diff --git a/0001-feat-remove-apt_key-use.patch b/0001-feat-remove-apt_key-use.patch new file mode 100644 index 0000000..7d190e5 --- /dev/null +++ b/0001-feat-remove-apt_key-use.patch @@ -0,0 +1,52 @@ +From bf0c03dc14b9ba6d63950dfcd4a61ab430619b82 Mon Sep 17 00:00:00 2001 +From: Adrien Waksberg +Date: Tue, 23 Apr 2024 10:51:45 +0200 +Subject: [PATCH] feat: remove apt_key use + +--- + CHANGELOG.md | 1 + + tasks/repo.yml | 15 +++++++++++---- + 2 files changed, 12 insertions(+), 4 deletions(-) + +diff --git a/CHANGELOG.md b/CHANGELOG.md +index 272f011..b17cb66 100644 +--- a/CHANGELOG.md ++++ b/CHANGELOG.md +@@ -9,6 +9,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/) + + - break: new system for user and privileges + - break: default postgresql version is 15 ++- feat: remove apt_key use + + ### Added + +diff --git a/tasks/repo.yml b/tasks/repo.yml +index 21c94ee..8fc021a 100644 +--- a/tasks/repo.yml ++++ b/tasks/repo.yml +@@ -1,11 +1,18 @@ + --- +-- name: Add official repository key +- ansible.builtin.apt_key: ++- name: Add repository key ++ ansible.builtin.get_url: + url: https://www.postgresql.org/media/keys/ACCC4CF8.asc ++ dest: /etc/apt/keyrings/postgresql.asc ++ owner: root ++ group: root ++ mode: "0644" ++ checksum: sha256:0144068502a1eddd2a0280ede10ef607d1ec592ce819940991203941564e8e76 + tags: postgresql + +-- name: Add official repostiroy ++- name: Add repository + ansible.builtin.apt_repository: ++ repo: >- ++ deb [signed-by=/etc/apt/keyrings/postgresql.asc] ++ http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main + filename: postgresql +- repo: "deb http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main" + tags: postgresql +-- +2.39.2 + diff --git a/CHANGELOG.md b/CHANGELOG.md index be8a4d5..28f93ed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/) - break: new system for user and privileges - break: default postgresql version is 15 - feat: remove apt_key use +- test: use personal docker registry ### Added @@ -26,6 +27,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/) ### Removed - test: remove support debian 10 +- test: remove support debian 11 ## v1.0.0 - 2021-09-10 diff --git a/README.md b/README.md index f29859c..a215541 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,30 @@ # Ansible role: Postgresql -[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-postgresql/releases) -[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-postgresql/src/branch/master/LICENSE) +[![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://code.waks.be/nishiki/ansible-role-postgresql/releases) +[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-postgresql/src/branch/main/LICENSE) Install and configure Postgresql ## Requirements -* Ansible >= 2.10 -* Debian - * Bullseye - * Bookworm +- Ansible >= 2.10 +- Debian + - Bullseye + - Bookworm ## Role variables -| Name | Type | Required |Default | Comment | -|------------------------------------|-------|----------|--------|-----------------------------------------------------| -| postgresql_version | str | no | 15 | the major version to use | -| postgresql_use_official_repository | bool | no | false | set true if you want official postgresql repository | -| postgresql_primary | bool | no | false | set true to create user and database on this server | -| postgresql_config | dict | no | | add option config file | -| postgresql_databases | array | no | | the database to manage | -| postgresql_users | dict | no | | the users to manage | -| postgresql_privileges | array | no | | set the privileges for roles | -| postgresql_hba | array | no | | the hba authorizations | -| postgresql_role_memberships | dict | no | | add membership in a role group | +| Name | Type | Required | Default | Comment | +| ---------------------------------- | ----- | -------- | ------- | --------------------------------------------------- | +| postgresql_version | str | no | 15 | the major version to use | +| postgresql_use_official_repository | bool | no | false | set true if you want official postgresql repository | +| postgresql_primary | bool | no | false | set true to create user and database on this server | +| postgresql_config | dict | no | | add option config file | +| postgresql_databases | array | no | | the database to manage | +| postgresql_users | dict | no | | the users to manage | +| postgresql_privileges | array | no | | set the privileges for roles | +| postgresql_hba | array | no | | the hba authorizations | +| postgresql_role_memberships | dict | no | | add membership in a role group | ### postgresql_config @@ -41,18 +41,16 @@ Example: ### postgresql_databases - -| Name | Type | Required | Default | Comment | -|------------|------|----------|-----------|-----------------------------------------------------| -| name | str | yes | | the database name | -| owner | str | yes | | the owner's database name | -| encoding | str | no | UTF-8 | encoding to use | -| lc_collate | str | no | C.UTF-8 | lc_collate to use | -| lc_ctype | str | no | C.UTF-8 | lc_ctype to use | -| template | str | no | template0 | template to use | +| Name | Type | Required | Default | Comment | +| ---------- | ---- | -------- | --------- | --------------------------------- | +| name | str | yes | | the database name | +| owner | str | yes | | the owner's database name | +| encoding | str | no | UTF-8 | encoding to use | +| lc_collate | str | no | C.UTF-8 | lc_collate to use | +| lc_ctype | str | no | C.UTF-8 | lc_ctype to use | +| template | str | no | template0 | template to use | | state | str | no | present | if absent the database is deleted | - Example: ``` @@ -65,7 +63,7 @@ Example: ### postgresql_users | Name | Type | Required | Default | Comment | -|------------|-------|----------|---------|---------------------------------------------------------------| +| ---------- | ----- | -------- | ------- | ------------------------------------------------------------- | | key | str | yes | | the user name | | password | str | yes | | the password to logon | | attributes | array | no | | list with the user's attributes (REPLICATION, SUPERUSER, ...) | @@ -83,14 +81,14 @@ Example: ### postgresql_privileges -| Name | Type | Required | Default | Comment | -|------------|-------|----------|-------------------|---------------------------------------------------------------| -| roles | str | yes | | the roles with this privileges | -| database | str | yes | | the database where to apply the privileges | -| type | str | no | table | the type of privileges (table, function, schema, ...) | -| objets | array | yes | ["ALL_IN_SCHEMA"] | list with the objets (ex: table name) | -| privileges | array | yes | | list with the privileges (SELECT, UPDATE, INSERT, ALL, ...) | -| state | str | no | present | if absent the privileges is deleted | +| Name | Type | Required | Default | Comment | +| ---------- | ----- | -------- | ----------------- | ----------------------------------------------------------- | +| roles | str | yes | | the roles with this privileges | +| database | str | yes | | the database where to apply the privileges | +| type | str | no | table | the type of privileges (table, function, schema, ...) | +| objets | array | yes | ["ALL_IN_SCHEMA"] | list with the objets (ex: table name) | +| privileges | array | yes | | list with the privileges (SELECT, UPDATE, INSERT, ALL, ...) | +| state | str | no | present | if absent the privileges is deleted | Example: @@ -108,13 +106,13 @@ Example: ### postgresql_hba -| Name | Type | Required | Default | Comment | -|-----------|-------|----------|---------|-------------------------------------------------------| -| type | str | yes | | connection type (host, hostssl, local) | -| databases | array | yes | | array with the database names or all string | -| users | array | yes | | array with the user names or all string | -| subnet | str | no | | allow subnet, not require if type is local | -| method | str | yes | | auth method (trust, md5, ...) | +| Name | Type | Required | Default | Comment | +| --------- | ----- | -------- | ------- | ------------------------------------------- | +| type | str | yes | | connection type (host, hostssl, local) | +| databases | array | yes | | array with the database names or all string | +| users | array | yes | | array with the user names or all string | +| subnet | str | no | | allow subnet, not require if type is local | +| method | str | yes | | auth method (trust, md5, ...) | Example: @@ -129,11 +127,11 @@ Example: ### postgresql_role_memberships -| Name | Type | Required | Default | Comment | -|-----------|-------|----------|---------|------------------------------------------| -| key | str | yes | | the role name | -| groups | array | yes | | the groups (roles) where to add the role | -| state | str | no | present | if absent the memberships are deleted | +| Name | Type | Required | Default | Comment | +| ------ | ----- | -------- | ------- | ---------------------------------------- | +| key | str | yes | | the role name | +| groups | array | yes | | the groups (roles) where to add the role | +| state | str | no | present | if absent the memberships are deleted | Example: @@ -178,10 +176,10 @@ Example: ### Test with molecule and docker -* install [docker](https://docs.docker.com/engine/installation/) -* install `python3` and `python3-pip` -* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint` -* run `molecule test` +- install [docker](https://docs.docker.com/engine/installation/) +- install `python3` and `python3-pip` +- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint testinfra yamllint` +- run `molecule test` ## License diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 58f7769..e73cc9e 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -3,16 +3,7 @@ driver: name: docker platforms: - name: debian12 - image: nishiki/debian12:molecule - privileged: true - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - command: /bin/systemd - capabilities: - - SYS_ADMIN - - name: debian11 - image: nishiki/debian11:molecule + image: code.waks.be/nishiki/molecule:debian12 privileged: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:rw