ansible-infra/ansible_collections/nullified/infrastructure/roles/mariadb/templates/mariadb_init.sql.j2

{% if mariadb_server_run_init_sql %}
# Run hardening steps from `mysql_secure_installation`
DELETE FROM mysql.global_priv WHERE User='';
DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';

UPDATE mysql.global_priv
SET priv=json_set(
        priv,
        '$.password_last_changed', UNIX_TIMESTAMP(),
        '$.plugin', 'mysql_native_password',
        '$.authentication_string', PASSWORD('{{ mariadb_server_root_password }}'),
        '$.auth_or', json_array(json_object(), json_object('plugin', 'unix_socket'))
 )
WHERE User='root';

FLUSH PRIVILEGES;
{% endif %}
{% if mariadb_server_run_custom_sql and mariadb_server_custom_sql|length %}
{{ mariadb_server_custom_sql }}
{% endif %}