-
Notifications
You must be signed in to change notification settings - Fork 19
/
main.yml
71 lines (62 loc) · 2.05 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
---
# Role to set up a PostgreSQL server for FOLIO
- name: Install prereqs from apt
become: yes
apt:
name:
- apt-transport-https
- ca-certificates
- python3-virtualenv
- python3-psycopg2
- python3-pip
- python3-apt
- ssl-cert
- name: Install apt key for PostgreSQL
become: yes
apt_key: url=https://www.postgresql.org/media/keys/ACCC4CF8.asc
- name: Install apt repository for PostgreSQL
become: yes
apt_repository: repo="deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release}}-pgdg main"
- name: Install postgresql from apt
become: yes
apt:
name:
- "postgresql-{{ pg_major_version }}"
- name: Configure postgresql to listen on all interfaces
become: yes
lineinfile:
dest: "/etc/postgresql/{{ pg_major_version }}/main/postgresql.conf"
line: "listen_addresses = '*'"
insertafter: 'Connection Settings'
notify: Restart postgresql
- name: Set max number of postgresql connections
become: yes
lineinfile:
dest: "/etc/postgresql/{{ pg_major_version }}/main/postgresql.conf"
regexp: '^max_connections\s*=\s*\d+.*$'
line: "max_connections = {{ pg_max_conn }}"
backrefs: yes
notify: Restart postgresql
- name: Configure postgresql to allow connections from all addresses
become: yes
lineinfile:
dest: "/etc/postgresql/{{ pg_major_version }}/main/pg_hba.conf"
line: "host all all 0.0.0.0/0 md5"
notify: Restart postgresql
- name: Configure postgresql to allow local connections from non-system users
become: yes
lineinfile:
dest: "/etc/postgresql/{{ pg_major_version }}/main/pg_hba.conf"
regexp: '^local\s+all\s+all'
line: "local all all md5"
notify: Restart postgresql
# This is the pg_admin_user that will be used in create-database role
- name: Create a postgres admin user that can create roles and databases
become: yes
become_user: postgres
postgresql_user:
name: "{{ pg_admin_user }}"
password: "{{ pg_admin_password }}"
encrypted: yes
role_attr_flags: SUPERUSER
- meta: flush_handlers