kirby/documentation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
documentation/ansible/roles/postgresql/tasks/install.yml
kirby e96e220869 add postgresql role
2025-05-28 11:31:55 +02:00

126 lines
3.0 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
- name: Install requirements
ansible.builtin.apt:
name: "{{ item }}"
state: present
with_items:
- gnupg
- curl
- apt-transport-https
- debian-keyring
- python3-psycopg2
tags: install,conf
- name: Import postgres key
ansible.builtin.get_url:
url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
dest: "/usr/share/keyrings/postgres.ACCC4CF8.asc"
mode: "0644"
force: true
tags: install
- name: Add Postgres repository
ansible.builtin.apt_repository:
filename: postgres
repo: "deb [signed-by=/usr/share/keyrings/postgres.ACCC4CF8.asc] https://apt.postgresql.org/pub/repos/apt bookworm-pgdg main"
tags: install,conf
- name: Install Postgresql
ansible.builtin.apt:
name: "{{ item }}"
state: present
tags: install,conf
with_items:
- postgresql
- postgresql-client
- libpq-dev
- name: Holding postgres packages
ansible.builtin.dpkg_selections:
name: "{{ item }}"
selection: hold
with_items:
- postgresql
- postgresql-client
- libpq-dev
- python3-psycopg2
tags: install,conf
- name: Deploy systemd service file
ansible.builtin.copy:
src: postgresql.service
dest: "/lib/systemd/system/postgresql.service"
mode: "0644"
owner: root
group: root
tags: install
notify:
- Daemon_reload
- Restart Postgres
- name: Deploy Postgresql config file
ansible.builtin.copy:
src: "postgresql.conf"
dest: "/etc/postgresql/16/main/postgresql.conf"
owner: postgres
group: postgres
mode: "0644"
tags: install,conf
notify: Restart Postgres
- name: Enable and start postgres service
ansible.builtin.systemd_service:
name: postgresql.service
state: started
enabled: true
- name: Setting up pg_hba conf for postgres
community.postgresql.postgresql_pg_hba:
dest: "{{ postgresql_default_data_dir }}/pg_hba.conf"
contype: local
databases: all
users: postgres
method: peer
create: true
become: true
become_user: postgres
tags: install
- name: Setting up pg_hba conf for replica
community.postgresql.postgresql_pg_hba:
dest: "{{ postgresql_default_data_dir }}/pg_hba.conf"
contype: host
databases: replication
source: "{{ item }}"
users: replica
method: scram-sha-256
create: true
become: true
become_user: postgres
with_items: "{{ postgresql_replication_networks }}"
tags: install
- name: Creating replica users
community.postgresql.postgresql_user:
name: "{{ postgresql_replication_user }}"
password: "{{ postgresql_replication_password }}"
role_attr_flags: "REPLICATION"
become: true
become_user: postgres
tags: install
- name: Setting up pg_hba conf for ILG/APP users
community.postgresql.postgresql_pg_hba:
dest: "{{ postgresql_default_data_dir }}/pg_hba.conf"
contype: host
users: all
source: "{{ item }}"
databases: all
method: scram-sha-256
create: true
with_items: "{{ postgresql_users_networks }}"
become: true
become_user: postgres
tags: install
Reference in New Issue View Git Blame Copy Permalink