---
- name: install depencies packages
  ansible.builtin.package:
    name:
      - gpg
      - python3-psycopg2
  tags: postgresql

- import_tasks: repo.yml
  when: postgresql_use_official_repository

- name: install packages
  ansible.builtin.package:
    name:
      - 'postgresql-{{ postgresql_version }}'
  tags: postgresql

- name: copy config
  ansible.builtin.template:
    src: '{{ item }}.j2'
    dest: '/etc/postgresql/{{ postgresql_version }}/main/{{ item }}'
    owner: root
    group: root
    mode: 0644
  loop:
    - postgresql.conf
    - pg_hba.conf
  notify: reload postgresql
  tags: postgresql

- name: enable and start service
  ansible.builtin.service:
    name: 'postgresql@{{ postgresql_version }}-main'
    state: started
    enabled: true
  tags: postgresql

- name: wait for service is up
  ansible.builtin.wait_for:
    port: 5432
  tags: postgresql

- name: manage databases
  community.general.postgresql_db:
    name: '{{ item.name }}'
    encoding: '{{ item.encoding|default("UTF-8") }}'
    state: '{{ item.state|default("present") }}'
    lc_collate: '{{ item.lc_collate|default("C.UTF-8") }}'
    lc_ctype: '{{ item.lc_ctype|default("C.UTF-8") }}'
    template: '{{ item.template|default("template0") }}'
  loop: '{{ postgresql_databases }}'
  become: true
  become_user: postgres
  when: postgresql_primary
  tags: postgresql

- name: manage users
  community.general.postgresql_user:
    name: '{{ item.key }}'
    password: '{{ item.value.password }}'
    role_attr_flags: '{{ item.value.attributes|default([])|join(",") }}'
    state: '{{ item.value.state|default("present") }}'
  loop: '{{ postgresql_users|dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  become: true
  become_user: postgres
  when: postgresql_primary
  tags: postgresql

- name: manage user's privileges
  community.postgresql.postgresql_privs:
    db: '{{ item.database }}'
    roles: '{{ item.role }}'
    type: '{{ item.type|default("table") }}'
    objs: '{{ item.objets|default(["ALL_IN_SCHEMA"])|join(",") }}'
    privs: '{{ item.privileges|join(",") }}'
    state: '{{ item.state|default("present") }}'
  loop: '{{ postgresql_privileges }}'
  loop_control:
    label: '{{ item.role }}/{{ item.database }}'
  become: true
  become_user: postgres
  when: postgresql_primary
  tags: postgresql

- name: manage role membership
  community.postgresql.postgresql_membership:
    groups: '{{ item.key }}'
    target_roles: '{{ item.value.roles }}'
    state: '{{ item.value.state|default("present") }}'
  loop: '{{ postgresql_role_memberships|dict2items }}'
  loop_control:
    label: '{{ item.key }}'
  become: true
  become_user: postgres
  when: postgresql_primary
  tags: postgresql