Add PostgreSQL configs

This commit is contained in:
Sam A. 2023-12-23 17:41:57 +01:00
parent cbdc7119fb
commit f0464f288c
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
6 changed files with 57 additions and 12 deletions

View file

@ -2,4 +2,5 @@
# code: language=ansible
---
postgresql_pgdata: "{{ data_fs }}/pgsql/{{ postgresql_version }}/data"
postgresql_wal_archive: "{{ data_fs }}/wal-archive"
postgresql_service: postgresql-{{ postgresql_version }}

View file

@ -23,14 +23,3 @@
roles: "{{ db_vars.username }}"
privs: ALL
state: present
- name: Allow connections to database '{{ db_name }}'
community.postgresql.postgresql_pg_hba:
dest: "{{ postgresql_pgdata }}/pg_hba.conf"
contype: host
users: "{{ db_vars.username }}"
databases: "{{ db_name }}"
source: "{{ internal_subnet }}"
method: scram-sha-256
state: present
notify: Reload PostgreSQL

View file

@ -34,7 +34,7 @@
- name: Copy PostgreSQL service override file
ansible.builtin.template:
src: systemd-overrides/{{ postgresql_service }}.service.j2
src: "{{ postgresql_service }}.service.j2"
dest: /etc/systemd/system/{{ postgresql_service }}.service.d/override.conf
owner: root
mode: u=rw,g=r,o=r
@ -57,6 +57,22 @@
become: true
become_user: postgres
- name: Copy postgresql.conf
ansible.builtin.template:
src: postgresql.conf.j2
dest: "{{ postgresql_pgdata }}/postgresql.conf"
owner: postgres
mode: u=rw,go=
notify: Reload PostgreSQL
- name: Copy pg_hba.conf
ansible.builtin.template:
src: pg_hba.conf.j2
dest: "{{ postgresql_pgdata }}/pg_hba.conf"
owner: postgres
mode: u=rw,go=
notify: Reload PostgreSQL
- name: Ensure PostgreSQL is enabled and running
ansible.builtin.service:
name: "{{ postgresql_service }}"

View file

@ -0,0 +1,12 @@
# THIS FILE IS MANAGED BY ANSIBLE
# code: language=ansible-jinja
# TYPE DATABASE USER ADDRESS METHOD
local all all scram-sha-256
local all postgres peer
host all all 127.0.0.1/32 scram-sha-256
host all all ::1/128 scram-sha-256
{% for db in (databases | dict2items(key_name='name', value_name='vars')) %}
host {{ db.name }} {{ db.vars.username }} {{ internal_subnet }} scram-sha-256
{% endfor %}

View file

@ -1,3 +1,5 @@
# THIS FILE IS MANAGED BY ANSIBLE
# code: language=ansible-jinja
[Service]
Environment=PGDATA={{ postgresql_pgdata }}

View file

@ -0,0 +1,25 @@
# THIS FILE IS MANAGED BY ANSIBLE
# code: language=ansible-jinja
# Common
listen_addresses = '*'
max_connections = 100
shared_buffers = 128MB
dynamic_shared_memory_type = posix
password_encryption = scram-sha-256
datestyle = 'iso, mdy'
timezone = '{{ timezone }}'
log_timezone = '{{ timezone }}'
lc_messages = 'en_US.utf8'
lc_monetary = 'en_US.utf8'
lc_numeric = 'en_US.utf8'
lc_time = 'en_US.utf8'
# WAL settings
wal_level = replica
max_wal_size = 2GB
min_wal_size = 80MB
# Archiving
archive_mode = on
archive_command = 'test ! -f {{ postgresql_wal_archive }}/%f && cp %p {{ postgresql_wal_archive }}/%f'