Flush handlers after configuring pg_hba.
This commit is contained in:
parent
a6f71dda75
commit
fd68e8d04a
|
@ -1,8 +1,6 @@
|
|||
---
|
||||
- name: configure-access | Configure accesses on Deb/Ubuntu
|
||||
when: ansible_distribution_file_variety == "Debian"
|
||||
become: true
|
||||
become_user: postgres
|
||||
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db']
|
||||
block:
|
||||
- name: configure-access | Give access to the remote postgresql client
|
||||
|
@ -14,6 +12,9 @@
|
|||
databases: '{{ item.0.name }}'
|
||||
# method: 'scram-sha-256'
|
||||
method: 'md5'
|
||||
owner: root
|
||||
group: postgres
|
||||
mode: "0640"
|
||||
state: "{{ item.0.state | default('present') }}"
|
||||
with_subelements:
|
||||
- '{{ psql_db_data | default([]) }}'
|
||||
|
@ -33,8 +34,14 @@
|
|||
databases: 'replication'
|
||||
method: 'peer'
|
||||
state: present
|
||||
owner: root
|
||||
group: postgres
|
||||
mode: "0640"
|
||||
notify: Reload postgresql
|
||||
|
||||
- name: configure-access | Flush handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: configure-access | Configure accesses on EL
|
||||
when: ansible_distribution_file_variety == "RedHat"
|
||||
block:
|
||||
|
@ -51,8 +58,6 @@
|
|||
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db', 'firewall', 'iptables_rules']
|
||||
|
||||
- name: configure-access | Give access to the remote postgresql client
|
||||
become: true
|
||||
become_user: postgres
|
||||
community.postgresql.postgresql_pg_hba:
|
||||
dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
|
||||
contype: '{% if psql_force_ssl_client_connection %}hostssl{% else %}host{% endif %}'
|
||||
|
@ -62,6 +67,9 @@
|
|||
# method: 'scram-sha-256'
|
||||
method: 'md5'
|
||||
state: "{{ item.0.state | default('present') }}"
|
||||
owner: root
|
||||
group: postgres
|
||||
mode: "0640"
|
||||
with_subelements:
|
||||
- '{{ psql_db_data | default([]) }}'
|
||||
- allowed_hosts
|
||||
|
@ -73,8 +81,6 @@
|
|||
|
||||
# No conditionals, it is required to perform base backups when the WAL archive is active
|
||||
- name: configure-access | Remove the ident authentication for the local connections
|
||||
become: true
|
||||
become_user: postgres
|
||||
community.postgresql.postgresql_pg_hba:
|
||||
dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
|
||||
contype: 'local'
|
||||
|
@ -82,11 +88,12 @@
|
|||
databases: 'all'
|
||||
method: 'ident'
|
||||
state: absent
|
||||
owner: root
|
||||
group: postgres
|
||||
mode: "0640"
|
||||
notify: Reload postgresql
|
||||
|
||||
- name: configure-access | Give local access with replication privileges to the postgres user
|
||||
become: true
|
||||
become_user: postgres
|
||||
community.postgresql.postgresql_pg_hba:
|
||||
dest: '{{ psql_conf_dir }}/pg_hba.conf'
|
||||
contype: 'local'
|
||||
|
@ -94,4 +101,10 @@
|
|||
databases: 'replication'
|
||||
method: 'peer'
|
||||
state: present
|
||||
owner: root
|
||||
group: postgres
|
||||
mode: "0640"
|
||||
notify: Reload postgresql
|
||||
|
||||
- name: configure-access | Flush handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
|
Loading…
Reference in New Issue