44 lines
974 B
YAML
44 lines
974 B
YAML
- name: Create terraform database
|
|
postgresql_db:
|
|
name: terraform_state
|
|
owner: terraform
|
|
become: true
|
|
become_user: postgres
|
|
|
|
- name: Create database user
|
|
postgresql_user:
|
|
name: terraform
|
|
become: true
|
|
become_user: postgres
|
|
|
|
- name: Grant database user access to database
|
|
postgresql_privs:
|
|
type: database
|
|
database: terraform_state
|
|
roles: terraform
|
|
grant_option: no
|
|
privs: all
|
|
become: true
|
|
become_user: postgres
|
|
notify: restart postgres
|
|
|
|
- name: Allow remote access to database for user
|
|
postgresql_pg_hba:
|
|
dest: /etc/postgresql/15/main/pg_hba.conf
|
|
contype: host
|
|
databases: all
|
|
method: trust
|
|
users: terraform
|
|
address: "10.42.0.0/24"
|
|
create: true
|
|
become: true
|
|
become_user: postgres
|
|
notify: restart postgres
|
|
|
|
- name: Open postgres port
|
|
ini_file:
|
|
path: /etc/postgresql/15/main/postgresql.conf
|
|
section: null
|
|
option: listen_addresses
|
|
value: "'*'"
|
|
notify: restart postgres
|