improv
This commit is contained in:
parent
e10edc362c
commit
06460e503e
GPG key ID:
CBBBE7371E81C4EA
27
roles/apps/tasks/app.yml
Normal file
27
roles/apps/tasks/app.yml
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
# vim: ft=yaml.ansible
|
||||
# code: language=ansible
|
||||
---
|
||||
- name: Create app directory for {{ app }}
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/{{ app }}"
|
||||
owner: root
|
||||
mode: u=rwx,go=
|
||||
state: directory
|
||||
|
||||
- name: Upload Compose file for {{ app }}
|
||||
ansible.builtin.template:
|
||||
src: compose-files/{{ app }}.yml.j2
|
||||
dest: "{{ apps_data_root }}/{{ app }}/docker-compose.yml"
|
||||
owner: root
|
||||
mode: u=rw,go=
|
||||
|
||||
- name: Create data directory for {{ app }}
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/{{ app }}/data"
|
||||
owner: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
state: directory
|
||||
|
||||
- name: Run extra configuration tasks for {{ app }}
|
||||
ansible.builtin.include_tasks: extra_tasks/{{ app }}.yml
|
||||
when: apps_vars[app].extra_tasks
|
||||
|
|
@ -1,27 +0,0 @@
|
|||
# vim: ft=yaml.ansible
|
||||
# code: language=ansible
|
||||
---
|
||||
- name: Create app directory for {{ app_name }}
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/{{ app_name }}"
|
||||
owner: root
|
||||
mode: u=rwx,go=
|
||||
state: directory
|
||||
|
||||
- name: Upload Compose file for {{ app_name }}
|
||||
ansible.builtin.template:
|
||||
src: compose-files/{{ app_name }}.yml.j2
|
||||
dest: "{{ apps_data_root }}/{{ app_name }}/docker-compose.yml"
|
||||
owner: root
|
||||
mode: u=rw,go=
|
||||
|
||||
- name: Create data directory for {{ app_name }}
|
||||
ansible.builtin.file:
|
||||
path: "{{ apps_data_root }}/{{ app_name }}/data"
|
||||
owner: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
state: directory
|
||||
|
||||
- name: Run extra configuration tasks for {{ app_name }}
|
||||
ansible.builtin.include_tasks: extra_tasks/{{ app_name }}.yml
|
||||
when: app_vars.extra_tasks
|
||||
|
|
@ -24,11 +24,11 @@
|
|||
state: directory
|
||||
|
||||
- name: Configure apps
|
||||
ansible.builtin.include_tasks: configure_app.yml
|
||||
vars:
|
||||
app_name: "{{ item }}"
|
||||
app_vars: "{{ apps_vars[item] }}"
|
||||
ansible.builtin.include_tasks:
|
||||
file: app.yml
|
||||
loop: "{{ apps_include }}"
|
||||
loop_control:
|
||||
loop_var: app
|
||||
|
||||
- name: Copy deploy.sh
|
||||
ansible.builtin.template:
|
||||
|
|
|
|||
|
|
@ -4,3 +4,5 @@
|
|||
postgresql_pgdata: "{{ data_fs }}/pgsql/{{ postgresql_version }}/data"
|
||||
postgresql_wal_archive: "{{ data_fs }}/wal-archive"
|
||||
postgresql_service: postgresql-{{ postgresql_version }}
|
||||
|
||||
postgresql_db_list: "{{ databases | dict2items(key_name='name', value_name='vars') }}"
|
||||
|
|
|
|||
|
|
@ -1,24 +1,24 @@
|
|||
# vim: ft=yaml.ansible
|
||||
# code: language=ansible
|
||||
---
|
||||
- name: Create database user '{{ db_vars.username }}'
|
||||
- name: Create database user '{{ db.vars.username }}'
|
||||
community.postgresql.postgresql_user:
|
||||
name: "{{ db_vars.username }}"
|
||||
password: "{{ db_vars.password }}"
|
||||
name: "{{ db.vars.username }}"
|
||||
password: "{{ db.vars.password }}"
|
||||
state: present
|
||||
|
||||
- name: Create database '{{ db_name }}'
|
||||
- name: Create database '{{ db.name }}'
|
||||
community.postgresql.postgresql_db:
|
||||
name: "{{ db_name }}"
|
||||
owner: "{{ db_vars.username }}"
|
||||
name: "{{ db.name }}"
|
||||
owner: "{{ db.vars.username }}"
|
||||
template: template0
|
||||
encoding: UTF-8
|
||||
state: present
|
||||
|
||||
- name: Grant all priviliges to owner on database '{{ db_name }}'
|
||||
- name: Grant all priviliges to owner on database '{{ db.name }}'
|
||||
community.postgresql.postgresql_privs:
|
||||
database: "{{ db_name }}"
|
||||
roles: "{{ db_vars.username }}"
|
||||
database: "{{ db.name }}"
|
||||
roles: "{{ db.vars.username }}"
|
||||
type: database
|
||||
privs: ALL
|
||||
state: present
|
||||
|
|
|
|||
|
|
@ -37,21 +37,9 @@
|
|||
- name: Flush handlers
|
||||
ansible.builtin.meta: flush_handlers
|
||||
|
||||
- name: Create PGDATA directory
|
||||
- name: Create PostgreSQL directories
|
||||
ansible.builtin.file:
|
||||
path: "{{ postgresql_pgdata }}"
|
||||
owner: postgres
|
||||
group: postgres
|
||||
mode: u=rwx,go=
|
||||
seuser: system_u
|
||||
serole: object_r
|
||||
setype: postgresql_db_t
|
||||
selevel: s0
|
||||
state: directory
|
||||
|
||||
- name: Create WAL archive directory
|
||||
ansible.builtin.file:
|
||||
path: "{{ postgresql_wal_archive }}"
|
||||
path: "{{ item }}"
|
||||
owner: postgres
|
||||
group: postgres
|
||||
mode: u=rwx,go=
|
||||
|
|
@ -60,6 +48,9 @@
|
|||
setype: postgresql_db_t
|
||||
selevel: s0
|
||||
state: directory
|
||||
loop:
|
||||
- "{{ postgresql_pgdata }}"
|
||||
- "{{ postgresql_wal_archive }}"
|
||||
|
||||
- name: Initialize database
|
||||
ansible.builtin.command:
|
||||
|
|
@ -99,8 +90,7 @@
|
|||
apply:
|
||||
become: true
|
||||
become_user: postgres
|
||||
vars:
|
||||
db_name: "{{ item.key }}"
|
||||
db_vars: "{{ item.value }}"
|
||||
loop: "{{ databases | dict2items }}"
|
||||
loop: "{{ postgresql_db_list }}"
|
||||
loop_control:
|
||||
loop_var: db
|
||||
no_log: true
|
||||
|
|
|
|||
|
|
@ -6,6 +6,6 @@ local all all scram-sh
|
|||
host all all 127.0.0.1/32 scram-sha-256
|
||||
host all all ::1/128 scram-sha-256
|
||||
|
||||
{% for db in (databases | dict2items(key_name='name', value_name='vars')) %}
|
||||
{% for db in postgresql_db_list|sort %}
|
||||
host {{ db.name }} {{ db.vars.username }} {{ internal_subnet }} scram-sha-256
|
||||
{% endfor %}
|
||||
|
|
|
|||
Loading…
Reference in a new issue