From f15b222cdc33aef2f0d052479762777dd060d731 Mon Sep 17 00:00:00 2001
From: Jeltz <tom.barthe+aurore@ens-paris-saclay.fr>
Date: Sun, 14 Mar 2021 23:45:36 +0100
Subject: [PATCH] Allow root to log as postgres

---
 roles/postgresql_server/handlers/main.yml                | 6 +++---
 roles/postgresql_server/tasks/main.yml                   | 9 ++++++++-
 .../templates/postgresql/pg_hba.conf.j2                  | 3 +--
 .../templates/postgresql/pg_ident.conf.j2                | 4 ++++
 4 files changed, 16 insertions(+), 6 deletions(-)
 create mode 100644 roles/postgresql_server/templates/postgresql/pg_ident.conf.j2

diff --git a/roles/postgresql_server/handlers/main.yml b/roles/postgresql_server/handlers/main.yml
index 731acb9..c4416ec 100644
--- a/roles/postgresql_server/handlers/main.yml
+++ b/roles/postgresql_server/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
-- name: restart postgresql
+- name: Reload postgresql
   service:
     name: postgresql
-    state: restarted
-    enabled: true
+    state: reloaded
+...
diff --git a/roles/postgresql_server/tasks/main.yml b/roles/postgresql_server/tasks/main.yml
index ed45e1a..3472be3 100644
--- a/roles/postgresql_server/tasks/main.yml
+++ b/roles/postgresql_server/tasks/main.yml
@@ -35,9 +35,16 @@
     group: postgres
   loop:
     - pg_hba.conf
+    - pg_ident.conf
     - postgresql.conf
   notify:
-    - restart postgresql
+    - Reload postgresql
+
+- name: Enable and start PostgreSQL
+  systemd:
+    name: postgresql.service
+    state: started
+    enabled: true
 
 - name: Create databases
   become: true
diff --git a/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2 b/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2
index 3a56905..a43b1c1 100644
--- a/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2
+++ b/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2
@@ -9,8 +9,7 @@
 # maintenance (custom daily cronjobs, replication, and similar tasks).
 #
 # Database administrative login by Unix domain socket
-local   all             postgres                                peer
-
+local   all             postgres                                peer map=map_root
 
 # "local" is for Unix domain socket connections only
 local   all             all                                     peer
diff --git a/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2 b/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2
new file mode 100644
index 0000000..dd8efa8
--- /dev/null
+++ b/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2
@@ -0,0 +1,4 @@
+{{ ansible_managed | comment }}
+
+# MAPNAME       SYSTEM-USERNAME         PG-USERNAME
+map_root        root                    postgress