aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity

postgresql: variables in dict

Browse source
This commit is contained in:
Alexandre Iooss 2021-11-28 10:45:21 +01:00
parent f0b8075ca6
commit 4bd431f9c3
5 changed files with 121 additions and 123 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
host_vars/re2o-bdd.adm.auro.re.yml
View file

@ -1,2 +0,0 @@
---
postgresql_databases: true

232
playbooks/postgresql.yml
View file

@ -5,69 +5,69 @@
vars:
postgresql:
version: 13
postgresql_hosts:
- database: nextcloud
user: nextcloud
net: 10.128.0.58/32
method: md5
- database: gitea
user: gitea
net: 10.128.0.60/32
method: md5
- database: wikijs
user: wikijs
net: 10.128.0.66/32
method: md5
- database: drone
user: drone
net: 10.128.0.64/32
method: md5
- database: netbox
user: netbox
net: 10.128.0.97/32
method: md5
- database: grafana
user: grafana
net: 10.128.0.98/32
method: md5
postgresql_databases:
- nextcloud
- gitea
- wikijs
- drone
- netbox
- grafana
postgresql_users:
- name: nextcloud
database: nextcloud
password: "{{ vault_postgresql_nextcloud_passwd }}"
privs:
- ALL
- name: gitea
database: gitea
password: "{{ vault_postgresql_gitea_passwd }}"
privs:
- ALL
- name: wikijs
database: wikijs
password: "{{ vault_postgresql_wikijs_passwd }}"
privs:
- ALL
- name: drone
database: drone
password: "{{ vault_postgresql_drone_passwd }}"
privs:
- ALL
- name: netbox
database: netbox
password: "{{ vault_postgresql_netbox_passwd }}"
privs:
- ALL
- name: grafana
database: grafana
password: "{{ vault_postgresql_grafana_passwd }}"
privs:
- ALL
hosts:
- database: nextcloud
user: nextcloud
net: 10.128.0.58/32
method: md5
- database: gitea
user: gitea
net: 10.128.0.60/32
method: md5
- database: wikijs
user: wikijs
net: 10.128.0.66/32
method: md5
- database: drone
user: drone
net: 10.128.0.64/32
method: md5
- database: netbox
user: netbox
net: 10.128.0.97/32
method: md5
- database: grafana
user: grafana
net: 10.128.0.98/32
method: md5
databases:
- nextcloud
- gitea
- wikijs
- drone
- netbox
- grafana
users:
- name: nextcloud
database: nextcloud
password: "{{ vault_postgresql_nextcloud_passwd }}"
privs:
- ALL
- name: gitea
database: gitea
password: "{{ vault_postgresql_gitea_passwd }}"
privs:
- ALL
- name: wikijs
database: wikijs
password: "{{ vault_postgresql_wikijs_passwd }}"
privs:
- ALL
- name: drone
database: drone
password: "{{ vault_postgresql_drone_passwd }}"
privs:
- ALL
- name: netbox
database: netbox
password: "{{ vault_postgresql_netbox_passwd }}"
privs:
- ALL
- name: grafana
database: grafana
password: "{{ vault_postgresql_grafana_passwd }}"
privs:
- ALL
update_motd:
postgresql: PostgreSQL est déployé.
roles:
@ -79,59 +79,59 @@
vars:
postgresql:
version: 13
postgresql_hosts:
- database: etherpad
user: etherpad
net: 10.128.0.150/32
method: md5
- database: codimd
user: codimd
net: 10.128.0.150/32
method: md5
- database: synapse
user: synapse
net: 10.128.0.56/32
method: md5
- database: kanboard
user: kanboard
net: 10.128.0.150/32
method: md5
- database: cas
user: cas
net: 10.128.0.150/32
method: md5
postgresql_databases:
- synapse
- codimd
- etherpad
- kanboard
- cas
postgresql_users:
- name: synapse
database: synapse
password: "{{ vault_postgresql_synapse_passwd }}"
privs:
- ALL
- name: codimd
database: codimd
password: "{{ vault_postgresql_codimd_passwd }}"
privs:
- ALL
- name: etherpad
database: etherpad
password: "{{ vault_postgresql_etherpad_passwd }}"
privs:
- ALL
- name: kanboard
database: kanboard
password: "{{ vault_postgresql_kanboard_passwd }}"
privs:
- ALL
- name: cas
database: cas
password: "{{ vault_postgresql_cas_passwd }}"
privs:
- ALL
hosts:
- database: etherpad
user: etherpad
net: 10.128.0.150/32
method: md5
- database: codimd
user: codimd
net: 10.128.0.150/32
method: md5
- database: synapse
user: synapse
net: 10.128.0.56/32
method: md5
- database: kanboard
user: kanboard
net: 10.128.0.150/32
method: md5
- database: cas
user: cas
net: 10.128.0.150/32
method: md5
databases:
- synapse
- codimd
- etherpad
- kanboard
- cas
users:
- name: synapse
database: synapse
password: "{{ vault_postgresql_synapse_passwd }}"
privs:
- ALL
- name: codimd
database: codimd
password: "{{ vault_postgresql_codimd_passwd }}"
privs:
- ALL
- name: etherpad
database: etherpad
password: "{{ vault_postgresql_etherpad_passwd }}"
privs:
- ALL
- name: kanboard
database: kanboard
password: "{{ vault_postgresql_kanboard_passwd }}"
privs:
- ALL
- name: cas
database: cas
password: "{{ vault_postgresql_cas_passwd }}"
privs:
- ALL
update_motd:
postgresql: PostgreSQL est déployé.
roles:

2
roles/borgbackup_client/templates/config.yaml.j2
View file

@ -42,7 +42,7 @@ consistency:
- repository
- archives
{% if postgresql_databases is defined %}
{% if borg_postgresql_databases is defined %}
hooks:
postgresql_databases:
- name: all

6
roles/postgresql/tasks/main.yml
View file

@ -55,7 +55,7 @@
lc_collate: en_US.UTF-8
lc_ctype: en_US.UTF-8
template: template0
loop: "{{ postgresql_databases }}"
loop: "{{ postgresql.databases }}"
- name: Create users
become: true
@ -65,7 +65,7 @@
name: "{{ item.name }}"
password: "{{ item.password }}"
no_log: true
loop: "{{ postgresql_users }}"
loop: "{{ postgresql.users }}"
- name: Grant privileges to users
become: true
@ -77,5 +77,5 @@
privs: "{{ item.privs | join(',') }}"
obj: "{{ item.database }}"
no_log: true
loop: "{{ postgresql_users }}"
loop: "{{ postgresql.users }}"
...

2
roles/postgresql/templates/postgresql/pg_hba.conf.j2
View file

@ -2,6 +2,6 @@
# TYPE DATABASE USER ADDRESS METHOD
local all postgres peer map=map_local
{% for host in postgresql_hosts %}
{% for host in postgresql.hosts %}
host "{{ host.database }}" "{{ host.user }}" {{ host.net }} {{ host.method }}
{% endfor %}