100 lines
2.7 KiB
YAML
100 lines
2.7 KiB
YAML
---
|
|
- name: Install depencies packages
|
|
ansible.builtin.package:
|
|
name:
|
|
- gpg
|
|
- python3-psycopg2
|
|
tags: postgresql
|
|
|
|
- name: Import repo tasks
|
|
ansible.builtin.import_tasks: repo.yml
|
|
when: postgresql_use_official_repository
|
|
|
|
- name: Install packages
|
|
ansible.builtin.package:
|
|
name:
|
|
- "postgresql-{{ postgresql_version }}"
|
|
tags: postgresql
|
|
|
|
- name: Copy config
|
|
ansible.builtin.template:
|
|
src: "{{ item }}.j2"
|
|
dest: "/etc/postgresql/{{ postgresql_version }}/main/{{ item }}"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
loop:
|
|
- postgresql.conf
|
|
- pg_hba.conf
|
|
notify: Reload postgresql
|
|
tags: postgresql
|
|
|
|
- name: Enable and start service
|
|
ansible.builtin.service:
|
|
name: "postgresql@{{ postgresql_version }}-main"
|
|
state: started
|
|
enabled: true
|
|
tags: postgresql
|
|
|
|
- name: Wait for service is up
|
|
ansible.builtin.wait_for:
|
|
port: 5432
|
|
tags: postgresql
|
|
|
|
- name: Manage users
|
|
community.general.postgresql_user:
|
|
name: "{{ item.key }}"
|
|
password: "{{ item.value.password }}"
|
|
role_attr_flags: "{{ item.value.attributes | default([]) | join(',') }}"
|
|
state: "{{ item.value.state | default('present') }}"
|
|
loop: "{{ postgresql_users | dict2items }}"
|
|
loop_control:
|
|
label: "{{ item.key }}"
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: Manage databases
|
|
community.general.postgresql_db:
|
|
name: "{{ item.name }}"
|
|
encoding: "{{ item.encoding | default('UTF-8') }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
lc_collate: "{{ item.lc_collate | default('C.UTF-8') }}"
|
|
lc_ctype: "{{ item.lc_ctype | default('C.UTF-8') }}"
|
|
template: "{{ item.template | default('template0') }}"
|
|
owner: "{{ item.owner }}"
|
|
loop: "{{ postgresql_databases }}"
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: Manage user"s privileges
|
|
community.postgresql.postgresql_privs:
|
|
db: "{{ item.database }}"
|
|
roles: "{{ item.role }}"
|
|
type: "{{ item.type | default('table') }}"
|
|
objs: "{{ item.objets | default(['ALL_IN_SCHEMA']) | join(',') }}"
|
|
privs: "{{ item.privileges | join(',') }}"
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: "{{ postgresql_privileges }}"
|
|
loop_control:
|
|
label: "{{ item.role }}/{{ item.database }}"
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|
|
|
|
- name: Manage role membership
|
|
community.postgresql.postgresql_membership:
|
|
groups: "{{ item.value.groups }}"
|
|
target_roles: "{{ item.key }}"
|
|
state: "{{ item.value.state | default('present') }}"
|
|
loop: "{{ postgresql_role_memberships | dict2items }}"
|
|
loop_control:
|
|
label: "{{ item.key }}"
|
|
become: true
|
|
become_user: postgres
|
|
when: postgresql_primary
|
|
tags: postgresql
|