2020-05-31 09:58:33 +00:00
- name : PostgreSQL set defaults
2020-07-12 16:33:21 +00:00
template :
src : "config.conf"
dest : "/etc/postgresql/{{ postgres.version }}/main/postgresql.conf"
follow : yes
2020-05-16 21:37:59 +00:00
notify : Run service actions
tags :
- postgres
2020-07-12 16:33:21 +00:00
- configs
2020-05-16 21:37:59 +00:00
- name : Set root user password
become : yes
become_user : postgres
postgresql_user :
2020-05-21 18:16:53 +00:00
port : '{{ postgres.port }}'
2020-05-16 21:37:59 +00:00
db : postgres
2020-05-21 18:16:53 +00:00
name : "{{ vault_postgres.user }}"
password : "{{ vault_postgres.password }}"
2020-05-16 21:37:59 +00:00
tags :
- postgres
- vault
- name : Create users
become : yes
become_user : postgres
postgresql_user :
2020-05-21 18:16:53 +00:00
port : '{{ postgres.port }}'
2020-05-16 21:37:59 +00:00
db : postgres
name : '{{ item }}'
role_attr_flags : "LOGIN,NOSUPERUSER,NOCREATEROLE,NOCREATEDB,NOREPLICATION,NOINHERIT"
2020-05-21 18:16:53 +00:00
password : "{{ vault_postgres.dbpass[item] }}"
loop : "{{ postgres.databases }}"
2020-05-16 21:37:59 +00:00
tags :
- postgres
- vault
- name : Create databases
become : yes
become_user : postgres
postgresql_db :
name : '{{ item }}'
owner : '{{ item }}'
2020-05-21 18:16:53 +00:00
loop : "{{ postgres.databases }}"
2020-05-16 21:37:59 +00:00
tags :
- postgres
- vault
- name : Allow users on the private IP subnet to connect to PGSQL
postgresql_pg_hba :
contype : host
dest : '/etc/postgresql/12/main/pg_hba.conf'
source : "{{(ansible_ens10.ipv4.address + '/' + '8')}}" # NOTE: Using ansible_ens10.ipv4.netmask and converting it will result in a /32 mask because the interface doesn't offer information about the mask
notify : Run service actions
tags :
- postgres