From a249b9206921e3a71f89f9f601257a97fc4325c7 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sat, 17 Jun 2023 14:26:35 +0200 Subject: [PATCH] move database role to external repo --- ansible/playbooks/thecloud.yml | 3 +- ansible/requirements.yml | 3 ++ ansible/roles/database/handlers/main.yml | 4 --- ansible/roles/database/tasks/main.yml | 36 ------------------------ 4 files changed, 5 insertions(+), 41 deletions(-) delete mode 100644 ansible/roles/database/handlers/main.yml delete mode 100644 ansible/roles/database/tasks/main.yml diff --git a/ansible/playbooks/thecloud.yml b/ansible/playbooks/thecloud.yml index ca639d1..7957bf8 100644 --- a/ansible/playbooks/thecloud.yml +++ b/ansible/playbooks/thecloud.yml @@ -18,7 +18,8 @@ - name: Create databases with_items: "{{ database_passwords | dict2items }}" include_role: - name: database + name: postgresql_database vars: database_name: "{{ item.key }}" + database_user: "{{ item.key }}" database_password: "{{ item.value }}" diff --git a/ansible/requirements.yml b/ansible/requirements.yml index b54ff45..12f1b6b 100644 --- a/ansible/requirements.yml +++ b/ansible/requirements.yml @@ -7,3 +7,6 @@ - name: cloudinit_wait src: https://git.pim.kunis.nl/pim/ansible-role-cloudinit-wait scm: git +- name: postgresql_database + src: https://git.pim.kunis.nl/home/ansible-role-postgresql-database + scm: git diff --git a/ansible/roles/database/handlers/main.yml b/ansible/roles/database/handlers/main.yml deleted file mode 100644 index a09812e..0000000 --- a/ansible/roles/database/handlers/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -- name: restart postgres - systemd: - name: postgresql - state: restarted diff --git a/ansible/roles/database/tasks/main.yml b/ansible/roles/database/tasks/main.yml deleted file mode 100644 index 0daddd5..0000000 --- a/ansible/roles/database/tasks/main.yml +++ /dev/null @@ -1,36 +0,0 @@ -- name: Create database user - postgresql_user: - name: "{{ database_name }}" - password: "{{ database_password }}" - become: true - become_user: postgres - -- name: Create database - postgresql_db: - name: "{{ database_name }}" - owner: "{{ database_name }}" - become: true - become_user: postgres - -- name: Grant access to database - postgresql_privs: - type: database - database: "{{ database_name }}" - role: "{{ database_name }}" - grant_option: no - privs: all - become: true - become_user: postgres - notify: restart postgres - -- name: Allow remote access to database - postgresql_pg_hba: - dest: /etc/postgresql/15/main/pg_hba.conf - contype: host - databases: "{{ database_name }}" - users: "{{ database_name }}" - address: all - create: true - become: true - become_user: postgres - notify: restart postgres