99 lines
2.7 KiB
YAML
99 lines
2.7 KiB
YAML
---
|
|
- name: install depencies packages
|
|
ansible.builtin.package:
|
|
name:
|
|
- gpg
|
|
- python3-psycopg2
|
|
tags: postgresql
|
|
|
|
- import_tasks: repo.yml
|
|
when: postgresql_use_official_repository
|
|
|
|
- name: install packages
|
|
ansible.builtin.package:
|
|
name:
|
|
- 'postgresql-{{ postgresql_version }}'
|
|
tags: postgresql
|
|
|
|
- name: copy config
|
|
ansible.builtin.template:
|
|
src: '{{ item }}.j2'
|
|
dest: '/etc/postgresql/{{ postgresql_version }}/main/{{ item }}'
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
loop:
|
|
- postgresql.conf
|
|
- pg_hba.conf
|
|
notify: reload postgresql
|
|
tags: postgresql
|
|
|
|
- name: enable and start service
|
|
ansible.builtin.service:
|
|
name: 'postgresql@{{ postgresql_version }}-main'
|
|
state: started
|
|
enabled: true
|
|
tags: postgresql
|
|
|
|
- name: wait for service is up
|
|
ansible.builtin.wait_for:
|
|
port: 5432
|
|
tags: postgresql
|
|
|
|
- name: manage users
|
|
community.general.postgresql_user:
|
|
name: '{{ item.key }}'
|
|
password: '{{ item.value.password }}'
|
|
role_attr_flags: '{{ item.value.attributes | default([]) | join(",") }}'
|
|
state: '{{ item.value.state | default("present") }}'
|
|
loop: '{{ postgresql_users | dict2items }}'
|
|
loop_control:
|
|
label: '{{ item.key }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: manage databases
|
|
community.general.postgresql_db:
|
|
name: '{{ item.name }}'
|
|
encoding: '{{ item.encoding | default("UTF-8") }}'
|
|
state: '{{ item.state | default("present") }}'
|
|
lc_collate: '{{ item.lc_collate | default("C.UTF-8") }}'
|
|
lc_ctype: '{{ item.lc_ctype | default("C.UTF-8") }}'
|
|
template: '{{ item.template | default("template0") }}'
|
|
owner: '{{ item.owner }}'
|
|
loop: '{{ postgresql_databases }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: manage user's privileges
|
|
community.postgresql.postgresql_privs:
|
|
db: '{{ item.database }}'
|
|
roles: '{{ item.role }}'
|
|
type: '{{ item.type | default("table") }}'
|
|
objs: '{{ item.objets | default(["ALL_IN_SCHEMA"]) | join(",") }}'
|
|
privs: '{{ item.privileges | join(",") }}'
|
|
state: '{{ item.state | default("present") }}'
|
|
loop: '{{ postgresql_privileges }}'
|
|
loop_control:
|
|
label: '{{ item.role }}/{{ item.database }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: manage role membership
|
|
community.postgresql.postgresql_membership:
|
|
groups: '{{ item.value.groups }}'
|
|
target_roles: '{{ item.key }}'
|
|
state: '{{ item.value.state | default("present") }}'
|
|
loop: '{{ postgresql_role_memberships | dict2items }}'
|
|
loop_control:
|
|
label: '{{ item.key }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|