Sensitive default variables

[jnv]

Thank you for sharing this role, it's a real timesaver, though I have a suggestion about default variables.

If I add this role with default variables, it:

• opens up the server for all incoming connections (mysql_bind_address: "0.0.0.0")
• sets a password foobar to the root user
• creates standard user and repl user, also with insecure password foobar

Though the related variables are mentioned in a basic usage in README, I was still surprised when the role created a repl user.

It is my understanding that the default variables should be used for sharing variables with included and dependent roles, but not as an example usage.

I would like you to consider a bit more sensitive default behaviour, for example:

• bind to 127.0.0.1 by default
• omit a default root password – the mysql_root_db_pass could be either mandatory, or related tasks would be skipped when the password is missing
• do not create a database or users by default

The omitted variables should be either explained in documentation or commented out in defaults/main.yml as an example usage.

I'd be happy to send a PR if you agree with this proposal.

[bennojoy]

Hi Jnv,

Sounds reasonable, if you can send in a PR it would be great.. else i would update the roles in shortly.