www/html"

roles/ldapserver/tasks/main.yml

@@ -44,6 +44,9 @@
 - name: template accounts.ldif
   template: src=accounts_ldif.j2 dest=/tmp/accounts.ldif
 
+- name: template real accounts.ldif
+  template: src=real_accounts_ldif.j2 dest=/tmp/real_accounts.ldif
+
 - name: template groups.ldif
   template: src=groups_ldif.j2 dest=/tmp/groups.ldif
 
@@ -129,6 +132,12 @@
   ignore_errors: true
   register: accountsConfigured
 
+- name: check real Accounts config
+  shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapAccountBase }} -x -H ldap://localhost objectClass=*"
+  ignore_errors: true
+  register: realAccountsConfigured
+  when: ldapAccountBase is defined
+
 - name: check Groups config
   shell: "ldapsearch -D {{ ldapManager }} -w {{ ldapManagerPassword }} -b {{ ldapGroupBase }} -x -H ldap://localhost objectClass=*"
   ignore_errors: true
@@ -145,7 +154,10 @@
   with_items:
    - ppolicy
    - cosine
+   - nis
+   - inetorgperson
   ignore_errors: true
+  sudo: true
   when: ansible_os_family == 'RedHat' and ansible_distribution_major_version >= '7'
 
 - name: initialise server ssl
@@ -180,6 +192,10 @@
   shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/accounts.ldif
   when: accountsConfigured|failed
 
+- name: add real Accounts OU
+  shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/real_accounts.ldif
+  when: realAccountsConfigured is defined and realAccountsConfigured|failed
+
 - name: add Groups OU
   shell: ldapadd -x -D {{ ldapManager }} -w {{ ldapManagerPassword }} -x -H ldap://localhost -f /tmp/groups.ldif
   when: groupsConfigured|failed

roles/ldapserver/templates/real_accounts_ldif.j2

+dn: {{ ldapAccountBase }}
+objectClass: organizationalUnit

roles/ldapserver/vars/main.yml

@@ -2,3 +2,4 @@
   ldapcert: /etc/openldap/certs/ldapcert.pem
   ldapkey: /etc/openldap/certs/ldapkey.pem
   cacert: /etc/openldap/certs/cacert.pem
+

roles/mysql/handlers/main.yml

+---
+- name: "Restart MySQL" 
+  service: name=mysql state=restarted
+  sudo: true
+  when: ansible_os_family == "Debian"
+
+- name: "Restart MySQL" 
+  service: name=mysqld state=restarted
+  sudo: true
+  when: ansible_os_family == "RedHat"
+

roles/mysql/tasks/main.yml

+---
+ - include: mysql_client.yml mysql_type=mysql_client
+ - include: mysql_server.yml mysql_type=mysql_server

roles/mysql/tasks/mysql_client.yml

+---
+- name: "Installing MySQL Debian"
+  apt: name="{{ item }}" update_cache=yes cache_valid_time=3600 state=present
+  with_items:
+    - python
+    - mysql-client
+  sudo: true
+  when: ansible_os_family == "Debian"
+
+- name: Installing MySQL RedHat
+  yum: name="{{ item }}" state=latest
+  with_items:
+    - python
+    - mysql 
+    - mysql-connector-odbc 
+    - MySQL-python
+  sudo: true
+  when: ansible_os_family == "RedHat"

roles/mysql/tasks/mysql_server.yml

+---
+- name: "Installing MySQL Debian"
+  apt: name="{{ item }}" update_cache=yes cache_valid_time=3600 state=present
+  with_items:
+    - python
+    - python-dev
+    - libmysqlclient-dev
+    - python-pip
+    - libapache2-mod-wsgi
+    - python-mysql.connector
+    - mysql-server
+    - python-mysqldb
+  sudo: true
+  when: ansible_os_family == "Debian"
+
+- name: Installing MySQL RedHat
+  yum: name="{{ item }}" state=latest
+  with_items:
+    - python
+    - python-devel
+    - mysql-devel
+    - mysql-libs
+    - MySQL-python
+    - mysql-server
+  sudo: true
+  when: ansible_os_family == "RedHat"
+
+- name: "Starting MySQL"
+  service: name=mysql state=started enabled=true
+  sudo: true
+  when: ansible_os_family == "Debian"
+
+- name: "Starting MySQL"
+  service: name=mysqld state=started enabled=true
+  sudo: true
+  when: ansible_os_family == "RedHat"
+
+- name: make sure mysql conf directory exists
+  file: dest=/etc/mysql/conf.d state=directory
+  sudo: true
+
+- name: "Templating mysql configure file"
+  template: src="mysql.cnf.j2" dest=/etc/mysql/conf.d/{{ mysql_config_file_name }}.cnf owner=root group=root
+  sudo: true
+
+- name: "Adding root"
+  sudo: true
+  mysql_user: name=root host="{{ item }}" password="{{ mysql_root_password }}" login_user=root login_password="{{ mysql_root_password }}" check_implicit_admin=yes priv="*.*:ALL,GRANT"
+  with_items:
+    - "{{ ansible_hostname }}"
+    - 127.0.0.1
+    - ::1
+    - localhost
+
+- name: Setting mysql global variables
+  mysql_variables: variable={{ item.var }} value={{ item.val }} login_user=root login_password="{{ mysql_root_password }}"
+  with_items:
+    - { var : 'character_set_server', val : 'utf8' }
+    - { var : 'storage_engine', val : 'innodb' }
+    - { var : 'sql_mode', val : 'STRICT_ALL_TABLES' }
+  sudo: true
+  when: ansible_os_family == "RedHat"
+
+- name: "Editing my.cnf"
+  lineinfile: dest=/etc/my.cnf  line="{{ item }}"
+  with_items:
+    - '[client]'
+    - 'default-character-set = utf8'
+    - 'log_warnings = 2'
+    - 'log_error = /var/log/mysql/error.log'
+  sudo: true
+  notify: Restart MySQL
+  when: ansible_os_family == "RedHat"
+
+- name: "Adding user database"
+  mysql_db: name={{ mysql_user_db_name }} state=present login_user=root login_password={{ mysql_root_password }} 
+
+- name: "Giving priviliges to user"
+  mysql_user: name={{ mysql_user_name }} host={{ mysql_user_host }} password={{ mysql_user_password }} login_user=root login_password={{ mysql_root_password }} priv={{ mysql_user_name }}.*:ALL state=present

roles/mysql/templates/mysql.cnf.j2

+[mysqld]
+character_set_server=utf8
+default-storage-engine = innodb
+sql_mode = STRICT_ALL_TABLES
+
+[client]
+default-character-set = utf8