diff --git a/roles/mariadb/tasks/main.yml b/roles/mariadb/tasks/main.yml index 05a31a9..e29e105 100644 --- a/roles/mariadb/tasks/main.yml +++ b/roles/mariadb/tasks/main.yml @@ -51,7 +51,7 @@ tags: mariadb - name: Create MariaDB user(s) - mysql_user: name={{ item.user }} password={{ item.pass }} priv={{ item.name }}.*:ALL state=present + mysql_user: name={{ item.user }} password={{ item.pass }} priv={{ item.name }}.*:ALL host=127.0.0.1 state=present loop: "{{ mariadb_databases }}" when: mariadb_databases is defined tags: mariadb diff --git a/roles/mariadb/templates/my.cnf.j2 b/roles/mariadb/templates/my.cnf.j2 index eff6a3e..8e0f1dd 100644 --- a/roles/mariadb/templates/my.cnf.j2 +++ b/roles/mariadb/templates/my.cnf.j2 @@ -47,6 +47,10 @@ skip-external-locking # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. bind-address = 127.0.0.1 + +# don't resolve connection IPs to hostnames (make sure user accounts are using +# IPs instead of "localhost") +skip-name-resolve=1 # # * Fine Tuning #