postgresql: variables in dict

2021-11-28 10:45:21 +01:00 · 2021-11-28 10:45:21 +01:00 · 4bd431f9c3
commit 4bd431f9c3
parent f0b8075ca6
5 changed files with 121 additions and 123 deletions
--- a/host_vars/re2o-bdd.adm.auro.re.yml
+++ b/host_vars/re2o-bdd.adm.auro.re.yml
@ -1,2 +0,0 @@
 ---
 postgresql_databases: true
--- a/playbooks/postgresql.yml
+++ b/playbooks/postgresql.yml
@ -5,69 +5,69 @@
  vars:
    postgresql:
      version: 13
-    postgresql_hosts:
+      hosts:
-      - database: nextcloud
+        - database: nextcloud
-        user: nextcloud
+          user: nextcloud
-        net: 10.128.0.58/32
+          net: 10.128.0.58/32
-        method: md5
+          method: md5
-      - database: gitea
+        - database: gitea
-        user: gitea
+          user: gitea
-        net: 10.128.0.60/32
+          net: 10.128.0.60/32
-        method: md5
+          method: md5
-      - database: wikijs
+        - database: wikijs
-        user: wikijs
+          user: wikijs
-        net: 10.128.0.66/32
+          net: 10.128.0.66/32
-        method: md5
+          method: md5
-      - database: drone
+        - database: drone
-        user: drone
+          user: drone
-        net: 10.128.0.64/32
+          net: 10.128.0.64/32
-        method: md5
+          method: md5
-      - database: netbox
+        - database: netbox
-        user: netbox
+          user: netbox
-        net: 10.128.0.97/32
+          net: 10.128.0.97/32
-        method: md5
+          method: md5
-      - database: grafana
+        - database: grafana
-        user: grafana
+          user: grafana
-        net: 10.128.0.98/32
+          net: 10.128.0.98/32
-        method: md5
+          method: md5
-    postgresql_databases:
+      databases:
-      - nextcloud
+        - nextcloud
-      - gitea
+        - gitea
-      - wikijs
+        - wikijs
-      - drone
+        - drone
-      - netbox
+        - netbox
-      - grafana
+        - grafana
-    postgresql_users:
+      users:
-      - name: nextcloud
+        - name: nextcloud
-        database: nextcloud
+          database: nextcloud
-        password: "{{ vault_postgresql_nextcloud_passwd }}"
+          password: "{{ vault_postgresql_nextcloud_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: gitea
+        - name: gitea
-        database: gitea
+          database: gitea
-        password: "{{ vault_postgresql_gitea_passwd }}"
+          password: "{{ vault_postgresql_gitea_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: wikijs
+        - name: wikijs
-        database: wikijs
+          database: wikijs
-        password: "{{ vault_postgresql_wikijs_passwd }}"
+          password: "{{ vault_postgresql_wikijs_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: drone
+        - name: drone
-        database: drone
+          database: drone
-        password: "{{ vault_postgresql_drone_passwd }}"
+          password: "{{ vault_postgresql_drone_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: netbox
+        - name: netbox
-        database: netbox
+          database: netbox
-        password: "{{ vault_postgresql_netbox_passwd }}"
+          password: "{{ vault_postgresql_netbox_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: grafana
+        - name: grafana
-        database: grafana
+          database: grafana
-        password: "{{ vault_postgresql_grafana_passwd }}"
+          password: "{{ vault_postgresql_grafana_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
    update_motd:
      postgresql: PostgreSQL est déployé.
  roles:
@ -79,59 +79,59 @@
  vars:
    postgresql:
      version: 13
-    postgresql_hosts:
+      hosts:
-      - database: etherpad
+        - database: etherpad
-        user: etherpad
+          user: etherpad
-        net: 10.128.0.150/32
+          net: 10.128.0.150/32
-        method: md5
+          method: md5
-      - database: codimd
+        - database: codimd
-        user: codimd
+          user: codimd
-        net: 10.128.0.150/32
+          net: 10.128.0.150/32
-        method: md5
+          method: md5
-      - database: synapse
+        - database: synapse
-        user: synapse
+          user: synapse
-        net: 10.128.0.56/32
+          net: 10.128.0.56/32
-        method: md5
+          method: md5
-      - database: kanboard
+        - database: kanboard
-        user: kanboard
+          user: kanboard
-        net: 10.128.0.150/32
+          net: 10.128.0.150/32
-        method: md5
+          method: md5
-      - database: cas
+        - database: cas
-        user: cas
+          user: cas
-        net: 10.128.0.150/32
+          net: 10.128.0.150/32
-        method: md5
+          method: md5
-    postgresql_databases:
+      databases:
-      - synapse
+        - synapse
-      - codimd
+        - codimd
-      - etherpad
+        - etherpad
-      - kanboard
+        - kanboard
-      - cas
+        - cas
-    postgresql_users:
+      users:
-      - name: synapse
+        - name: synapse
-        database: synapse
+          database: synapse
-        password: "{{ vault_postgresql_synapse_passwd }}"
+          password: "{{ vault_postgresql_synapse_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: codimd
+        - name: codimd
-        database: codimd
+          database: codimd
-        password: "{{ vault_postgresql_codimd_passwd }}"
+          password: "{{ vault_postgresql_codimd_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: etherpad
+        - name: etherpad
-        database: etherpad
+          database: etherpad
-        password: "{{ vault_postgresql_etherpad_passwd }}"
+          password: "{{ vault_postgresql_etherpad_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: kanboard
+        - name: kanboard
-        database: kanboard
+          database: kanboard
-        password: "{{ vault_postgresql_kanboard_passwd }}"
+          password: "{{ vault_postgresql_kanboard_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
-      - name: cas
+        - name: cas
-        database: cas
+          database: cas
-        password: "{{ vault_postgresql_cas_passwd }}"
+          password: "{{ vault_postgresql_cas_passwd }}"
-        privs:
+          privs:
-          - ALL
+            - ALL
    update_motd:
      postgresql: PostgreSQL est déployé.
  roles:
--- a/roles/borgbackup_client/templates/config.yaml.j2
+++ b/roles/borgbackup_client/templates/config.yaml.j2
@ -42,7 +42,7 @@ consistency:
    - repository
    - archives
-{% if postgresql_databases is defined %}
+{% if borg_postgresql_databases is defined %}
 hooks:
  postgresql_databases:
    - name: all
--- a/roles/postgresql/tasks/main.yml
+++ b/roles/postgresql/tasks/main.yml
@ -55,7 +55,7 @@
    lc_collate: en_US.UTF-8
    lc_ctype: en_US.UTF-8
    template: template0
-  loop: "{{ postgresql_databases }}"
+  loop: "{{ postgresql.databases }}"
 - name: Create users
  become: true
@ -65,7 +65,7 @@
    name: "{{ item.name }}"
    password: "{{ item.password }}"
  no_log: true
-  loop: "{{ postgresql_users }}"
+  loop: "{{ postgresql.users }}"
 - name: Grant privileges to users
  become: true
@ -77,5 +77,5 @@
    privs: "{{ item.privs | join(',') }}"
    obj: "{{ item.database }}"
  no_log: true
-  loop: "{{ postgresql_users }}"
+  loop: "{{ postgresql.users }}"
 ...
--- a/roles/postgresql/templates/postgresql/pg_hba.conf.j2
+++ b/roles/postgresql/templates/postgresql/pg_hba.conf.j2
@ -2,6 +2,6 @@
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 local   all             postgres                                peer map=map_local
-{% for host in postgresql_hosts %}  
+{% for host in postgresql.hosts %}
 host "{{ host.database }}" "{{ host.user }}" {{ host.net }} {{ host.method }}
 {% endfor %}