postgres cleanup #74

Merged
erdnaxe merged 4 commits from postgres into master 2021-11-28 11:02:46 +01:00
5 changed files with 121 additions and 123 deletions
Showing only changes of commit 4bd431f9c3 - Show all commits

View file

@ -1,2 +0,0 @@
---
postgresql_databases: true

View file

@ -5,69 +5,69 @@
vars: vars:
postgresql: postgresql:
version: 13 version: 13
postgresql_hosts: hosts:
- database: nextcloud - database: nextcloud
user: nextcloud user: nextcloud
net: 10.128.0.58/32 net: 10.128.0.58/32
method: md5 method: md5
- database: gitea - database: gitea
user: gitea user: gitea
net: 10.128.0.60/32 net: 10.128.0.60/32
method: md5 method: md5
- database: wikijs - database: wikijs
user: wikijs user: wikijs
net: 10.128.0.66/32 net: 10.128.0.66/32
method: md5 method: md5
- database: drone - database: drone
user: drone user: drone
net: 10.128.0.64/32 net: 10.128.0.64/32
method: md5 method: md5
- database: netbox - database: netbox
user: netbox user: netbox
net: 10.128.0.97/32 net: 10.128.0.97/32
method: md5 method: md5
- database: grafana - database: grafana
user: grafana user: grafana
net: 10.128.0.98/32 net: 10.128.0.98/32
method: md5 method: md5
postgresql_databases: databases:
- nextcloud - nextcloud
- gitea - gitea
- wikijs - wikijs
- drone - drone
- netbox - netbox
- grafana - grafana
postgresql_users: users:
- name: nextcloud - name: nextcloud
database: nextcloud database: nextcloud
password: "{{ vault_postgresql_nextcloud_passwd }}" password: "{{ vault_postgresql_nextcloud_passwd }}"
privs: privs:
- ALL - ALL
- name: gitea - name: gitea
database: gitea database: gitea
password: "{{ vault_postgresql_gitea_passwd }}" password: "{{ vault_postgresql_gitea_passwd }}"
privs: privs:
- ALL - ALL
- name: wikijs - name: wikijs
database: wikijs database: wikijs
password: "{{ vault_postgresql_wikijs_passwd }}" password: "{{ vault_postgresql_wikijs_passwd }}"
privs: privs:
- ALL - ALL
- name: drone - name: drone
database: drone database: drone
password: "{{ vault_postgresql_drone_passwd }}" password: "{{ vault_postgresql_drone_passwd }}"
privs: privs:
- ALL - ALL
- name: netbox - name: netbox
database: netbox database: netbox
password: "{{ vault_postgresql_netbox_passwd }}" password: "{{ vault_postgresql_netbox_passwd }}"
privs: privs:
- ALL - ALL
- name: grafana - name: grafana
database: grafana database: grafana
password: "{{ vault_postgresql_grafana_passwd }}" password: "{{ vault_postgresql_grafana_passwd }}"
privs: privs:
- ALL - ALL
update_motd: update_motd:
postgresql: PostgreSQL est déployé. postgresql: PostgreSQL est déployé.
roles: roles:
@ -79,59 +79,59 @@
vars: vars:
postgresql: postgresql:
version: 13 version: 13
postgresql_hosts: hosts:
- database: etherpad - database: etherpad
user: etherpad user: etherpad
net: 10.128.0.150/32 net: 10.128.0.150/32
method: md5 method: md5
- database: codimd - database: codimd
user: codimd user: codimd
net: 10.128.0.150/32 net: 10.128.0.150/32
method: md5 method: md5
- database: synapse - database: synapse
user: synapse user: synapse
net: 10.128.0.56/32 net: 10.128.0.56/32
method: md5 method: md5
- database: kanboard - database: kanboard
user: kanboard user: kanboard
net: 10.128.0.150/32 net: 10.128.0.150/32
method: md5 method: md5
- database: cas - database: cas
user: cas user: cas
net: 10.128.0.150/32 net: 10.128.0.150/32
method: md5 method: md5
postgresql_databases: databases:
- synapse - synapse
- codimd - codimd
- etherpad - etherpad
- kanboard - kanboard
- cas - cas
postgresql_users: users:
- name: synapse - name: synapse
database: synapse database: synapse
password: "{{ vault_postgresql_synapse_passwd }}" password: "{{ vault_postgresql_synapse_passwd }}"
privs: privs:
- ALL - ALL
- name: codimd - name: codimd
database: codimd database: codimd
password: "{{ vault_postgresql_codimd_passwd }}" password: "{{ vault_postgresql_codimd_passwd }}"
privs: privs:
- ALL - ALL
- name: etherpad - name: etherpad
database: etherpad database: etherpad
password: "{{ vault_postgresql_etherpad_passwd }}" password: "{{ vault_postgresql_etherpad_passwd }}"
privs: privs:
- ALL - ALL
- name: kanboard - name: kanboard
database: kanboard database: kanboard
password: "{{ vault_postgresql_kanboard_passwd }}" password: "{{ vault_postgresql_kanboard_passwd }}"
privs: privs:
- ALL - ALL
- name: cas - name: cas
database: cas database: cas
password: "{{ vault_postgresql_cas_passwd }}" password: "{{ vault_postgresql_cas_passwd }}"
privs: privs:
- ALL - ALL
update_motd: update_motd:
postgresql: PostgreSQL est déployé. postgresql: PostgreSQL est déployé.
roles: roles:

View file

@ -42,7 +42,7 @@ consistency:
- repository - repository
- archives - archives
{% if postgresql_databases is defined %} {% if borg_postgresql_databases is defined %}
hooks: hooks:
postgresql_databases: postgresql_databases:
- name: all - name: all

View file

@ -55,7 +55,7 @@
lc_collate: en_US.UTF-8 lc_collate: en_US.UTF-8
lc_ctype: en_US.UTF-8 lc_ctype: en_US.UTF-8
template: template0 template: template0
loop: "{{ postgresql_databases }}" loop: "{{ postgresql.databases }}"
- name: Create users - name: Create users
become: true become: true
@ -65,7 +65,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
password: "{{ item.password }}" password: "{{ item.password }}"
no_log: true no_log: true
loop: "{{ postgresql_users }}" loop: "{{ postgresql.users }}"
- name: Grant privileges to users - name: Grant privileges to users
become: true become: true
@ -77,5 +77,5 @@
privs: "{{ item.privs | join(',') }}" privs: "{{ item.privs | join(',') }}"
obj: "{{ item.database }}" obj: "{{ item.database }}"
no_log: true no_log: true
loop: "{{ postgresql_users }}" loop: "{{ postgresql.users }}"
... ...

View file

@ -2,6 +2,6 @@
# TYPE DATABASE USER ADDRESS METHOD # TYPE DATABASE USER ADDRESS METHOD
local all postgres peer map=map_local local all postgres peer map=map_local
{% for host in postgresql_hosts %} {% for host in postgresql.hosts %}
host "{{ host.database }}" "{{ host.user }}" {{ host.net }} {{ host.method }} host "{{ host.database }}" "{{ host.user }}" {{ host.net }} {{ host.method }}
{% endfor %} {% endfor %}