You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The next step involves running the security script, which modifies certain default options to enhance security. Our purpose here is to prevent remote root logins and remove unnecessary database users.
Run the Security Script
mariadb-secure-installation
Follow the prompts:
Enter current password for root (enter for none):Press Enter
Switch to unix_socket authentication [Y/n]:y
Change the root password? [Y/n]:n
Remove anonymous users? [Y/n]:y
Disallow root login remotely? [Y/n]:y
Remove test database and access to it? [Y/n]:y
Reload privilege tables now? [Y/n]:y
Create an Admin User
We'll create a new account named admin with root-level capabilities, but configured for password authentication.
mariadb
The prompt will change to MariaDB [(none)]>. Now, create a new local admin user (adjust the username and password to your preference):
CREATEUSER 'admin'@'localhost' IDENTIFIED BY 'password';
Grant the admin user root privileges (adjust username and password as above):
GRANT ALL ON*.* TO 'admin'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
To allow the admin user password-based access from your local area network (LAN) within the subnet 192.168.100.0/24, use the following (adjust the username, password, and subnet as needed):
GRANT ALL ON*.* TO 'admin'@'192.168.100.%' IDENTIFIED BY 'password' WITH GRANT OPTION;
Flush the privileges to ensure they are saved and available in the current session:
FLUSH PRIVILEGES;
Exit the MariaDB shell:
exit
Log in as the New Admin User
Log in as the new database user you just created:
mariadb -u admin -p
Create a new database:
CREATEDATABASEhomeassistant;
Exit the MariaDB shell:
exit
Additional Configuration
⚠️ Reboot the LXC container.
Check the MariaDB status:
systemctl status mariadb
Update the db_url in your configuration.yaml for Home Assistant:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Copied from original post: tteck/Proxmox#2915
MariaDB Security and Configuration Setup
The next step involves running the security script, which modifies certain default options to enhance security. Our purpose here is to prevent remote root logins and remove unnecessary database users.
Run the Security Script
Follow the prompts:
ynyyyyCreate an Admin User
We'll create a new account named
adminwith root-level capabilities, but configured for password authentication.The prompt will change to
MariaDB [(none)]>. Now, create a new local admin user (adjust the username and password to your preference):Grant the admin user root privileges (adjust username and password as above):
To allow the admin user password-based access from your local area network (LAN) within the subnet
192.168.100.0/24, use the following (adjust the username, password, and subnet as needed):Flush the privileges to ensure they are saved and available in the current session:
Exit the MariaDB shell:
exitLog in as the New Admin User
Log in as the new database user you just created:
Create a new database:
Exit the MariaDB shell:
exitAdditional Configuration
Check the MariaDB status:
Update the
db_urlin yourconfiguration.yamlfor Home Assistant:Access the phpMyAdmin interface at:
IP/phpMyAdminBeta Was this translation helpful? Give feedback.
All reactions