98 lines
2.6 KiB
YAML
98 lines
2.6 KiB
YAML
---
|
|
- name: install depencies packages
|
|
ansible.builtin.package:
|
|
name:
|
|
- gpg
|
|
- python3-psycopg2
|
|
tags: postgresql
|
|
|
|
- import_tasks: repo.yml
|
|
when: postgresql_use_official_repository
|
|
|
|
- name: install packages
|
|
ansible.builtin.package:
|
|
name:
|
|
- 'postgresql-{{ postgresql_version }}'
|
|
tags: postgresql
|
|
|
|
- name: copy config
|
|
ansible.builtin.template:
|
|
src: '{{ item }}.j2'
|
|
dest: '/etc/postgresql/{{ postgresql_version }}/main/{{ item }}'
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
loop:
|
|
- postgresql.conf
|
|
- pg_hba.conf
|
|
notify: reload postgresql
|
|
tags: postgresql
|
|
|
|
- name: enable and start service
|
|
ansible.builtin.service:
|
|
name: 'postgresql@{{ postgresql_version }}-main'
|
|
state: started
|
|
enabled: true
|
|
tags: postgresql
|
|
|
|
- name: wait for service is up
|
|
ansible.builtin.wait_for:
|
|
port: 5432
|
|
tags: postgresql
|
|
|
|
- name: manage databases
|
|
community.general.postgresql_db:
|
|
name: '{{ item.name }}'
|
|
encoding: '{{ item.encoding|default("UTF-8") }}'
|
|
state: '{{ item.state|default("present") }}'
|
|
lc_collate: '{{ item.lc_collate|default("C.UTF-8") }}'
|
|
lc_ctype: '{{ item.lc_ctype|default("C.UTF-8") }}'
|
|
template: '{{ item.template|default("template0") }}'
|
|
loop: '{{ postgresql_databases }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: manage users
|
|
community.general.postgresql_user:
|
|
name: '{{ item.key }}'
|
|
password: '{{ item.value.password }}'
|
|
role_attr_flags: '{{ item.value.attributes|default([])|join(",") }}'
|
|
state: '{{ item.value.state|default("present") }}'
|
|
loop: '{{ postgresql_users|dict2items }}'
|
|
loop_control:
|
|
label: '{{ item.key }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: manage user's privileges
|
|
community.postgresql.postgresql_privs:
|
|
db: '{{ item.database }}'
|
|
roles: '{{ item.role }}'
|
|
type: '{{ item.type|default("table") }}'
|
|
objs: '{{ item.objets|default(["ALL_IN_SCHEMA"])|join(",") }}'
|
|
privs: '{{ item.privileges|join(",") }}'
|
|
state: '{{ item.state|default("present") }}'
|
|
loop: '{{ postgresql_privileges }}'
|
|
loop_control:
|
|
label: '{{ item.role }}/{{ item.database }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: manage role membership
|
|
community.postgresql.postgresql_membership:
|
|
groups: '{{ item.key }}'
|
|
target_roles: '{{ item.value.roles }}'
|
|
state: '{{ item.value.state|default("present") }}'
|
|
loop: '{{ postgresql_role_memberships|dict2items }}'
|
|
loop_control:
|
|
label: '{{ item.key }}'
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|