--- - name: Setup Atlas hosts: atlas handlers: - name: restart postgres systemd: name: postgresql state: restarted - name: enable interfaces command: cmd: ifup -a tasks: - name: Update apt: autoremove: true upgrade: yes state: latest update_cache: yes cache_valid_time: 86400 - name: Install packages apt: pkg: - qemu-kvm - libvirt-daemon-system - postgresql - python3-psycopg2 - sudo - bridge-utils - name: Start libvirtd systemd: name: libvirtd enabled: true state: started - name: Add root to libvirt group user: name: root groups: libvirt append: yes - name: Disable apparmor systemd: name: apparmor enabled: false state: stopped - name: Create terraform database postgresql_db: name: terraform_state owner: terraform become: true become_user: postgres - name: Create database user postgresql_user: name: terraform become: true become_user: postgres - name: Grant database user access to database postgresql_privs: type: database database: terraform_state roles: terraform grant_option: no privs: all become: true become_user: postgres notify: restart postgres # - name: Test # postgresql_privs: # database: terraform_state # type: table # schema: public # roles: terraform # grant_option: no # privs: all # objs: all # become: true # become_user: postgres # notify: restart postgres - name: Allow remote access to database for user postgresql_pg_hba: dest: /etc/postgresql/15/main/pg_hba.conf contype: host databases: all method: trust users: terraform address: 192.168.0.0/16 create: true become: true become_user: postgres notify: restart postgres - name: Open postgres port ini_file: path: /etc/postgresql/15/main/postgresql.conf section: null option: listen_addresses value: "'*'" notify: restart postgres - name: Copy interfaces configuration copy: src: dmz.conf dest: /etc/network/interfaces.d/dmz.conf notify: enable interfaces