Commit 4274856d authored by Louis VINCHON's avatar Louis VINCHON
Browse files

Role postgresql: factorize common tasks in the 'common' subfolder

All tasks that are OS-agnostic are moved to the 'common' folder.
parent fc98d002
......@@ -4,18 +4,19 @@
- import_tasks: repos.yml
- import_tasks: packages.yml
- import_tasks: pip.yml
- import_tasks: ../common/pip.yml
- import_tasks: ../common/users.yml
- import_tasks: users.yml
- import_tasks: files.yml
- import_tasks: ../common/files.yml
- import_tasks: db_init.yml
- import_tasks: patches.yml
- import_tasks: security.yml
- import_tasks: systemd.yml
- import_tasks: ../common/systemd.yml
- import_tasks: db_privs.yml
- import_tasks: ../common/db_privs.yml
...
---
- name: Create UNIX iRODS group
group:
name: "{{ irods_unix_group_name }}"
gid: "{{ irods_unix_group_id }}"
state: present
- name: Create UNIX iRODS user
user:
name: "{{ irods_unix_user_name }}"
uid: "{{ irods_unix_user_id }}"
group: irods
state: present
password: "{{irods_unix_password}}"
#password: see docs.ansible.com/ansible/latest/user_module.html
- name: Create postgres user and group on CentOS 7
block:
- name: Create UNIX postgres group
......
---
- name: Create PostgreSQL iRODS user
postgresql_user:
name: "{{ database_user }}"
state: present
password: "{{ database_password }}"
login_user: postgres
become: true
become_user: postgres
- name: Create PostgreSQL iRODS database
postgresql_db:
name: "{{ database_name }}"
state: present
login_user: postgres
become: true
become_user: postgres
- name: Set database privileges
postgresql_privs:
database: "{{ database_name }}"
state: present
privs: ALL
type: database
roles: "{{ database_user }}"
login_user: postgres
become: true
become_user: postgres
...
---
- name: Create database directory
file:
state: directory
path: "{{path_to_icat}}"
owner: postgres
group: postgres
mode: 0700
recurse: yes
...
......@@ -2,15 +2,15 @@
# tasks file for postgresql
- import_tasks: pip.yml
- import_tasks: ../common/pip.yml
- import_tasks: users.yml
- import_tasks: ../common/users.yml
- import_tasks: files.yml
- import_tasks: ../common/files.yml
- import_tasks: db_init.yml
- import_tasks: systemd.yml
- import_tasks: ../common/systemd.yml
- import_tasks: db_privs.yml
- import_tasks: ../common/db_privs.yml
...
---
- name: Install Python modules
pip:
name:
- pip
- psycopg2-binary
state: latest
...
---
# Dynamically set some variables commonly used by this task group.
- name: Setting facts for systemd operations.
vars:
external_postgres_suffix: "-{{ external_postgresql_version }}"
# Suffix will be '-version', e.g. '-13' for postgresql v13.x.x, or '' (nothing) if we do use the version distributed by the standard repository.
suffix: "{{ ( use_distribution_postgresql == false ) | ternary(external_postgres_suffix, '') }}"
set_fact:
postgres_unit_file_name: "postgresql{{ suffix }}.service"
# This task will place an 'override' for the systemd unit file distributed by postgresql.
# Modifying the original unit file is not recomended as it is replaced with each update of postgresql.
#
# Its current purpose is to define the path to the data directory where the database's actual data will be on the system.
# cf. The template file.
- name: "Define the {{ postgres_unit_file_name }} override file."
template:
src: templates/postgresql.service.j2
dest: "/etc/systemd/system/{{ postgres_unit_file_name }}"
owner: root
group: wheel
mode: '0644'
when:
- path_to_icat is defined
- path_to_icat != None
- path_to_icat | length > 0
- name: "Start {{ postgres_unit_file_name }}"
systemd:
name: "{{ postgres_unit_file_name }}"
state: started
daemon_reload: yes
enabled: yes
...
---
- name: Create PostgreSQL iRODS user
postgresql_user:
name: "{{ database_user }}"
state: present
password: "{{ database_password }}"
login_user: postgres
become: true
become_user: postgres
- name: Create PostgreSQL iRODS database
postgresql_db:
name: "{{ database_name }}"
state: present
login_user: postgres
become: true
become_user: postgres
- name: Set database privileges
postgresql_privs:
database: "{{ database_name }}"
state: present
privs: ALL
type: database
roles: "{{ database_user }}"
login_user: postgres
become: true
become_user: postgres
...
---
- name: Create database directory
file:
state: directory
path: "{{path_to_icat}}"
owner: postgres
group: postgres
mode: 0700
recurse: yes
...
......@@ -3,17 +3,18 @@
# tasks file for postgresql
- import_tasks: packages.yml
- import_tasks: pip.yml
- import_tasks: ../common/pip.yml
- import_tasks: ../common/users.yml
- import_tasks: users.yml
- import_tasks: files.yml
- import_tasks: ../common/files.yml
- import_tasks: db_info.yml
- import_tasks: db_init.yml
- import_tasks: patches.yml
- import_tasks: systemd.yml
- import_tasks: ../common/systemd.yml
- import_tasks: db_privs.yml
- import_tasks: ../common/db_privs.yml
...
---
- name: Install Python modules
pip:
name:
- pip
- psycopg2-binary
state: latest
...
---
# Dynamically set some variables commonly used by this task group.
- name: Setting facts for systemd operations.
vars:
external_postgres_suffix: "-{{ external_postgresql_version }}"
# Suffix will be '-version', e.g. '-13' for postgresql v13.x.x, or '' (nothing) if we do use the version distributed by the standard repository.
suffix: "{{ ( use_distribution_postgresql == false ) | ternary(external_postgres_suffix, '') }}"
set_fact:
postgres_unit_file_name: "postgresql{{ suffix }}.service"
# This task will place an 'override' for the systemd unit file distributed by postgresql.
# Modifying the original unit file is not recomended as it is replaced with each update of postgresql.
#
# Its current purpose is to define the path to the data directory where the database's actual data will be on the system.
# cf. The template file.
- name: "Define the {{ postgres_unit_file_name }} override file."
template:
src: templates/postgresql.service.j2
dest: "/etc/systemd/system/{{ postgres_unit_file_name }}"
owner: root
group: wheel
mode: '0644'
when:
- path_to_icat is defined
- path_to_icat != None
- path_to_icat | length > 0
- name: "Start {{ postgres_unit_file_name }}"
systemd:
name: "{{ postgres_unit_file_name }}"
state: started
daemon_reload: yes
enabled: yes
...
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment