Compare commits
1 Commits
transcaffe
...
6fdc21291f
| Author | SHA1 | Date | |
|---|---|---|---|
6fdc21291f
|
galaxy.yml
roles/postgresql
@ -1,13 +1,12 @@
|
||||
namespace: finallycoffee
|
||||
name: databases
|
||||
version: 0.1.2
|
||||
version: 0.1.1
|
||||
readme: README.md
|
||||
authors:
|
||||
- transcaffeine <transcaffeine@finally.coffee>
|
||||
description: Collection for deploying and configuring databases
|
||||
dependencies:
|
||||
"community.docker": "^4.0.0"
|
||||
"community.postgresql": "^3.9.0"
|
||||
"community.docker": "^3.0.0"
|
||||
license_file: LICENSE.md
|
||||
build_ignore:
|
||||
- '*.tar.gz'
|
||||
|
||||
@ -3,24 +3,6 @@
|
||||
PostgreSQL is the self proclaimed "world's most advanced" open source relational
|
||||
database. This ansible role can deploy and configure postgresql.
|
||||
|
||||
By default, the role configures the remote's effective ansible user with
|
||||
peer authentication for the (postgresql) role `postgres` on all databases (with all grants).
|
||||
|
||||
## Required configuration
|
||||
|
||||
Set `postgresql_superuser_password` to your superusers desired password.
|
||||
|
||||
## Optional configuration
|
||||
|
||||
Set `postgresql_major_version` to your desired postgresql major version,
|
||||
for supported major versions see [`defaults/main/main.yml`](defaults/main/main.yml#L6).
|
||||
|
||||
This role can be executed multiple times with different
|
||||
`postgresql_major_version` values to provide new database versions for up-to-
|
||||
date applications and older versions for software which does not yet support
|
||||
them. Container name and host mounts encode the major version to prevent
|
||||
accidental usage of the 'wrong' `PGDATA` directory.
|
||||
|
||||
## Requirements
|
||||
|
||||
- `psycopg2` (pip) package
|
||||
|
||||
@ -8,7 +8,7 @@ postgresql_config_port: 5432
|
||||
|
||||
postgresql_base_config:
|
||||
listen_addresses: "{{ postgresql_config_listen_addresses }}"
|
||||
unix_socket_directories: "{{ postgresql_config_unix_socket_directories }}"
|
||||
connect_socket: "{{ postgresql_config_connect_socket }}"
|
||||
port: "{{ postgresql_config_port }}"
|
||||
postgresql_merged_config: >-2
|
||||
{{ postgresql_base_config | combine(
|
||||
|
||||
@ -17,14 +17,15 @@ postgresql_pg_ident_conf_file: >-2
|
||||
{{ postgresql_config_path }}/pg_ident.conf
|
||||
postgresql_pg_hba_conf_file: >-2
|
||||
{{ postgresql_config_path }}/pg_hba.conf
|
||||
postgresql_admin_role: "postgres"
|
||||
postgresql_admin_role: "{{ postgresql_user }}"
|
||||
postgresql_admin_role_contype: local
|
||||
postgresql_admin_role_method: peer
|
||||
postgresql_admin_local_user: >-2
|
||||
{{ ansible_facts['user_id'] }}
|
||||
postgresql_admin_role_mapping_name: >-2
|
||||
{{ postgresql_admin_local_user }}_{{ postgresql_admin_role }}
|
||||
postgresql_admin_pg_ident_conf: "{{ postgresql_admin_role_mapping_name }}\t{{ postgresql_admin_local_user }}\t{{ postgresql_admin_role }}"
|
||||
postgresql_admin_pg_ident_conf: >-2
|
||||
{{ postgresql_admin_role_mapping_name }}\t{{ postgresql_admin_local_user }}\t{{ postgresql_admin_role }}
|
||||
postgresql_admin_pg_hba_conf_options: >-2
|
||||
map={{ postgresql_admin_role_mapping_name }}
|
||||
postgresql_superuser_password: ~
|
||||
|
||||
@ -14,31 +14,21 @@
|
||||
- name: Ensure postgresql configuration is set
|
||||
community.postgresql.postgresql_set:
|
||||
name: "{{ option.key }}"
|
||||
value: "{{ pg_option_value }}"
|
||||
value: "{{ option.value }}"
|
||||
login_host: "{{ postgresql_login_host }}"
|
||||
login_port: "{{ postgresql_config_port }}"
|
||||
login_password: "{{ postgresql_superuser_password }}"
|
||||
loop: "{{ postgresql_merged_config | dict2items }}"
|
||||
loop: "{{ postgresql_merged_options | dict2items }}"
|
||||
loop_control:
|
||||
loop_var: option
|
||||
vars:
|
||||
pg_option_value: >-2
|
||||
{{
|
||||
(option.value | join(' '))
|
||||
if (option.value is iterable
|
||||
and option.value is not string
|
||||
and option.value is not mapping)
|
||||
else option.value
|
||||
}}
|
||||
register: postgresql_config_results
|
||||
|
||||
- name: Ensure postgresql configuration is reloaded
|
||||
community.postgresql.postgresql_query:
|
||||
db: "postgres"
|
||||
query: "SELECT pg_reload_conf();"
|
||||
login_host: "{{ postgresql_login_host }}"
|
||||
login_port: "{{ postgresql_config_port }}"
|
||||
login_password: "{{ postgresql_superuser_password }}"
|
||||
register: postgresql_config_results
|
||||
|
||||
- name: Ensure restart handler is fired if required
|
||||
debug:
|
||||
@ -49,8 +39,7 @@
|
||||
loop: "{{ postgresql_config_results.results }}"
|
||||
loop_control:
|
||||
loop_var: result
|
||||
label: "{{ result.option.key }}"
|
||||
when: postgresql_state == 'present'
|
||||
label: "{{ result.option.name }}"
|
||||
vars:
|
||||
postgresql_login_host: >-2
|
||||
{{
|
||||
|
||||
@ -69,9 +69,10 @@
|
||||
file: "initialize-docker.yml"
|
||||
when:
|
||||
- postgresql_state == 'present'
|
||||
- not postgresql_global_data_info.stat.exists
|
||||
- postgresql_global_data_info.stat.exists
|
||||
- postgresql_global_data_info.stat.isdir is defined
|
||||
- not postgresql_global_data_info.stat.isdir
|
||||
- postgresql_global_data_info.stat.isdir
|
||||
# TODO: determine if initialization is needed
|
||||
|
||||
- name: Ensure postgresql container '{{ postgresql_container_name }}' is {{ postgresql_container_state }}
|
||||
community.docker.docker_container:
|
||||
|
||||
@ -1,11 +0,0 @@
|
||||
---
|
||||
- name: Ensure postgresql package is {{ postgresql_state }}
|
||||
ansible.builtin.package:
|
||||
name: "{{ postgresql_os_package_name }}"
|
||||
state: "{{ postgresql_state }}"
|
||||
|
||||
- name: Ensure postgresql systemd unit is {{ (postgresql_state == 'present') | ternary('enabled', 'disabled') }}
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ postgresql_systemd_service_name }}"
|
||||
enabled: "{{ (postgresql_state == 'present') }}"
|
||||
when: ansible_facts['service_mgr'] == 'systemd'
|
||||
@ -33,7 +33,6 @@
|
||||
loop:
|
||||
- name: "{{ postgresql_config_path }}"
|
||||
- name: "{{ postgresql_data_path }}"
|
||||
mode: "0700"
|
||||
loop_control:
|
||||
loop_var: path
|
||||
label: "{{ path.name }}"
|
||||
|
||||
@ -20,9 +20,8 @@
|
||||
line: "# Ansible managed"
|
||||
- name: "{{ postgresql_pg_ident_conf_file }}"
|
||||
insert_after: "# Ansible managed"
|
||||
line: "{{ postgresql_admin_pg_ident_conf }}"
|
||||
line: "{{ ansible_user }}_{{ postgresql_admin_role }}\t{{ ansible_user }}\t{{ postgresql_admin_role }}"
|
||||
when: postgresql_state == 'present'
|
||||
notify: postgresql_restart
|
||||
|
||||
- name: Configure permissions for postgresql admin role
|
||||
community.postgresql.postgresql_pg_hba:
|
||||
@ -30,6 +29,5 @@
|
||||
contype: "{{ postgresql_admin_role_contype }}"
|
||||
users: "{{ postgresql_admin_role }}"
|
||||
method: "{{ postgresql_admin_role_method }}"
|
||||
options: "{{ postgresql_admin_pg_hba_conf_options }}"
|
||||
options: "map={{ ansible_user }}_{{ postgresql_admin_role }}"
|
||||
when: postgresql_state == 'present'
|
||||
notify: postgresql_restart
|
||||
|
||||
@ -4,4 +4,3 @@ postgresql_states:
|
||||
- absent
|
||||
postgresql_deployment_methods:
|
||||
- docker
|
||||
- local
|
||||
|
||||
Reference in New Issue
Block a user