Manage the postgresql firewalld rule directly in the postgresql role.
This commit is contained in:
parent
659e50755e
commit
27a82ad239
|
@ -229,3 +229,4 @@ pg_backup_use_auth: "no"
|
||||||
pg_backup_pass_file: /root/.pgpass
|
pg_backup_pass_file: /root/.pgpass
|
||||||
pg_backup_use_nagios: "yes"
|
pg_backup_use_nagios: "yes"
|
||||||
|
|
||||||
|
postgresql_firewalld_zone: '{{ firewalld_default_zone }}'
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
---
|
---
|
||||||
|
- name: Open the postgresql service to a specific zone.
|
||||||
|
firewalld: service=postgresql zone={{ postgresql_firewalld_zone }} permanent=True state=enabled immediate=True
|
||||||
|
when:
|
||||||
|
- psql_listen_on_ext_int | bool
|
||||||
|
- firewalld_enabled | bool
|
||||||
|
|
||||||
- name: Give access to the remote postgresql client
|
- name: Give access to the remote postgresql client
|
||||||
lineinfile: name={{ psql_conf_dir }}/pg_hba.conf regexp="^host.* {{ item.0.name }} {{ item.0.user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ item.0.user }} {{ item.1 }} md5"
|
lineinfile: name={{ psql_conf_dir }}/pg_hba.conf regexp="^host.* {{ item.0.name }} {{ item.0.user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ item.0.user }} {{ item.1 }} md5"
|
||||||
with_subelements:
|
with_subelements:
|
||||||
|
|
Loading…
Reference in New Issue