xoxys.postgres/tasks/config.yml

---
- block:
    - name: Setup global config file
      template:
        src: postgresql/data/postgresql.conf.j2
        dest: "{{ __postgres_config_path }}/postgresql.conf"
        mode: 0600
      notify: __postgres_restart

    - name: Create local users for pam auth
      user:
        name: "{{ item.name }}"
        password: "{{ item.password | password_hash('sha512', 65534 | random(seed=inventory_hostname) | string) }}"
        state: "{{ item.state | default('present') }}"
      loop: "{{ postgres_users }}"
      no_log: "{{ postgres_no_log }}"
      when: item.pam_user | default(False)

    - name: Setup client authentication
      postgresql_pg_hba:
        dest: "{{ __postgres_config_path }}/pg_hba.conf"
        contype: "{{ item.contype | default('local') }}"
        users: "{{ item.users | default(['all']) | join(',') }}"
        address: "{{ item.address | default('all') }}"
        databases: "{{ item.databases | default(['all']) | join(',') }}"
        method: "{{ item.auth_method | default('md5') }}"
        state: "{{ item.state | default('present') }}"
      loop: "{{ postgres_hba_entries + postgres_hba_entries_extra }}"
      loop_control:
        label: "{{ item.address | default('samehost') }}:{{ item.databases | default(['all']) | join(',') }}:{{ item.users | default(['all']) | join(',') }}"
      notify: __postgres_restart
  become: True
  become_user: root
add postgresql.conf templating 2018-10-16 18:53:36 +00:00			`---`
			`- block:`
add iptables task 2018-10-26 19:56:47 +00:00			`- name: Setup global config file`
			`template:`
			`src: postgresql/data/postgresql.conf.j2`
			`dest: "{{ __postgres_config_path }}/postgresql.conf"`
			`mode: 0600`
			`notify: __postgres_restart`
fix typo; notify restart after changing pg_hba 2018-10-17 20:26:30 +00:00
add iptables task 2018-10-26 19:56:47 +00:00			`- name: Create local users for pam auth`
			`user:`
			`name: "{{ item.name }}"`
			`password: "{{ item.password \| password_hash('sha512', 65534 \| random(seed=inventory_hostname) \| string) }}"`
			`state: "{{ item.state \| default('present') }}"`
remove old loop syntax 2019-08-27 20:55:28 +00:00			`loop: "{{ postgres_users }}"`
small fixes 2019-10-26 12:11:06 +00:00			`no_log: "{{ postgres_no_log }}"`
add iptables task 2018-10-26 19:56:47 +00:00			`when: item.pam_user \| default(False)`
create linux users for pam auth 2018-10-22 20:10:06 +00:00
add iptables task 2018-10-26 19:56:47 +00:00			`- name: Setup client authentication`
remove pg_hba template and switch to module 2019-10-23 07:44:56 +00:00			`postgresql_pg_hba:`
add iptables task 2018-10-26 19:56:47 +00:00			`dest: "{{ __postgres_config_path }}/pg_hba.conf"`
remove pg_hba template and switch to module 2019-10-23 07:44:56 +00:00			`contype: "{{ item.contype \| default('local') }}"`
remove wrong bracket 2019-10-23 07:48:39 +00:00			`users: "{{ item.users \| default(['all']) \| join(',') }}"`
remove wrong bracket 2019-10-23 07:54:14 +00:00			`address: "{{ item.address \| default('all') }}"`
remove wrong bracket 2019-10-23 07:48:39 +00:00			`databases: "{{ item.databases \| default(['all']) \| join(',') }}"`
remove pg_hba template and switch to module 2019-10-23 07:44:56 +00:00			`method: "{{ item.auth_method \| default('md5') }}"`
			`state: "{{ item.state \| default('present') }}"`
add postgres_hba_entries_extra 2019-10-23 08:00:52 +00:00			`loop: "{{ postgres_hba_entries + postgres_hba_entries_extra }}"`
remove pg_hba template and switch to module 2019-10-23 07:44:56 +00:00			`loop_control:`
remove wrong bracket 2019-10-23 07:54:14 +00:00			`label: "{{ item.address \| default('samehost') }}:{{ item.databases \| default(['all']) \| join(',') }}:{{ item.users \| default(['all']) \| join(',') }}"`
add iptables task 2018-10-26 19:56:47 +00:00			`notify: __postgres_restart`
add postgresql.conf templating 2018-10-16 18:53:36 +00:00			`become: True`
			`become_user: root`