71 lines
2.3 KiB
YAML
71 lines
2.3 KiB
YAML
---
|
|
- name: manage_pg_db | Add a user for the postgresql DBs
|
|
become: true
|
|
become_user: postgres
|
|
community.postgresql.postgresql_user:
|
|
user: "{{ item.user }}"
|
|
password: "{{ item.pwd }}"
|
|
role_attr_flags: "{{ item.roles }}"
|
|
port: "{{ psql_db_port }}"
|
|
state: "{{ item.userstate | default('present') }}"
|
|
no_log: true
|
|
loop: '{{ psql_db_data | default([]) }}'
|
|
when: item.roles is defined
|
|
tags: ['postgresql', 'postgres', 'pg_db', 'pg_user']
|
|
|
|
- name: manage_pg_db | Add the databases with the correct owner. Or remove them, if not used anymore
|
|
become: true
|
|
become_user: postgres
|
|
community.postgresql.postgresql_db:
|
|
db: "{{ item.name }}"
|
|
port: "{{ psql_db_port }}"
|
|
encoding: "{{ item.encoding }}"
|
|
owner: "{{ item.user }}"
|
|
template: template0
|
|
state: "{{ item.state | default('present') }}"
|
|
loop: '{{ psql_db_data | default([]) }}'
|
|
when: item.managedb | default(True)
|
|
tags: ['postgresql', 'postgres', 'pg_db']
|
|
|
|
- name: manage_pg_db | Manage users privileges
|
|
become: true
|
|
become_user: postgres
|
|
community.postgresql.postgresql_privs:
|
|
db: '{{ item.name }}'
|
|
privs: '{{ item.privs }}'
|
|
# type: database
|
|
objs: "{{ item.objs | default('ALL_IN_SCHEMA') }}"
|
|
roles: '{{ item.roles }}'
|
|
port: '{{ psql_db_port }}'
|
|
state: "{{ item.userstate | default('present') }}"
|
|
grant_option: "{{ item.grant_option | default('yes') }}"
|
|
with_items: '{{ psql_db_privs | default([]) }}'
|
|
tags: ['postgresql', 'postgres', 'pg_db', 'pg_user', 'postgresql_privs']
|
|
|
|
- name: manage_pg_db | Add postgres extensions to the databases, if any
|
|
become: true
|
|
become_user: postgres
|
|
community.postgresql.postgresql_ext:
|
|
name: "{{ item.1 | default(omit) }}"
|
|
db: "{{ item.0.name }}"
|
|
port: "{{ psql_db_port }}"
|
|
with_subelements:
|
|
- '{{ psql_db_extensions | default([]) }}'
|
|
- extensions
|
|
when: psql_db_extensions is defined
|
|
tags: ['postgresql', 'postgres', 'pg_extensions', 'pg_db']
|
|
|
|
- name: manage_pg_db | Define a user with password, with no associated DBs
|
|
become: true
|
|
become_user: postgres
|
|
community.postgresql.postgresql_user:
|
|
user: "{{ item.user }}"
|
|
password: "{{ item.pwd }}"
|
|
port: "{{ psql_db_port }}"
|
|
no_log: true
|
|
loop: '{{ psql_db_data | default([]) }}'
|
|
when:
|
|
- item.pwd is defined
|
|
- item.roles is not defined
|
|
tags: ['postgresql', 'postgres', 'pg_db']
|