45 lines
1.1 KiB
YAML
45 lines
1.1 KiB
YAML
---
|
|
|
|
- name: Check params
|
|
ansible.builtin.assert:
|
|
that:
|
|
- user is defined
|
|
- database is defined
|
|
- not(access_host is defined and password is not defined)
|
|
|
|
- name: Set up PostgreSQL
|
|
ansible.builtin.include_role:
|
|
name: postgresql-server
|
|
|
|
- name: Create user
|
|
community.postgresql.postgresql_user:
|
|
name: "{{ user }}"
|
|
password: "{{ password | default(omit) }}"
|
|
become: true
|
|
become_user: postgres
|
|
|
|
- name: Create database
|
|
community.postgresql.postgresql_db:
|
|
name: "{{ database }}"
|
|
owner: "{{ user }}"
|
|
become: true
|
|
become_user: postgres
|
|
|
|
- name: Get pg_hba.conf location
|
|
community.postgresql.postgresql_query:
|
|
query: SHOW hba_file
|
|
become: true
|
|
become_user: postgres
|
|
register: postgres_hba_file_query
|
|
|
|
- name: Update pg_hba scram authentication
|
|
community.postgresql.postgresql_pg_hba:
|
|
contype: host
|
|
users: "{{ user }}"
|
|
source: "{{ access_host }}"
|
|
databases: "{{ database }}"
|
|
method: "scram-sha-256"
|
|
dest: "{{ postgres_hba_file_query.query_result[0].hba_file }}"
|
|
when: access_host is defined
|
|
notify: Restart PostgreSQL
|