forked from infra/ansible
55 lines
1.3 KiB
YAML
55 lines
1.3 KiB
YAML
|
---
|
||
|
|
||
|
- name: Postgres | establish dependencies
|
||
|
ansible.builtin.package:
|
||
|
name: "{{ item }}"
|
||
|
state: present
|
||
|
loop:
|
||
|
- postgresql-{{ ha_pg_db_version }}
|
||
|
- libpq-dev
|
||
|
- python3-psycopg2
|
||
|
|
||
|
- name: Postgres | Configure PostgreSQL database
|
||
|
community.general.postgresql_db:
|
||
|
name: "{{ ha_pg_db_name }}"
|
||
|
template: template0
|
||
|
encoding: utf8
|
||
|
become: true
|
||
|
become_user: postgres
|
||
|
|
||
|
- name: Postgres | Configure PostgreSQL user
|
||
|
community.general.postgresql_user:
|
||
|
db: "{{ ha_pg_db_name }}"
|
||
|
name: "{{ ha_pg_db_user }}"
|
||
|
password: "{{ ha_pg_db_pass }}"
|
||
|
become: true
|
||
|
become_user: postgres
|
||
|
|
||
|
- name: Postgres | GRANT ALL PRIVILEGES ON SCHEMA public TO {{ ha_pg_db_user }}
|
||
|
community.postgresql.postgresql_privs:
|
||
|
db: "{{ ha_pg_db_user }}"
|
||
|
privs: ALL
|
||
|
type: schema
|
||
|
objs: public
|
||
|
role: "{{ ha_pg_db_user }}"
|
||
|
become: true
|
||
|
become_user: postgres
|
||
|
|
||
|
- name: Postgres | Grant all users access to all dbs
|
||
|
community.general.postgresql_pg_hba:
|
||
|
dest: /etc/postgresql/{{ ha_pg_db_version }}/main/pg_hba.conf
|
||
|
contype: host
|
||
|
users: all
|
||
|
databases: all
|
||
|
method: scram-sha-256
|
||
|
source: 0.0.0.0/0
|
||
|
notify: Restart postgresql
|
||
|
|
||
|
- name: Postgres | Listen to external interfaces
|
||
|
community.general.postgresql_set:
|
||
|
name: listen_addresses
|
||
|
value: "*"
|
||
|
become: true
|
||
|
become_user: postgres
|
||
|
notify: Restart postgresql
|