nishiki/ansible-role-postgresql
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Wiki Activity Actions

test: use personal docker registry

Browse source
This commit is contained in:
Adrien Waksberg 2024-05-08 10:43:30 +02:00
parent a96b7547e8
commit d69bac6e1e
4 changed files with 105 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
0001-feat-remove-apt_key-use.patch Normal file
View file

@ -0,0 +1,52 @@
From bf0c03dc14b9ba6d63950dfcd4a61ab430619b82 Mon Sep 17 00:00:00 2001
From: Adrien Waksberg <adrien.waksberg@mylegitech.com>
Date: Tue, 23 Apr 2024 10:51:45 +0200
Subject: [PATCH] feat: remove apt_key use
---
CHANGELOG.md | 1 +
tasks/repo.yml | 15 +++++++++++----
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 272f011..b17cb66 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
- break: new system for user and privileges
- break: default postgresql version is 15
+- feat: remove apt_key use
### Added
diff --git a/tasks/repo.yml b/tasks/repo.yml
index 21c94ee..8fc021a 100644
--- a/tasks/repo.yml
+++ b/tasks/repo.yml
@@ -1,11 +1,18 @@
---
-- name: Add official repository key
- ansible.builtin.apt_key:
+- name: Add repository key
+ ansible.builtin.get_url:
url: https://www.postgresql.org/media/keys/ACCC4CF8.asc
+ dest: /etc/apt/keyrings/postgresql.asc
+ owner: root
+ group: root
+ mode: "0644"
+ checksum: sha256:0144068502a1eddd2a0280ede10ef607d1ec592ce819940991203941564e8e76
tags: postgresql
-- name: Add official repostiroy
+- name: Add repository
ansible.builtin.apt_repository:
+ repo: >-
+ deb [signed-by=/etc/apt/keyrings/postgresql.asc]
+ http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main
filename: postgresql
- repo: "deb http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main"
tags: postgresql
--
2.39.2

2
CHANGELOG.md
View file

@ -10,6 +10,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
- break: new system for user and privileges
- break: default postgresql version is 15
- feat: remove apt_key use
- test: use personal docker registry
### Added
@ -26,6 +27,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
### Removed
- test: remove support debian 10
- test: remove support debian 11
## v1.0.0 - 2021-09-10

102
README.md
View file

@ -1,30 +1,30 @@
# Ansible role: Postgresql
[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-postgresql/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-postgresql/src/branch/master/LICENSE)
[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://code.waks.be/nishiki/ansible-role-postgresql/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-postgresql/src/branch/main/LICENSE)
Install and configure Postgresql
## Requirements
* Ansible >= 2.10
* Debian
* Bullseye
* Bookworm
- Ansible >= 2.10
- Debian
- Bullseye
- Bookworm
## Role variables
| Name | Type | Required |Default | Comment |
|------------------------------------|-------|----------|--------|-----------------------------------------------------|
| postgresql_version | str | no | 15 | the major version to use |
| postgresql_use_official_repository | bool | no | false | set true if you want official postgresql repository |
| postgresql_primary | bool | no | false | set true to create user and database on this server |
| postgresql_config | dict | no | | add option config file |
| postgresql_databases | array | no | | the database to manage |
| postgresql_users | dict | no | | the users to manage |
| postgresql_privileges | array | no | | set the privileges for roles |
| postgresql_hba | array | no | | the hba authorizations |
| postgresql_role_memberships | dict | no | | add membership in a role group |
| Name | Type | Required | Default | Comment |
| ---------------------------------- | ----- | -------- | ------- | --------------------------------------------------- |
| postgresql_version | str | no | 15 | the major version to use |
| postgresql_use_official_repository | bool | no | false | set true if you want official postgresql repository |
| postgresql_primary | bool | no | false | set true to create user and database on this server |
| postgresql_config | dict | no | | add option config file |
| postgresql_databases | array | no | | the database to manage |
| postgresql_users | dict | no | | the users to manage |
| postgresql_privileges | array | no | | set the privileges for roles |
| postgresql_hba | array | no | | the hba authorizations |
| postgresql_role_memberships | dict | no | | add membership in a role group |
### postgresql_config
@ -41,18 +41,16 @@ Example:
### postgresql_databases
| Name | Type | Required | Default | Comment |
|------------|------|----------|-----------|-----------------------------------------------------|
| name | str | yes | | the database name |
| owner | str | yes | | the owner's database name |
| encoding | str | no | UTF-8 | encoding to use |
| lc_collate | str | no | C.UTF-8 | lc_collate to use |
| lc_ctype | str | no | C.UTF-8 | lc_ctype to use |
| template | str | no | template0 | template to use |
| Name | Type | Required | Default | Comment |
| ---------- | ---- | -------- | --------- | --------------------------------- |
| name | str | yes | | the database name |
| owner | str | yes | | the owner's database name |
| encoding | str | no | UTF-8 | encoding to use |
| lc_collate | str | no | C.UTF-8 | lc_collate to use |
| lc_ctype | str | no | C.UTF-8 | lc_ctype to use |
| template | str | no | template0 | template to use |
| state | str | no | present | if absent the database is deleted |
Example:
```
@ -65,7 +63,7 @@ Example:
### postgresql_users
| Name | Type | Required | Default | Comment |
|------------|-------|----------|---------|---------------------------------------------------------------|
| ---------- | ----- | -------- | ------- | ------------------------------------------------------------- |
| key | str | yes | | the user name |
| password | str | yes | | the password to logon |
| attributes | array | no | | list with the user's attributes (REPLICATION, SUPERUSER, ...) |
@ -83,14 +81,14 @@ Example:
### postgresql_privileges
| Name | Type | Required | Default | Comment |
|------------|-------|----------|-------------------|---------------------------------------------------------------|
| roles | str | yes | | the roles with this privileges |
| database | str | yes | | the database where to apply the privileges |
| type | str | no | table | the type of privileges (table, function, schema, ...) |
| objets | array | yes | ["ALL_IN_SCHEMA"] | list with the objets (ex: table name) |
| privileges | array | yes | | list with the privileges (SELECT, UPDATE, INSERT, ALL, ...) |
| state | str | no | present | if absent the privileges is deleted |
| Name | Type | Required | Default | Comment |
| ---------- | ----- | -------- | ----------------- | ----------------------------------------------------------- |
| roles | str | yes | | the roles with this privileges |
| database | str | yes | | the database where to apply the privileges |
| type | str | no | table | the type of privileges (table, function, schema, ...) |
| objets | array | yes | ["ALL_IN_SCHEMA"] | list with the objets (ex: table name) |
| privileges | array | yes | | list with the privileges (SELECT, UPDATE, INSERT, ALL, ...) |
| state | str | no | present | if absent the privileges is deleted |
Example:
@ -108,13 +106,13 @@ Example:
### postgresql_hba
| Name | Type | Required | Default | Comment |
|-----------|-------|----------|---------|-------------------------------------------------------|
| type | str | yes | | connection type (host, hostssl, local) |
| databases | array | yes | | array with the database names or all string |
| users | array | yes | | array with the user names or all string |
| subnet | str | no | | allow subnet, not require if type is local |
| method | str | yes | | auth method (trust, md5, ...) |
| Name | Type | Required | Default | Comment |
| --------- | ----- | -------- | ------- | ------------------------------------------- |
| type | str | yes | | connection type (host, hostssl, local) |
| databases | array | yes | | array with the database names or all string |
| users | array | yes | | array with the user names or all string |
| subnet | str | no | | allow subnet, not require if type is local |
| method | str | yes | | auth method (trust, md5, ...) |
Example:
@ -129,11 +127,11 @@ Example:
### postgresql_role_memberships
| Name | Type | Required | Default | Comment |
|-----------|-------|----------|---------|------------------------------------------|
| key | str | yes | | the role name |
| groups | array | yes | | the groups (roles) where to add the role |
| state | str | no | present | if absent the memberships are deleted |
| Name | Type | Required | Default | Comment |
| ------ | ----- | -------- | ------- | ---------------------------------------- |
| key | str | yes | | the role name |
| groups | array | yes | | the groups (roles) where to add the role |
| state | str | no | present | if absent the memberships are deleted |
Example:
@ -178,10 +176,10 @@ Example:
### Test with molecule and docker
* install [docker](https://docs.docker.com/engine/installation/)
* install `python3` and `python3-pip`
* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint`
* run `molecule test`
- install [docker](https://docs.docker.com/engine/installation/)
- install `python3` and `python3-pip`
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint`
- run `molecule test`
## License

11
molecule/default/molecule.yml
View file

@ -3,16 +3,7 @@ driver:
name: docker
platforms:
- name: debian12
image: nishiki/debian12:molecule
privileged: true
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
cgroupns_mode: host
command: /bin/systemd
capabilities:
- SYS_ADMIN
- name: debian11
image: nishiki/debian11:molecule
image: code.waks.be/nishiki/molecule:debian12
privileged: true
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw