---

- name: Postgres | establish dependencies
  ansible.builtin.package:
    name: "{{ item }}"
    state: present
  loop:
    - postgresql-{{ ha_pg_db_version }}
    - libpq-dev
    - python3-psycopg2

- name: Postgres | Configure PostgreSQL database
  community.general.postgresql_db:
    name: "{{ ha_pg_db_name }}"
    template: template0
    encoding: utf8
  become: true
  become_user: postgres

- name: Postgres | Configure PostgreSQL user
  community.general.postgresql_user:
    db: "{{ ha_pg_db_name }}"
    name: "{{ ha_pg_db_user }}"
    password: "{{ ha_pg_db_pass }}"
  become: true
  become_user: postgres

- name: Postgres | GRANT ALL PRIVILEGES ON SCHEMA public TO {{ ha_pg_db_user }}
  community.postgresql.postgresql_privs:
    db: "{{ ha_pg_db_user }}"
    privs: ALL
    type: schema
    objs: public
    role: "{{ ha_pg_db_user }}"
  become: true
  become_user: postgres

- name: Postgres | Grant all users access to all dbs
  community.general.postgresql_pg_hba:
    dest: /etc/postgresql/{{ ha_pg_db_version }}/main/pg_hba.conf
    contype: host
    users: all
    databases: all
    method: scram-sha-256
    source: 0.0.0.0/0
  notify: Restart postgresql

- name: Postgres | Listen to external interfaces
  community.general.postgresql_set:
    name: listen_addresses
    value: "*"
  become: true
  become_user: postgres
  notify: Restart postgresql