README.md

@@ -11,6 +11,9 @@
 - [`mariadb`](roles/mariadb/README.md): deploy mariadb
   in a docker container
 
+- [`postgresql`](roles/postgresql/README.md): deploy postgresql,
+  the worlds most advances open-source relational database
+
 - [`valkey`](roles/valkey/README.md): deploy and configure valkey,
   an open source in-memory data store under BSD license, forked
   from redis.

galaxy.yml

@@ -16,5 +16,7 @@ tags:
   - elasticsearch
   - redis
   - mariadb
+  - postgresql
+  - postgres
   - valkey
   - docker

roles/postgresql/README.md

@@ -0,0 +1,4 @@
+# `finallycoffee.databases.postgresql` ansible role
+
+PostgreSQL is the self proclaimed "world's most advanced" open source relational
+database. This ansible role can deploy and configure postgresql.

roles/postgresql/defaults/main/container.yml

@@ -0,0 +1,38 @@
+---
+postgresql_container_image_registry: docker.io
+postgresql_container_image_namespace: ~
+postgresql_container_image_name: postgres
+postgresql_container_image_tag: ~
+postgresql_container_image_source: pull
+postgresql_container_image_force_source: >-2
+  {{ postgresql_container_image_tag | default(false, true) | bool }}
+postgresql_container_image: >-2
+  {{
+    ([
+      postgresql_container_image_registry | default([], true),
+      postgresql_container_image_namespace | default([], true),
+      postgresql_container_image_name
+    ] | flatten | join('/'))
+    + ':' + postgresql_container_image_tag | default(
+      postgresql_version + (
+        ((postgresql_container_image_flavour is string)
+          and (postgresql_container_image_flavour | length > 0))
+        | ternary(
+          '_' + postgresql_container_image_flavour | default('', true),
+          '',
+        )
+      )
+    )
+  }}
+
+postgresql_container_name: postgresql
+postgresql_container_env: ~
+postgresql_container_user: >-2
+  {{ postgresql_user_id }}:{{ postgresql_user_group_id }}
+postgresql_container_ports: ~
+postgresql_container_labels: ~
+postgresql_container_networks: ~
+postgresql_container_recreate: ~
+postgresql_container_restart_policy: "on-failure"
+postgresql_container_state: >-2
+  {{ (postgresql_state == 'present') | ternary('started', 'absent') }}

roles/postgresql/defaults/main/main.yml

@@ -0,0 +1,13 @@
+---
+postgresql_user: postgresql
+postgresql_version: "17.0"
+postgresql_major_version: >-2
+  {{ postgresql_version | split('.') | first }}
+
+postgresql_config_path: >-2
+  /etc/postgresql/{{ postgresql_major_version }}
+postgresql_data_path: >-2
+  /var/lib/postgresql/{{ postgresql_major_version }}
+
+postgresql_state: present
+postgresql_deployment_method: docker

roles/postgresql/defaults/main/user.yml

@@ -0,0 +1,10 @@
+---
+postgresql_user_system: true
+postgresql_user_create_home: false
+postgresql_user_groups: ~
+postgresql_user_append: ~
+
+postgresql_user_id: >-2
+  {{ postgresql_user_info.uid | default(postgresql_user, true) }}
+postgresql_user_group_id: >-2
+  {{ postgresql_user_info.group | default(postgresql_user, true) }}

roles/postgresql/meta/main.yml

@@ -0,0 +1,12 @@
+---
+allow_duplicates: true
+dependencies: []
+galaxy_info:
+  role_name: postgresql
+  description: >-2
+    PostgreSQL is the self-proclaimed 'worlds most advanced' open source relational database
+  galaxy_tags:
+    - postgresql
+    - postgres
+    - database
+    - docker

roles/postgresql/tasks/deploy-docker.yml

@@ -0,0 +1,23 @@
+---
+- name: Ensure postgresql container image '{{ postgresql_container_image }}' is {{ postgresql_state }}
+  community.docker.docker_image:
+    name: "{{ postgresql_container_image }}"
+    state: "{{ postgresql_state }}"
+    source: "{{ postgresql_container_image_source }}"
+    force_source: "{{ postgresql_container_image_force_source }}"
+  register: postgresql_container_image_info
+  until: postgresql_container_image_info is success
+  retries: 5
+  delay: 4
+
+- name: Ensure postgresql container '{{ postgresql_container_name }}' is {{ postgresql_container_state }}
+  community.docker.docker_container:
+    name: "{{ postgresql_container_name }}"
+    image: "{{ postgresql_container_image }}"
+    env: "{{ postgresql_container_env | default(omit, true) }}"
+    user: "{{ postgresql_container_user | default(omit, true) }}"
+    ports: "{{ postgresql_container_ports | default(omit, true) }}"
+    labels: "{{ postgresql_container_labels | default(omit, true) }}"
+    networks: "{{ postgresql_container_networks | default(omit, true) }}"
+    restart_policy: "{{ postgresql_container_restart_policy | default(omit, true) }}"
+    state: "{{ postgresql_container_state }}"

roles/postgresql/tasks/main.yml

@@ -0,0 +1,63 @@
+---
+- name: Ensure state is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Invalid state '{{ postgresql_state }}'! Supported
+      states are {{ postgresql_states | join(', ') }}.
+  when: postgresql_state not in postgresql_states
+
+- name: Ensure deployment method is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Unsupported deployment method '{{ postgresql_deployment_method }}!
+      Supported deployment methods are {{ postgresql_deployment_methods | join(', ') }}.
+  when: postgresql_deployment_method not in postgresql_deployment_methods
+
+- name: Ensure postgresql user '{{ postgresql_user }}' is {{ postgresql_state }}
+  ansible.builtin.user:
+    name: "{{ postgresql_user }}"
+    state: "{{ postgresql_state }}"
+    system: "{{ postgresql_user_system | default(omit, true) }}"
+    create_home: "{{ postgresql_user_create_home | default(omit, true) }}"
+    groups: "{{ postgresql_user_groups | default(omit, true) }}"
+    append: "{{ postgresql_user_append | default(omit, true) }}"
+  register: postgresql_user_info
+
+- name: Ensure directories are {{ postgresql_state }}
+  ansible.builtin.file:
+    path: "{{ path.name }}"
+    state: "{{ (postgresql_state == 'present') | ternary('directory', 'absent') }}"
+    owner: "{{ path.owner | default(postgresql_user_id, true) }}"
+    group: "{{ path.group | default(postgresql_user_group_id, true) }}"
+    mode: "{{ path.mode | default('0755', true) }}"
+  loop:
+    - name: "{{ postgresql_config_path }}"
+    - name: "{{ postgresql_data_path }}"
+  loop_control:
+    loop_var: path
+    label: "{{ path.name }}"
+
+- name: Check for existing PG_VERSION file
+  ansible.builtin.stat:
+    path: "{{ postgresql_data_path }}/PG_VERSION"
+  register: postgresql_data_dir_version_info
+
+- name: Read existing PG_VERSION file
+  ansible.builtin.slurp:
+    path: "{{ postgresql_data_path }}/PG_VERSION"
+  register: postgresql_data_dir_version_content
+  when:
+    - postgresql_data_dir_version_info.stat.exists
+
+- name: Prevent major version changes
+  ansible.builtin.fail:
+    msg: >-2
+      Mismatched postgresql version for the data directory!
+      Aborting...
+  when:
+    - postgresql_data_dir_version_info.stat.exists
+    - "(postgresql_data_dir_version_content | b64decode | int) != (postgresql_major_version | int)"
+
+- name: Deploy postgresql using {{ postgresql_deployment_method }}
+  ansible.builtin.include_tasks:
+    file: "deploy-{{ postgresql_deployment_method }}.yml"

roles/postgresql/vars/main.yml

@@ -0,0 +1,6 @@
+---
+postgresql_states:
+  - present
+  - absent
+postgresql_deployment_methods:
+  - docker