65 lines
1.7 KiB
YAML
65 lines
1.7 KiB
YAML
- name: ensure postgresql-server is installed
|
|
package:
|
|
name=postgresql-server
|
|
state=present
|
|
tags:
|
|
- install
|
|
- name: ensure postgresql data directory exists
|
|
command:
|
|
postgresql-setup initdb
|
|
creates={{ pgdata_dir }}/PG_VERSION
|
|
|
|
- name: ensure postgresql server certificate is installed
|
|
copy:
|
|
src: '{{ item }}'
|
|
dest: '{{ pgdata_dir }}/{{ item|basename }}'
|
|
owner: postgres
|
|
group: postgres
|
|
mode: 00600
|
|
with_fileglob: 'certs/postgresql/{{ inventory_hostname }}/*'
|
|
|
|
- name: ensure postgresql server is configured
|
|
template:
|
|
src: '{{ item }}'
|
|
dest: '{{ pgdata_dir }}/postgresql.conf'
|
|
mode: '0600'
|
|
notify: restart postgresql server
|
|
with_first_found:
|
|
- ../templates/postgresql-{{ ansible_distribution }}-{{ ansible_distribution_version }}.conf.j2
|
|
- ../templates/postgresql-{{ ansible_distribution }}.conf.j2
|
|
- ../templates/postgresql.conf.j2
|
|
- name: ensure postgresql identity mapping is configured
|
|
template:
|
|
src=pg_ident.conf.j2
|
|
dest={{ pgdata_dir }}/pg_ident.conf
|
|
owner=postgres
|
|
group=postgres
|
|
mode=0600
|
|
setype=postgresql_db_t
|
|
- name: ensure postgresql host-based authentication is configured
|
|
template:
|
|
src=pg_hba.conf.j2
|
|
dest={{ pgdata_dir }}/pg_hba.conf
|
|
owner=postgres
|
|
group=postgres
|
|
mode=0600
|
|
setype=postgresql_db_t
|
|
notify: reload postgresql server
|
|
|
|
- name: ensure postgresql-check-db-dir is labelled correctly
|
|
file:
|
|
path=/usr/bin/postgresql-check-db-dir
|
|
setype=postgresql_exec_t
|
|
state=file
|
|
when: ansible_distribution in ('CentOS', 'RHEL')
|
|
|
|
- name: ensure postgresql starts at boot
|
|
service:
|
|
name=postgresql
|
|
enabled=yes
|
|
- meta: flush_handlers
|
|
- name: ensure postgresql server is running
|
|
service:
|
|
name=postgresql
|
|
state=started
|