Compare commits
	
		
			10 Commits
		
	
	
		
			transcaffe
			...
			40d9c9bdd5
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 40d9c9bdd5 | |||
| bff5cce7e9 | |||
| 2edb0eae52 | |||
| 7c2f8277a7 | |||
| 96de942f51 | |||
| 6625557bfa | |||
| 9b3af2f6d4 | |||
| f2aa516b13 | |||
| 39fed04d33 | |||
| 383a89aef7 | 
| @@ -10,3 +10,10 @@ | |||||||
|  |  | ||||||
| - [`mariadb`](roles/mariadb/README.md): deploy mariadb | - [`mariadb`](roles/mariadb/README.md): deploy mariadb | ||||||
|   in a docker container |   in a docker container | ||||||
|  |  | ||||||
|  | - [`postgresql`](roles/postgresql/README.md): deploy postgresql, | ||||||
|  |   the worlds most advances open-source relational database | ||||||
|  |  | ||||||
|  | - [`valkey`](roles/valkey/README.md): deploy and configure valkey, | ||||||
|  |   an open source in-memory data store under BSD license, forked | ||||||
|  |   from redis. | ||||||
|   | |||||||
| @@ -1,6 +1,6 @@ | |||||||
| namespace: finallycoffee | namespace: finallycoffee | ||||||
| name: databases | name: databases | ||||||
| version: 0.1.0 | version: 0.1.1 | ||||||
| readme: README.md | readme: README.md | ||||||
| authors: | authors: | ||||||
| - transcaffeine <transcaffeine@finally.coffee> | - transcaffeine <transcaffeine@finally.coffee> | ||||||
| @@ -16,4 +16,7 @@ tags: | |||||||
|   - elasticsearch |   - elasticsearch | ||||||
|   - redis |   - redis | ||||||
|   - mariadb |   - mariadb | ||||||
|  |   - postgresql | ||||||
|  |   - postgres | ||||||
|  |   - valkey | ||||||
|   - docker |   - docker | ||||||
|   | |||||||
							
								
								
									
										6
									
								
								playbooks/postgresql.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								playbooks/postgresql.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | |||||||
|  | --- | ||||||
|  | - name: Deploy and configure PostgreSQL | ||||||
|  |   hosts: "{{ postgresql_hosts | default('postgresql', true) }}" | ||||||
|  |   become: "{{ postgresql_become | default(true, true) }}" | ||||||
|  |   roles: | ||||||
|  |     - role: finallycoffee.databases.postgresql | ||||||
							
								
								
									
										6
									
								
								playbooks/valkey.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								playbooks/valkey.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | |||||||
|  | --- | ||||||
|  | - name: Deploy and configure valkey | ||||||
|  |   hosts: "{{ valkey_hosts | default('valkey', true) }}" | ||||||
|  |   become: "{{ valkey_become | default(true, true) }}" | ||||||
|  |   roles: | ||||||
|  |     - finallycoffee.databases.valkey | ||||||
| @@ -1,5 +1,5 @@ | |||||||
| --- | --- | ||||||
| elasticsearch_version: 8.15.3 | elasticsearch_version: "8.17.0" | ||||||
| elasticsearch_state: present | elasticsearch_state: present | ||||||
|  |  | ||||||
| elasticsearch_base_path: /opt/elasticsearch | elasticsearch_base_path: /opt/elasticsearch | ||||||
|   | |||||||
| @@ -34,6 +34,5 @@ | |||||||
|     volumes: "{{ elasticsearch_container_volumes }}" |     volumes: "{{ elasticsearch_container_volumes }}" | ||||||
|     ulimits: "{{ elasticsearch_container_ulimits }}" |     ulimits: "{{ elasticsearch_container_ulimits }}" | ||||||
|     networks: "{{ elasticsearch_container_networks | default(omit, True) }}" |     networks: "{{ elasticsearch_container_networks | default(omit, True) }}" | ||||||
|     purge_networks: "{{ elasticsearch_container_purge_networks | default(omit, True) }}" |  | ||||||
|     restart_policy: "{{ elasticsearch_container_restart_policy }}" |     restart_policy: "{{ elasticsearch_container_restart_policy }}" | ||||||
|     state: "{{ elasticsearch_container_state }}" |     state: "{{ elasticsearch_container_state }}" | ||||||
|   | |||||||
| @@ -1,5 +1,5 @@ | |||||||
| --- | --- | ||||||
| mariadb_version: "10.11.9" | mariadb_version: "10.11.10" | ||||||
| mariadb_base_path: /var/lib/mariadb | mariadb_base_path: /var/lib/mariadb | ||||||
| mariadb_data_path: >-2 | mariadb_data_path: >-2 | ||||||
|   {{ mariadb_base_path }}/{{ mariadb_version | split('.') | first }} |   {{ mariadb_base_path }}/{{ mariadb_version | split('.') | first }} | ||||||
|   | |||||||
| @@ -16,6 +16,5 @@ | |||||||
|     volumes: "{{ mariadb_container_volumes }}" |     volumes: "{{ mariadb_container_volumes }}" | ||||||
|     networks: "{{ mariadb_container_networks | default(omit, true) }}" |     networks: "{{ mariadb_container_networks | default(omit, true) }}" | ||||||
|     etc_hosts: "{{ mariadb_container_etc_hosts | default(omit, true) }}" |     etc_hosts: "{{ mariadb_container_etc_hosts | default(omit, true) }}" | ||||||
|     purge_networks: "{{ mariadb_container_purge_networks | default(omit, true) }}" |  | ||||||
|     restart_policy: "{{ mariadb_container_restart_policy }}" |     restart_policy: "{{ mariadb_container_restart_policy }}" | ||||||
|     state: "{{ mariadb_container_state }}" |     state: "{{ mariadb_container_state }}" | ||||||
|   | |||||||
							
								
								
									
										9
									
								
								roles/postgresql/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								roles/postgresql/README.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,9 @@ | |||||||
|  | # `finallycoffee.databases.postgresql` ansible role | ||||||
|  |  | ||||||
|  | PostgreSQL is the self proclaimed "world's most advanced" open source relational | ||||||
|  | database. This ansible role can deploy and configure postgresql. | ||||||
|  |  | ||||||
|  | ## Requirements | ||||||
|  |  | ||||||
|  | - `psycopg2` (pip) package | ||||||
|  | - `docker` (pip) package | ||||||
							
								
								
									
										17
									
								
								roles/postgresql/defaults/main/config.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								roles/postgresql/defaults/main/config.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | |||||||
|  | --- | ||||||
|  | postgresql_config_connect_socket: true | ||||||
|  | postgresql_config_unix_socket_directories: | ||||||
|  |   - "/var/run/postgresql" | ||||||
|  | postgresql_config_listen_addresses: | ||||||
|  |   - '*' | ||||||
|  | postgresql_config_port: 5432 | ||||||
|  |  | ||||||
|  | postgresql_base_config: | ||||||
|  |   listen_addresses: "{{ postgresql_config_listen_addresses }}" | ||||||
|  |   connect_socket: "{{ postgresql_config_connect_socket }}" | ||||||
|  |   port: "{{ postgresql_config_port }}" | ||||||
|  | postgresql_merged_config: >-2 | ||||||
|  |   {{ postgresql_base_config | combine( | ||||||
|  |     postgresql_config | default({}, true), | ||||||
|  |     recursive=True | ||||||
|  |   ) }} | ||||||
							
								
								
									
										73
									
								
								roles/postgresql/defaults/main/container.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										73
									
								
								roles/postgresql/defaults/main/container.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,73 @@ | |||||||
|  | --- | ||||||
|  | postgresql_container_image_registry: docker.io | ||||||
|  | postgresql_container_image_namespace: ~ | ||||||
|  | postgresql_container_image_name: postgres | ||||||
|  | postgresql_container_image_tag: ~ | ||||||
|  | postgresql_container_image_source: pull | ||||||
|  | postgresql_container_image_force_source: >-2 | ||||||
|  |   {{ postgresql_container_image_tag | default(false, true) | bool }} | ||||||
|  | postgresql_container_image: >-2 | ||||||
|  |   {{ | ||||||
|  |     ([ | ||||||
|  |       postgresql_container_image_registry | default([], true), | ||||||
|  |       postgresql_container_image_namespace | default([], true), | ||||||
|  |       postgresql_container_image_name | ||||||
|  |     ] | flatten | join('/')) | ||||||
|  |     + ':' + postgresql_container_image_tag | default( | ||||||
|  |       postgresql_version + ( | ||||||
|  |         ((postgresql_container_image_flavour is string) | ||||||
|  |           and (postgresql_container_image_flavour | length > 0)) | ||||||
|  |         | ternary( | ||||||
|  |           '_' + postgresql_container_image_flavour | default('', true), | ||||||
|  |           '', | ||||||
|  |         ) | ||||||
|  |       ), | ||||||
|  |       true | ||||||
|  |     ) | ||||||
|  |   }} | ||||||
|  |  | ||||||
|  | postgresql_container_name: "postgresql-{{ postgresql_major_version }}" | ||||||
|  | postgresql_container_env: ~ | ||||||
|  | postgresql_container_user: >-2 | ||||||
|  |   {{ postgresql_user_id }}:{{ postgresql_user_group_id }} | ||||||
|  | postgresql_container_ports: ~ | ||||||
|  | postgresql_container_labels: ~ | ||||||
|  | postgresql_container_networks: ~ | ||||||
|  | postgresql_container_recreate: ~ | ||||||
|  | postgresql_container_etc_hosts: ~ | ||||||
|  | postgresql_container_restart_policy: "on-failure" | ||||||
|  | postgresql_container_state: >-2 | ||||||
|  |   {{ (postgresql_state == 'present') | ternary('started', 'absent') }} | ||||||
|  | postgresql_container_volumes: ~ | ||||||
|  | postgresql_container_unix_socket_path: >-2 | ||||||
|  |   {{ postgresql_config_unix_socket_directories | first }} | ||||||
|  | postgresql_container_base_volumes: | ||||||
|  |   - "{{ postgresql_container_passwd_file }}:/etc/passwd:ro" | ||||||
|  |   - "{{ postgresql_data_path }}:{{ postgresql_container_data_dir }}:Z" | ||||||
|  | postgresql_container_config_volumes: | ||||||
|  |   - "{{ postgresql_pg_hba_conf_file }}:{{ postgresql_container_data_dir }}/pg_hba.conf:ro" | ||||||
|  |   - "{{ postgresql_pg_ident_conf_file }}:{{ postgresql_container_data_dir }}/pg_ident.conf:ro" | ||||||
|  | postgresql_container_unix_socket_volumes: | ||||||
|  |   - "{{ postgresql_container_unix_socket_path }}:{{ postgresql_container_unix_socket_path }}:rw,rshared" | ||||||
|  | postgresql_container_initdb_volumes: >-2 | ||||||
|  |   {{ postgresql_container_base_volumes | ||||||
|  |     + postgresql_container_unix_socket_volumes | ||||||
|  |     + (postgresql_container_volumes | default([], true)) }} | ||||||
|  | postgresql_container_merged_volumes: >-2 | ||||||
|  |   {{ postgresql_container_base_volumes | ||||||
|  |     + postgresql_container_config_volumes | ||||||
|  |     + (postgresql_container_unix_socket_volumes if postgresql_config_connect_socket else []) | ||||||
|  |     + (postgresql_container_volumes | default([], true)) }} | ||||||
|  | postgresql_systemd_tmpfile_socket_correction_unit_name: >-2 | ||||||
|  |   {{ postgresql_container_unix_socket_path | split('/') | reject('eq', '') | join('-') }} | ||||||
|  |  | ||||||
|  | # (Memory) performance tuning | ||||||
|  | postgresql_container_memory: ~ | ||||||
|  | postgresql_container_memory_reservation: ~ | ||||||
|  | postgresql_container_shm_size: ~ | ||||||
|  | postgresql_container_oom_kill: ~ | ||||||
|  | postgresql_container_oom_score_adj: ~ | ||||||
|  | postgresql_container_ulimits: ~ | ||||||
|  |  | ||||||
|  | postgresql_container_passwd_file: "{{ postgresql_config_path }}/passwd" | ||||||
|  | postgresql_container_data_dir: "/var/lib/postgresql/data" | ||||||
							
								
								
									
										34
									
								
								roles/postgresql/defaults/main/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										34
									
								
								roles/postgresql/defaults/main/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,34 @@ | |||||||
|  | --- | ||||||
|  | postgresql_user: postgresql | ||||||
|  | postgresql_version: >-2 | ||||||
|  |   {{ postgresql_versions[postgresql_major_version | string] }} | ||||||
|  | postgresql_major_version: 16 | ||||||
|  | postgresql_versions: | ||||||
|  |   "17": "17.2" | ||||||
|  |   "16": "16.6" | ||||||
|  |   "15": "15.10" | ||||||
|  |   "14": "14.15" | ||||||
|  |  | ||||||
|  | postgresql_config_path: >-2 | ||||||
|  |   /etc/postgresql/{{ postgresql_major_version }} | ||||||
|  | postgresql_data_path: >-2 | ||||||
|  |   /var/lib/postgresql/{{ postgresql_major_version }} | ||||||
|  | postgresql_pg_ident_conf_file: >-2 | ||||||
|  |   {{ postgresql_config_path }}/pg_ident.conf | ||||||
|  | postgresql_pg_hba_conf_file: >-2 | ||||||
|  |   {{ postgresql_config_path }}/pg_hba.conf | ||||||
|  | postgresql_admin_role: "{{ postgresql_user }}" | ||||||
|  | postgresql_admin_role_contype: local | ||||||
|  | postgresql_admin_role_method: peer | ||||||
|  | postgresql_admin_local_user: >-2 | ||||||
|  |   {{ ansible_facts['user_id'] }} | ||||||
|  | postgresql_admin_role_mapping_name: >-2 | ||||||
|  |   {{ postgresql_admin_local_user }}_{{ postgresql_admin_role }} | ||||||
|  | postgresql_admin_pg_ident_conf: >-2 | ||||||
|  |   {{ postgresql_admin_role_mapping_name }}\t{{ postgresql_admin_local_user }}\t{{ postgresql_admin_role }} | ||||||
|  | postgresql_admin_pg_hba_conf_options: >-2 | ||||||
|  |   map={{ postgresql_admin_role_mapping_name }} | ||||||
|  | postgresql_superuser_password: ~ | ||||||
|  |  | ||||||
|  | postgresql_state: present | ||||||
|  | postgresql_deployment_method: docker | ||||||
							
								
								
									
										10
									
								
								roles/postgresql/defaults/main/user.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								roles/postgresql/defaults/main/user.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,10 @@ | |||||||
|  | --- | ||||||
|  | postgresql_user_system: true | ||||||
|  | postgresql_user_create_home: false | ||||||
|  | postgresql_user_groups: ~ | ||||||
|  | postgresql_user_append: ~ | ||||||
|  |  | ||||||
|  | postgresql_user_id: >-2 | ||||||
|  |   {{ postgresql_user_info.uid | default(postgresql_user, true) }} | ||||||
|  | postgresql_user_group_id: >-2 | ||||||
|  |   {{ postgresql_user_info.group | default(postgresql_user, true) }} | ||||||
							
								
								
									
										12
									
								
								roles/postgresql/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								roles/postgresql/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,12 @@ | |||||||
|  | --- | ||||||
|  | - name: Restart postgresql container '{{ postgresql_container_name }}' (docker) | ||||||
|  |   community.docker.docker_container: | ||||||
|  |     name: "{{ postgresql_container_name }}" | ||||||
|  |     state: "{{ postgresql_container_state }}" | ||||||
|  |     restart: true | ||||||
|  |     comparisons: | ||||||
|  |       '*': "ignore" | ||||||
|  |   when: | ||||||
|  |     - postgresql_deployment_method == 'docker' | ||||||
|  |     - postgresql_container_state not in ['absent', 'stopped'] | ||||||
|  |   listen: postgresql_restart | ||||||
							
								
								
									
										12
									
								
								roles/postgresql/meta/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								roles/postgresql/meta/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,12 @@ | |||||||
|  | --- | ||||||
|  | allow_duplicates: true | ||||||
|  | dependencies: [] | ||||||
|  | galaxy_info: | ||||||
|  |   role_name: postgresql | ||||||
|  |   description: >-2 | ||||||
|  |     PostgreSQL is the self-proclaimed 'worlds most advanced' open source relational database | ||||||
|  |   galaxy_tags: | ||||||
|  |     - postgresql | ||||||
|  |     - postgres | ||||||
|  |     - database | ||||||
|  |     - docker | ||||||
							
								
								
									
										49
									
								
								roles/postgresql/tasks/configure.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										49
									
								
								roles/postgresql/tasks/configure.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,49 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure postgresql superuser is set | ||||||
|  |   community.postgresql.postgresql_user: | ||||||
|  |     name: "{{ postgresql_admin_role }}" | ||||||
|  |     password: "{{ postgresql_superuser_password }}" | ||||||
|  |     login_host: >-2 | ||||||
|  |       {{ | ||||||
|  |         (postgresql_config_unix_socket_directories | first) | ||||||
|  |         if postgresql_config_connect_socket else  | ||||||
|  |         (postgresql_container_info.container.NetworkSettings.IPAddress) | ||||||
|  |       }} | ||||||
|  |   register: postgresql_superuser_password_result | ||||||
|  |   until: "postgresql_superuser_password_result is succeeded" | ||||||
|  |   retries: 10 | ||||||
|  |   delay: 2 | ||||||
|  |  | ||||||
|  | - name: Ensure postgresql configuration is set | ||||||
|  |   community.postgresql.postgresql_set: | ||||||
|  |     name: "{{ option.key }}" | ||||||
|  |     value: "{{ option.value }}" | ||||||
|  |     login_host: >-2 | ||||||
|  |       {{ | ||||||
|  |         (postgresql_config_unix_socket_directories | first) | ||||||
|  |         if postgresql_config_connect_socket else  | ||||||
|  |         (postgresql_container_info.container.NetworkSettings.IPAddress) | ||||||
|  |       }} | ||||||
|  |     login_port: "{{ postgresql_config_port }}" | ||||||
|  |     login_password: #TODO | ||||||
|  |   loop: "{{ postgresql_merged_options | dict2items }}" | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: option | ||||||
|  |  | ||||||
|  | - name: Ensure postgresql configuration is reloaded | ||||||
|  |   community.postgresql.postgresql_query: | ||||||
|  |     query: "SELECT pg_reload_conf();" | ||||||
|  |     login_host: #TODO | ||||||
|  |     login_port: #TODO | ||||||
|  |     login_password: #TODO | ||||||
|  |  | ||||||
|  | - name: Ensure restart handler is fired if required | ||||||
|  |   debug: | ||||||
|  |     msg: "{{ result.option.key }} changed! Restart required: {{ result.restart_required }}" | ||||||
|  |   when: result.changed | ||||||
|  |   changed_when: "{{ result.restart_required }}" | ||||||
|  |   notify: postgresql_restart | ||||||
|  |   loop: "{{ postgresql_config_results }}" | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: result | ||||||
|  |     label: "{{ result.option.name }}" | ||||||
							
								
								
									
										96
									
								
								roles/postgresql/tasks/deploy-docker.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										96
									
								
								roles/postgresql/tasks/deploy-docker.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,96 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure postgresql container image '{{ postgresql_container_image }}' is {{ postgresql_state }} | ||||||
|  |   community.docker.docker_image: | ||||||
|  |     name: "{{ postgresql_container_image }}" | ||||||
|  |     state: "{{ postgresql_state }}" | ||||||
|  |     source: "{{ postgresql_container_image_source }}" | ||||||
|  |     force_source: "{{ postgresql_container_image_force_source }}" | ||||||
|  |   register: postgresql_container_image_info | ||||||
|  |   until: postgresql_container_image_info is success | ||||||
|  |   retries: 5 | ||||||
|  |   delay: 4 | ||||||
|  |  | ||||||
|  | - name: Ensure /etc/passwd for container is {{ postgresql_state }} | ||||||
|  |   ansible.builtin.template: | ||||||
|  |     src: "postgresql-passwd.j2" | ||||||
|  |     dest: "{{ postgresql_container_passwd_file }}" | ||||||
|  |     owner: "{{ postgresql_user_id }}" | ||||||
|  |     group: "{{ postgresql_user_group_id }}" | ||||||
|  |     mode: "0640" | ||||||
|  |   when: postgresql_state == 'present' | ||||||
|  |  | ||||||
|  | - name: Ensure systemd unit to correct path permissions is {{ postgresql_state }} | ||||||
|  |   ansible.builtin.copy: | ||||||
|  |     dest: "/etc/systemd/system/{{ postgresql_systemd_tmpfile_socket_correction_unit_name }}.service" | ||||||
|  |     content: |+2 | ||||||
|  |       [Unit] | ||||||
|  |       Description="Ensure permissions on {{ postgresql_container_unix_socket_path }}" | ||||||
|  |       After=systemd-tmpfiles-setup.service | ||||||
|  |       Before=docker.service | ||||||
|  |        | ||||||
|  |       [Service] | ||||||
|  |       Type=exec | ||||||
|  |       RemainAfterExit=yes | ||||||
|  |       ExecStart=/bin/bash -c 'mkdir {{ postgresql_container_unix_socket_path }} ||:; chown {{ postgresql_user }}:{{ postgresql_user }} {{ postgresql_container_unix_socket_path }}' | ||||||
|  |        | ||||||
|  |       [Install] | ||||||
|  |       WantedBy=multi-user.target | ||||||
|  |   when: | ||||||
|  |     - ansible_facts['service_mgr'] == 'systemd' | ||||||
|  |     - postgresql_state == 'present' | ||||||
|  |   register: postgresql_systemd_tmpfile_correction_unit_info | ||||||
|  |  | ||||||
|  | - name: Ensure systemd is reloaded | ||||||
|  |   ansible.builtin.systemd: | ||||||
|  |     daemon_reload: true | ||||||
|  |   when: | ||||||
|  |     - postgresql_systemd_tmpfile_correction_unit_info.changed | ||||||
|  |  | ||||||
|  | - name: Ensure systemd unit {{ postgresql_systemd_tmpfile_socket_correction_unit_name }} is {{ postgresql_container_state }} | ||||||
|  |   ansible.builtin.systemd: | ||||||
|  |     name: "{{ postgresql_systemd_tmpfile_socket_correction_unit_name }}.service" | ||||||
|  |     state: "{{ postgresql_container_state }}" | ||||||
|  |   when: ansible_facts['service_mgr'] == 'systemd' | ||||||
|  |  | ||||||
|  | - name: Ensure systemd unit {{ postgresql_systemd_tmpfile_socket_correction_unit_name }} is {{ postgresql_container_state }} | ||||||
|  |   ansible.builtin.systemd: | ||||||
|  |     name: "{{ postgresql_systemd_tmpfile_socket_correction_unit_name }}.service" | ||||||
|  |     enabled: "{{ postgresql_state == 'present' }}" | ||||||
|  |   when: ansible_facts['service_mgr'] == 'systemd' | ||||||
|  |  | ||||||
|  | - name: Lookup {{ postgresql_data_path }}/global | ||||||
|  |   ansible.builtin.stat: | ||||||
|  |     path: "{{ postgresql_data_path }}/global" | ||||||
|  |     get_checksum: false | ||||||
|  |   register: postgresql_global_data_info | ||||||
|  |  | ||||||
|  | - name: Initialize database if empty | ||||||
|  |   ansible.builtin.include_tasks: | ||||||
|  |     file: "initialize-docker.yml" | ||||||
|  |   when: | ||||||
|  |     - postgresql_state == 'present' | ||||||
|  |     - postgresql_global_data_info.stat.exists | ||||||
|  |     - postgresql_global_data_info.stat.isdir is defined | ||||||
|  |     - postgresql_global_data_info.stat.isdir | ||||||
|  |     # TODO: determine if initialization is needed | ||||||
|  |  | ||||||
|  | - name: Ensure postgresql container '{{ postgresql_container_name }}' is {{ postgresql_container_state }} | ||||||
|  |   community.docker.docker_container: | ||||||
|  |     name: "{{ postgresql_container_name }}" | ||||||
|  |     image: "{{ postgresql_container_image }}" | ||||||
|  |     env: "{{ postgresql_container_env | default(omit, true) }}" | ||||||
|  |     user: "{{ postgresql_container_user | default(omit, true) }}" | ||||||
|  |     ports: "{{ postgresql_container_ports | default(omit, true) }}" | ||||||
|  |     labels: "{{ postgresql_container_labels | default(omit, true) }}" | ||||||
|  |     volumes: "{{ postgresql_container_merged_volumes }}" | ||||||
|  |     recreate: "{{ postgresql_container_recreate | default(omit, true) }}" | ||||||
|  |     networks: "{{ postgresql_container_networks | default(omit, true) }}" | ||||||
|  |     etc_hosts: "{{ postgresql_container_etc_hosts | default(omit, true) }}" | ||||||
|  |     memory: "{{ postgresql_container_memory | default(omit, true) }}" | ||||||
|  |     memory_reservation: "{{ postgresql_container_memory_reservation | default(omit, true) }}" | ||||||
|  |     oom_killer: "{{ postgresql_container_oom_killer | default(omit, true) }}" | ||||||
|  |     oom_score_adj: "{{ postgresql_container_oom_score_adj | default(omit, true) }}" | ||||||
|  |     shm_size: "{{ postgresql_container_shm_size | default(omit, true) }}" | ||||||
|  |     ulimits: "{{ postgresql_container_ulimits | default(omit, true) }}" | ||||||
|  |     restart_policy: "{{ postgresql_container_restart_policy | default(omit, true) }}" | ||||||
|  |     state: "{{ postgresql_container_state }}" | ||||||
							
								
								
									
										47
									
								
								roles/postgresql/tasks/initialize-docker.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								roles/postgresql/tasks/initialize-docker.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,47 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure container '{{ postgresql_container_name }}' is {{ postgresql_container_state }} to initialise the database | ||||||
|  |   community.docker.docker_container: | ||||||
|  |     name: "{{ postgresql_container_name }}" | ||||||
|  |     image: "{{ postgresql_container_image }}" | ||||||
|  |     env: >-2 | ||||||
|  |       {{ postgresql_container_env | default({}, true) | ||||||
|  |          | combine({'POSTGRES_PASSWORD': postgresql_superuser_password}) }} | ||||||
|  |     user: "{{ postgresql_container_user | default(omit, true) }}" | ||||||
|  |     ports: "{{ postgresql_container_ports | default(omit, true) }}" | ||||||
|  |     labels: "{{ postgresql_container_labels | default(omit, true) }}" | ||||||
|  |     volumes: "{{ postgresql_container_initdb_volumes }}" | ||||||
|  |     recreate: "{{ postgresql_container_recreate | default(omit, true) }}" | ||||||
|  |     networks: "{{ postgresql_container_networks | default(omit, true) }}" | ||||||
|  |     etc_hosts: "{{ postgresql_container_etc_hosts | default(omit, true) }}" | ||||||
|  |     memory: "{{ postgresql_container_memory | default(omit, true) }}" | ||||||
|  |     memory_reservation: "{{ postgresql_container_memory_reservation | default(omit, true) }}" | ||||||
|  |     oom_killer: "{{ postgresql_container_oom_killer | default(omit, true) }}" | ||||||
|  |     oom_score_adj: "{{ postgresql_container_oom_score_adj | default(omit, true) }}" | ||||||
|  |     shm_size: "{{ postgresql_container_shm_size | default(omit, true) }}" | ||||||
|  |     ulimits: "{{ postgresql_container_ulimits | default(omit, true) }}" | ||||||
|  |     restart_policy: "{{ postgresql_container_restart_policy | default(omit, true) }}" | ||||||
|  |     state: "{{ postgresql_container_state }}" | ||||||
|  |   register: postgresql_container_info | ||||||
|  |  | ||||||
|  | - name: Wait for container startup | ||||||
|  |   block: | ||||||
|  |     - name: Wait for container startup (socket) | ||||||
|  |       ansible.builtin.wait_for: | ||||||
|  |         path: "{{ postgresql_config_unix_socket_directories | first  }}/.s.PGSQL.{{ postgresql_config_port }}" | ||||||
|  |       when: "postgresql_config_connect_socket | bool" | ||||||
|  |     - name: Wait for container startup (port) | ||||||
|  |       ansible.builtin.wait_for: | ||||||
|  |         host: >-2 | ||||||
|  |           {{ (pg_addresses == '*') | ternary( | ||||||
|  |                  omit, | ||||||
|  |                  postgresql_config_listen_addresses | first | ||||||
|  |              ) }} | ||||||
|  |         port: "{{ postgresql_config_port }}" | ||||||
|  |       when: "not postgresql_config_connect_socket | bool" | ||||||
|  |       vars: | ||||||
|  |         pg_addresses: "{{ postgresql_config_listen_addresses | join(',') }}" | ||||||
|  |  | ||||||
|  | - name: Ensure init container '{{ postgresql_container_name }}' is removed | ||||||
|  |   community.docker.docker_container: | ||||||
|  |     name: "{{ postgresql_container_name }}" | ||||||
|  |     state: absent | ||||||
							
								
								
									
										71
									
								
								roles/postgresql/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										71
									
								
								roles/postgresql/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,71 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure state is valid | ||||||
|  |   ansible.builtin.fail: | ||||||
|  |     msg: >-2 | ||||||
|  |       Invalid state '{{ postgresql_state }}'! Supported | ||||||
|  |       states are {{ postgresql_states | join(', ') }}. | ||||||
|  |   when: postgresql_state not in postgresql_states | ||||||
|  |  | ||||||
|  | - name: Ensure deployment method is valid | ||||||
|  |   ansible.builtin.fail: | ||||||
|  |     msg: >-2 | ||||||
|  |       Unsupported deployment method '{{ postgresql_deployment_method }}! | ||||||
|  |       Supported deployment methods are {{ postgresql_deployment_methods | join(', ') }}. | ||||||
|  |   when: postgresql_deployment_method not in postgresql_deployment_methods | ||||||
|  |  | ||||||
|  | - name: Ensure postgresql user '{{ postgresql_user }}' is {{ postgresql_state }} | ||||||
|  |   ansible.builtin.user: | ||||||
|  |     name: "{{ postgresql_user }}" | ||||||
|  |     state: "{{ postgresql_state }}" | ||||||
|  |     system: "{{ postgresql_user_system | default(omit, true) }}" | ||||||
|  |     create_home: "{{ postgresql_user_create_home | default(omit, true) }}" | ||||||
|  |     groups: "{{ postgresql_user_groups | default(omit, true) }}" | ||||||
|  |     append: "{{ postgresql_user_append | default(omit, true) }}" | ||||||
|  |   register: postgresql_user_info | ||||||
|  |  | ||||||
|  | - name: Ensure directories are {{ postgresql_state }} | ||||||
|  |   ansible.builtin.file: | ||||||
|  |     path: "{{ path.name }}" | ||||||
|  |     state: "{{ (postgresql_state == 'present') | ternary('directory', 'absent') }}" | ||||||
|  |     owner: "{{ path.owner | default(postgresql_user_id, true) }}" | ||||||
|  |     group: "{{ path.group | default(postgresql_user_group_id, true) }}" | ||||||
|  |     mode: "{{ path.mode | default('0755', true) }}" | ||||||
|  |   loop: | ||||||
|  |     - name: "{{ postgresql_config_path }}" | ||||||
|  |     - name: "{{ postgresql_data_path }}" | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: path | ||||||
|  |     label: "{{ path.name }}" | ||||||
|  |  | ||||||
|  | - name: Check for existing PG_VERSION file | ||||||
|  |   ansible.builtin.stat: | ||||||
|  |     path: "{{ postgresql_data_path }}/PG_VERSION" | ||||||
|  |   register: postgresql_data_dir_version_info | ||||||
|  |  | ||||||
|  | - name: Read existing PG_VERSION file | ||||||
|  |   ansible.builtin.slurp: | ||||||
|  |     path: "{{ postgresql_data_path }}/PG_VERSION" | ||||||
|  |   register: postgresql_data_dir_version_content | ||||||
|  |   when: | ||||||
|  |     - postgresql_data_dir_version_info.stat.exists | ||||||
|  |  | ||||||
|  | - name: Prevent major version changes | ||||||
|  |   ansible.builtin.fail: | ||||||
|  |     msg: >-2 | ||||||
|  |       Mismatched postgresql version for the data directory! | ||||||
|  |       Aborting... | ||||||
|  |   when: | ||||||
|  |     - postgresql_data_dir_version_info.stat.exists | ||||||
|  |     - "(postgresql_data_dir_version_content.content | b64decode | int) != (postgresql_major_version | int)" | ||||||
|  |  | ||||||
|  | - name: Prepare authentication and authorization for database admin role | ||||||
|  |   ansible.builtin.include_tasks: | ||||||
|  |     file: "prepare.yml" | ||||||
|  |  | ||||||
|  | - name: Deploy postgresql using {{ postgresql_deployment_method }} | ||||||
|  |   ansible.builtin.include_tasks: | ||||||
|  |     file: "deploy-{{ postgresql_deployment_method }}.yml" | ||||||
|  |  | ||||||
|  | - name: Configure postgresql | ||||||
|  |   ansible.builtin.include_tasks: | ||||||
|  |     file: "configure.yml" | ||||||
							
								
								
									
										33
									
								
								roles/postgresql/tasks/prepare.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								roles/postgresql/tasks/prepare.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,33 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure postgresql config files are {{ postgresql_state }} | ||||||
|  |   ansible.builtin.lineinfile: | ||||||
|  |     path: "{{ file.name }}" | ||||||
|  |     insertafter: "{{ file.insert_after | default(omit) }}" | ||||||
|  |     insertbefore: "{{ file.insert_before | default(omit) }}" | ||||||
|  |     line: "{{ file.line }}" | ||||||
|  |     owner: "{{ postgresql_user_id }}" | ||||||
|  |     group: "{{ postgresql_user_group_id }}" | ||||||
|  |     create: true | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: file | ||||||
|  |     label: "{{ file.name }}" | ||||||
|  |   loop: | ||||||
|  |     - name: "{{ postgresql_pg_hba_conf_file }}" | ||||||
|  |       insert_before: "BOF" | ||||||
|  |       line: "# Ansible managed" | ||||||
|  |     - name: "{{ postgresql_pg_ident_conf_file }}" | ||||||
|  |       insert_before: "BOF" | ||||||
|  |       line: "# Ansible managed" | ||||||
|  |     - name: "{{ postgresql_pg_ident_conf_file }}" | ||||||
|  |       insert_after: "# Ansible managed" | ||||||
|  |       line: "{{ ansible_user }}_{{ postgresql_admin_role }}\t{{ ansible_user }}\t{{ postgresql_admin_role }}" | ||||||
|  |   when: postgresql_state == 'present' | ||||||
|  |  | ||||||
|  | - name: Configure permissions for postgresql admin role | ||||||
|  |   community.postgresql.postgresql_pg_hba: | ||||||
|  |     dest: "{{ postgresql_pg_hba_conf_file }}" | ||||||
|  |     contype: "{{ postgresql_admin_role_contype }}" | ||||||
|  |     users: "{{ postgresql_admin_role }}" | ||||||
|  |     method: "{{ postgresql_admin_role_method }}" | ||||||
|  |     options: "map={{ ansible_user }}_{{ postgresql_admin_role }}" | ||||||
|  |   when: postgresql_state == 'present' | ||||||
							
								
								
									
										19
									
								
								roles/postgresql/templates/postgresql-passwd.j2
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								roles/postgresql/templates/postgresql-passwd.j2
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | root:x:0:0:root:/root:/bin/bash | ||||||
|  | daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin | ||||||
|  | bin:x:2:2:bin:/bin:/usr/sbin/nologin | ||||||
|  | sys:x:3:3:sys:/dev:/usr/sbin/nologin | ||||||
|  | sync:x:4:65534:sync:/bin:/bin/sync | ||||||
|  | games:x:5:60:games:/usr/games:/usr/sbin/nologin | ||||||
|  | man:x:6:12:man:/var/cache/man:/usr/sbin/nologin | ||||||
|  | lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin | ||||||
|  | mail:x:8:8:mail:/var/mail:/usr/sbin/nologin | ||||||
|  | news:x:9:9:news:/var/spool/news:/usr/sbin/nologin | ||||||
|  | uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin | ||||||
|  | proxy:x:13:13:proxy:/bin:/usr/sbin/nologin | ||||||
|  | www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin | ||||||
|  | backup:x:34:34:backup:/var/backups:/usr/sbin/nologin | ||||||
|  | list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin | ||||||
|  | irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin | ||||||
|  | _apt:x:42:65534::/nonexistent:/usr/sbin/nologin | ||||||
|  | nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin | ||||||
|  | postgres:x:{{ postgresql_user_id }}:{{ postgresql_user_group_id }}::/var/lib/postgresql:/bin/bash | ||||||
							
								
								
									
										6
									
								
								roles/postgresql/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								roles/postgresql/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | |||||||
|  | --- | ||||||
|  | postgresql_states: | ||||||
|  |   - present | ||||||
|  |   - absent | ||||||
|  | postgresql_deployment_methods: | ||||||
|  |   - docker | ||||||
| @@ -23,4 +23,5 @@ | |||||||
|     networks: "{{ redis_container_networks | default(omit, true) }}" |     networks: "{{ redis_container_networks | default(omit, true) }}" | ||||||
|     etc_hosts: "{{ redis_container_etc_hosts | default(omit, true) }}" |     etc_hosts: "{{ redis_container_etc_hosts | default(omit, true) }}" | ||||||
|     dns_servers: "{{ redis_container_dns_servers | default(omit, true) }}" |     dns_servers: "{{ redis_container_dns_servers | default(omit, true) }}" | ||||||
|  |     restart_policy: "{{ redis_container_restart_policy | default(omit, true) }}" | ||||||
|     state: "{{ redis_container_state }}" |     state: "{{ redis_container_state }}" | ||||||
|   | |||||||
							
								
								
									
										13
									
								
								roles/valkey/README.md
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								roles/valkey/README.md
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,13 @@ | |||||||
|  | # `finallycoffee.databases.valkey` ansible role | ||||||
|  |  | ||||||
|  | Valkey is an open source (BSD 3 licensed), high-performance in-memory key/value | ||||||
|  | data store, ideal for workloads like caching or message queues. It has been | ||||||
|  | forked from redis 7.2.4 before redis license was changed to SSPL. | ||||||
|  |  | ||||||
|  | Valkey offers compatibility to redis and can be used as a drop-in replacement | ||||||
|  | for redis. | ||||||
|  |  | ||||||
|  | ## Configuration | ||||||
|  |  | ||||||
|  | For the configuration, see the [`redis` role configuration](../redis/README.md#configuration), | ||||||
|  | and swap the `redis_` prefix of all variables for the `valkey_` prefix. | ||||||
							
								
								
									
										41
									
								
								roles/valkey/defaults/main/config.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										41
									
								
								roles/valkey/defaults/main/config.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,41 @@ | |||||||
|  | --- | ||||||
|  | valkey_config_bind: | ||||||
|  |   - "127.0.0.1" | ||||||
|  |   - "-::1" | ||||||
|  | valkey_config_protected_mode: true | ||||||
|  | valkey_config_port: 6379 | ||||||
|  | valkey_config_unixsocket: ~ | ||||||
|  | valkey_config_unixsocketperm: '700' | ||||||
|  | valkey_config_user: | ||||||
|  |   - "default on +@all -DEBUG ~* nopass" | ||||||
|  | valkey_config_databases: 16 | ||||||
|  | valkey_config_supervised: false | ||||||
|  | valkey_config_daemonize: false | ||||||
|  | valkey_config_dbfilename: dump.rdb | ||||||
|  | valkey_config_dir: "{{ valkey_data_path }}" | ||||||
|  | valkey_config_save: "3600 1 300 100 60 10000" | ||||||
|  | valkey_config_appendfsync: everysec | ||||||
|  |  | ||||||
|  | valkey_base_config: | ||||||
|  |   bind: "{{ valkey_config_bind | join(' ') }}" | ||||||
|  |   "protected-mode": "{{ valkey_config_protected_mode | bool | ternary('yes', 'no') }}" | ||||||
|  |   port: "{{ valkey_config_port }}" | ||||||
|  |   user: "{{ valkey_config_user }}" | ||||||
|  |   databases: "{{ valkey_config_databases }}" | ||||||
|  |   daemonize: "{{ valkey_config_daemonize | bool | ternary('yes', 'no') }}" | ||||||
|  |   supervised: "{{ valkey_config_supervised | bool | ternary('yes', 'no') }}" | ||||||
|  |   save: "{{ valkey_config_save }}" | ||||||
|  |   dbfilename: "{{ valkey_config_dbfilename }}" | ||||||
|  |   dir: "{{ valkey_config_dir }}" | ||||||
|  |   appendfsync: "{{ valkey_config_appendfsync }}" | ||||||
|  |  | ||||||
|  | valkey_config: ~ | ||||||
|  | valkey_merged_config: >-2 | ||||||
|  |   {{ valkey_base_config | ||||||
|  |   | combine(({ | ||||||
|  |       'unixsocket': valkey_config_unixsocket, | ||||||
|  |       'unixsocketperm': valkey_config_unixsocketperm, | ||||||
|  |     }) | ||||||
|  |     if (valkey_config_unixsocket | default(false, true)) else {}, | ||||||
|  |     recursive=True) | ||||||
|  |   | combine(valkey_config | default({}, true), recursive=True) }} | ||||||
							
								
								
									
										49
									
								
								roles/valkey/defaults/main/container.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										49
									
								
								roles/valkey/defaults/main/container.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,49 @@ | |||||||
|  | --- | ||||||
|  | valkey_container_image_registry: docker.io | ||||||
|  | valkey_container_image_namespace: valkey | ||||||
|  | valkey_container_image_name: valkey | ||||||
|  | valkey_container_image_tag: ~ | ||||||
|  | valkey_container_image_flavour: alpine | ||||||
|  | valkey_container_image_source: pull | ||||||
|  | valkey_container_image_force_source: >-2 | ||||||
|  |   {{ valkey_container_image_tag | default(false, true) | bool }} | ||||||
|  | valkey_container_image: >-2 | ||||||
|  |   {{ | ||||||
|  |     ([ | ||||||
|  |       valkey_container_image_registry | default([], true), | ||||||
|  |       valkey_container_image_namespace | default([], true), | ||||||
|  |       valkey_container_image_name, | ||||||
|  |     ] | flatten | join('/')) | ||||||
|  |     + ':' + | ||||||
|  |     (valkey_container_image_tag | default( | ||||||
|  |       valkey_version + ( | ||||||
|  |         ((valkey_container_image_flavour is string) | ||||||
|  |             and (valkey_container_image_flavour | length > 0)) | ||||||
|  |         | ternary('-' + (valkey_container_image_flavour | default('')), '') | ||||||
|  |       ), | ||||||
|  |       true, | ||||||
|  |     )) | ||||||
|  |   }} | ||||||
|  |  | ||||||
|  | valkey_container_name: "valkey{{ valkey_instance_suffix }}" | ||||||
|  | valkey_container_env: ~ | ||||||
|  | valkey_container_user: >-2 | ||||||
|  |   {{ valkey_run_user_id }}:{{ valkey_run_group_id }} | ||||||
|  | valkey_container_ports: ~ | ||||||
|  | valkey_container_labels: ~ | ||||||
|  | valkey_container_volumes: ~ | ||||||
|  | valkey_container_merged_volumes: >-2 | ||||||
|  |   {{ valkey_container_base_volumes | ||||||
|  |   + valkey_container_volumes | default([], true) }} | ||||||
|  | valkey_container_command: | ||||||
|  |   - "valkey-server" | ||||||
|  |   - "{{ valkey_config_file }}" | ||||||
|  | valkey_container_networks: ~ | ||||||
|  | valkey_container_etc_hosts: ~ | ||||||
|  | valkey_container_dns_servers: ~ | ||||||
|  | valkey_container_restart_policy: "unless-stopped" | ||||||
|  | valkey_container_state: >-2 | ||||||
|  |   {{ (valkey_state == 'present') | ternary('started', 'absent') }} | ||||||
|  | valkey_container_base_volumes: | ||||||
|  |   - "{{ valkey_config_file }}:{{ valkey_config_file }}:ro" | ||||||
|  |   - "{{ valkey_data_path }}:{{ valkey_data_path }}:rw" | ||||||
							
								
								
									
										15
									
								
								roles/valkey/defaults/main/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										15
									
								
								roles/valkey/defaults/main/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,15 @@ | |||||||
|  | --- | ||||||
|  | valkey_version: "8.0.1" | ||||||
|  | valkey_state: "present" | ||||||
|  | valkey_instance: ~ | ||||||
|  | valkey_instance_suffix: >-2 | ||||||
|  |   {{ ((valkey_instance is string) and (valkey_instance | length > 0)) | ||||||
|  |     | ternary('-' + (valkey_instance | default('', true)), '') }} | ||||||
|  | valkey_user: >-2 | ||||||
|  |   valkey{{ valkey_instance_suffix }} | ||||||
|  |  | ||||||
|  | valkey_config_path: "/etc/valkey" | ||||||
|  | valkey_config_file: >-2 | ||||||
|  |   {{ valkey_config_path }}/valkey{{ valkey_instance_suffix }}.conf | ||||||
|  | valkey_data_path: "/var/lib/valkey{{ valkey_instance_suffix }}" | ||||||
|  | valkey_deployment_method: docker | ||||||
							
								
								
									
										10
									
								
								roles/valkey/defaults/main/user.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								roles/valkey/defaults/main/user.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,10 @@ | |||||||
|  | --- | ||||||
|  | valkey_run_user_id: >-2 | ||||||
|  |   {{ valkey_user_info.uid | default(valkey_user, true) }} | ||||||
|  | valkey_run_group_id: >-2 | ||||||
|  |   {{ valkey_user_info.group | default(valkey_user, true) }} | ||||||
|  | valkey_user_system: true | ||||||
|  | valkey_user_create_home: false | ||||||
|  | valkey_user_groups: ~ | ||||||
|  | valkey_user_append_groups: >-2 | ||||||
|  |   {{ valkey_user_groups | default(true, false) | bool }} | ||||||
							
								
								
									
										11
									
								
								roles/valkey/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								roles/valkey/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure valkey container '{{ valkey_container_name }}' is restarted | ||||||
|  |   community.docker.docker_container: | ||||||
|  |     name: "{{ valkey_container_name }}" | ||||||
|  |     state: "{{ valkey_container_state }}" | ||||||
|  |     restart: true | ||||||
|  |   listen: valkey-restart | ||||||
|  |   when: | ||||||
|  |     - valkey_deployment_method == 'docker' | ||||||
|  |     - valkey_state == 'present' | ||||||
|  |   ignore_errors: "{{ ansible_check_mode }}" | ||||||
							
								
								
									
										11
									
								
								roles/valkey/meta/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								roles/valkey/meta/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | |||||||
|  | --- | ||||||
|  | allow_duplicates: true | ||||||
|  | dependencies: [] | ||||||
|  | galaxy_info: | ||||||
|  |   role_name: valkey | ||||||
|  |   description: >-2 | ||||||
|  |     An open source, in-memory datastore under BSD 3 license | ||||||
|  |   galaxy_tags: | ||||||
|  |     - valkey | ||||||
|  |     - redis | ||||||
|  |     - docker | ||||||
							
								
								
									
										27
									
								
								roles/valkey/tasks/deploy-docker.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								roles/valkey/tasks/deploy-docker.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,27 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure container image '{{ valkey_container_image }}' is {{ valkey_state }} | ||||||
|  |   community.docker.docker_image: | ||||||
|  |     name: "{{ valkey_container_image }}" | ||||||
|  |     state: "{{ valkey_state }}" | ||||||
|  |     source: "{{ valkey_container_image_source }}" | ||||||
|  |     force_source: "{{ valkey_container_image_force_source }}" | ||||||
|  |   register: valkey_container_image_info | ||||||
|  |   until: valkey_container_image_info is success | ||||||
|  |   retries: 5 | ||||||
|  |   delay: 3 | ||||||
|  |  | ||||||
|  | - name: Ensure container '{{ valkey_container_name }}' is {{ valkey_container_state }} | ||||||
|  |   community.docker.docker_container: | ||||||
|  |     name: "{{ valkey_container_name }}" | ||||||
|  |     image: "{{ valkey_container_image }}" | ||||||
|  |     env: "{{ valkey_container_env | default(omit, true) }}" | ||||||
|  |     user: "{{ valkey_container_user }}" | ||||||
|  |     ports: "{{ valkey_container_ports | default(omit, true) }}" | ||||||
|  |     labels: "{{ valkey_container_labels | default(omit, true) }}" | ||||||
|  |     command: "{{ valkey_container_command }}" | ||||||
|  |     volumes: "{{ valkey_container_merged_volumes }}" | ||||||
|  |     networks: "{{ valkey_container_networks | default(omit, true) }}" | ||||||
|  |     etc_hosts: "{{ valkey_container_etc_hosts | default(omit, true) }}" | ||||||
|  |     dns_servers: "{{ valkey_container_dns_servers | default(omit, true) }}" | ||||||
|  |     restart_policy: "{{ valkey_container_restart_policy | default(omit, true) }}" | ||||||
|  |     state: "{{ valkey_container_state }}" | ||||||
							
								
								
									
										68
									
								
								roles/valkey/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										68
									
								
								roles/valkey/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,68 @@ | |||||||
|  | --- | ||||||
|  | - name: Ensure state is valid | ||||||
|  |   ansible.builtin.fail: | ||||||
|  |     msg: >-2 | ||||||
|  |       Unsupported state '{{ valkey_state }}'. | ||||||
|  |       Supported states are {{ valkey_states | join(', ') }} | ||||||
|  |   when: valkey_state not in valkey_states | ||||||
|  |  | ||||||
|  | - name: Ensure deployment method is valid | ||||||
|  |   ansible.builtin.fail: | ||||||
|  |     msg: >-2 | ||||||
|  |       Unsupported deployment method '{{ valkey_deployment_method }}'! | ||||||
|  |       Supported methods are {{ valkey_deployment_method | join(', ') }} | ||||||
|  |   when: valkey_deployment_method not in valkey_deployment_methods | ||||||
|  |  | ||||||
|  | - name: Ensure valkey user '{{ valkey_user }}' is {{ valkey_state }} | ||||||
|  |   ansible.builtin.user: | ||||||
|  |     name: "{{ valkey_user }}" | ||||||
|  |     state: "{{ valkey_state }}" | ||||||
|  |     system: "{{ valkey_user_system }}" | ||||||
|  |     create_home: "{{ valkey_user_create_home }}" | ||||||
|  |     groups: "{{ valkey_user_groups | default(omit, true) }}" | ||||||
|  |     append: "{{ valkey_user_append_groups | default(omit, true) }}" | ||||||
|  |   register: valkey_user_info | ||||||
|  |  | ||||||
|  | - name: Ensure valkey config file '{{ valkey_config_file }}' is {{ valkey_state }} | ||||||
|  |   ansible.builtin.file: | ||||||
|  |     path: "{{ valkey_config_file }}" | ||||||
|  |     state: "{{ valkey_state }}" | ||||||
|  |   when: valkey_state == 'absent' | ||||||
|  |  | ||||||
|  | - name: Ensure valkey host directories are {{ valkey_state }} | ||||||
|  |   ansible.builtin.file: | ||||||
|  |     path: "{{ path.name }}" | ||||||
|  |     state: >-2 | ||||||
|  |       {{ (valkey_state == 'present') | ternary('directory', 'absent') }} | ||||||
|  |     owner: "{{ path.owner | default(valkey_run_user_id) }}" | ||||||
|  |     group: "{{ path.group | default(valkey_run_group_id) }}" | ||||||
|  |     mode: "{{ path.mode | default('0755') }}" | ||||||
|  |   loop: | ||||||
|  |     - name: "{{ valkey_config_path }}" | ||||||
|  |     - name: "{{ valkey_data_path }}" | ||||||
|  |   loop_control: | ||||||
|  |     loop_var: "path" | ||||||
|  |     label: "{{ path.name }}" | ||||||
|  |  | ||||||
|  | - name: Ensure valkey config file '{{ valkey_config_file }}' is {{ valkey_state }} | ||||||
|  |   ansible.builtin.copy: | ||||||
|  |     content: |+2 | ||||||
|  |       {% for tuple in (valkey_merged_config | dict2items) %} | ||||||
|  |       {% if tuple.value is string  or tuple.value is number %} | ||||||
|  |       {{ tuple.key }} {{ tuple.value }} | ||||||
|  |       {% else %} | ||||||
|  |       {% for value in tuple.value %} | ||||||
|  |       {{ tuple.key }} {{ value }} | ||||||
|  |       {% endfor %} | ||||||
|  |       {% endif %} | ||||||
|  |       {% endfor %} | ||||||
|  |     dest: "{{ valkey_config_file }}" | ||||||
|  |     owner: "{{ valkey_run_user_id }}" | ||||||
|  |     group: "{{ valkey_run_group_id }}" | ||||||
|  |     mode: "0640" | ||||||
|  |   when: valkey_state == 'present' | ||||||
|  |   notify: valkey-restart | ||||||
|  |  | ||||||
|  | - name: Deploy valkey using {{ valkey_deployment_method }} | ||||||
|  |   ansible.builtin.include_tasks: | ||||||
|  |     file: "deploy-{{ valkey_deployment_method }}.yml" | ||||||
							
								
								
									
										6
									
								
								roles/valkey/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								roles/valkey/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | |||||||
|  | --- | ||||||
|  | valkey_states: | ||||||
|  |   - present | ||||||
|  |   - absent | ||||||
|  | valkey_deployment_methods: | ||||||
|  |   - docker | ||||||
		Reference in New Issue
	
	Block a user