2020-06-03 19:53:13 +02:00
|
|
|
---
|
|
|
|
- block:
|
|
|
|
- name: Setup SSL in the postgresql configuration
|
|
|
|
become: True
|
|
|
|
become_user: postgres
|
2020-07-30 14:14:39 +02:00
|
|
|
action: configfile path={{ psql_conf_dir }}/postgresql.conf key={{ item.name }} value="'{{ item.value }}'"
|
2020-06-03 19:53:13 +02:00
|
|
|
with_items: '{{ psql_conf_ssl_parameters }}'
|
|
|
|
notify: Restart postgresql
|
2020-07-30 14:14:39 +02:00
|
|
|
when: ansible_distribution_file_variety == "Debian"
|
|
|
|
|
|
|
|
- name: Setup SSL in the postgresql configuration
|
|
|
|
become: True
|
|
|
|
become_user: postgres
|
|
|
|
action: configfile path={{ psql_el_conf_dir }}/postgresql.conf key={{ item.name }} value="'{{ item.value }}'"
|
|
|
|
with_items: '{{ psql_conf_ssl_parameters }}'
|
|
|
|
notify: Restart postgresql
|
|
|
|
when: ansible_distribution_file_variety == "RedHat"
|
2020-06-03 19:53:13 +02:00
|
|
|
|
|
|
|
- name: Create the pki directory to store the postgresql key
|
|
|
|
file: dest=/etc/pki/postgresql state=directory owner=postgres group=postgres mode=0750
|
|
|
|
|
|
|
|
- name: Create a postgres accessible ssl key file if it does not exist
|
|
|
|
copy: src={{ psql_ssl_privkey_global_file }} dest={{ psql_ssl_privkey_file }} owner=postgres group=postgres mode=0400 remote_src=True
|
|
|
|
|
|
|
|
when: psql_enable_ssl
|
|
|
|
tags: [ 'postgresql', 'postgres', 'pg_ssl_conf', 'pg_conf' ]
|
|
|
|
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: Disable SSL in the postgresql configuration
|
|
|
|
become: True
|
|
|
|
become_user: postgres
|
2020-07-30 14:14:39 +02:00
|
|
|
action: configfile path={{ psql_conf_dir }}/postgresql.conf key={{ item.name }} value="'{{ item.value }}'"
|
|
|
|
with_items: '{{ psql_conf_disable_ssl_parameters }}'
|
|
|
|
notify: Restart postgresql
|
|
|
|
when: ansible_distribution_file_variety == "Debian"
|
|
|
|
|
|
|
|
- name: Disable SSL in the postgresql configuration
|
|
|
|
become: True
|
|
|
|
become_user: postgres
|
|
|
|
action: configfile path={{ psql_el_conf_dir }}/postgresql.conf key={{ item.name }} value="'{{ item.value }}'"
|
2020-06-03 19:53:13 +02:00
|
|
|
with_items: '{{ psql_conf_disable_ssl_parameters }}'
|
|
|
|
notify: Restart postgresql
|
2020-07-30 14:14:39 +02:00
|
|
|
when: ansible_distribution_file_variety == "RedHat"
|
2020-06-03 19:53:13 +02:00
|
|
|
|
|
|
|
when: not psql_enable_ssl
|
|
|
|
tags: [ 'postgresql', 'postgres', 'pg_ssl_conf', 'pg_conf' ]
|