From 1745aa898180b5df4be6dc16f5a789daac747ba5 Mon Sep 17 00:00:00 2001 From: Copperfield Date: Tue, 8 Jul 2014 16:21:47 +0200 Subject: [PATCH 1/3] Provide support for a basic user owner database --- defaults/main.yml | 1 + tasks/databases.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/defaults/main.yml b/defaults/main.yml index b82887b8..99c2b858 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,6 +11,7 @@ postgresql_default_auth_method: "trust" postgresql_cluster_name: "main" postgresql_cluster_reset: false +postgresql_database_owner: "{{ansible_user_id}}" # Extensions postgresql_ext_install_contrib: no postgresql_ext_install_dev_headers: no diff --git a/tasks/databases.yml b/tasks/databases.yml index 4a10df36..446be69e 100644 --- a/tasks/databases.yml +++ b/tasks/databases.yml @@ -8,6 +8,7 @@ - name: PostgreSQL | Make sure the PostgreSQL databases are present postgresql_db: name: "{{item.name}}" + owner: "{{postgresql_database_owner}}" encoding: "{{postgresql_encoding}}" lc_collate: "{{postgresql_locale}}" lc_ctype: "{{postgresql_locale}}" From 87118e44cca04be6eb6e83dc56db11b1909d7ddb Mon Sep 17 00:00:00 2001 From: Copperfield Date: Tue, 8 Jul 2014 18:38:51 +0200 Subject: [PATCH 2/3] Users bafore database. Other way it make no sense --- tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/main.yml b/tasks/main.yml index 3b0003fb..08a05e64 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -3,7 +3,7 @@ - include: install.yml - include: extensions.yml - include: configure.yml -- include: databases.yml - include: users.yml +- include: databases.yml - include: monit.yml when: monit_protection is defined and monit_protection == true From c20146400af29681dc4faed4d6744e74bd6aacd6 Mon Sep 17 00:00:00 2001 From: Copperfield Date: Tue, 8 Jul 2014 18:53:07 +0200 Subject: [PATCH 3/3] Sparate users's tasks in functional units --- tasks/main.yml | 1 + tasks/users.yml | 10 ---------- tasks/users_priv.yml | 11 +++++++++++ 3 files changed, 12 insertions(+), 10 deletions(-) create mode 100644 tasks/users_priv.yml diff --git a/tasks/main.yml b/tasks/main.yml index 08a05e64..a2c7da39 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,5 +5,6 @@ - include: configure.yml - include: users.yml - include: databases.yml +- include: users_priv.yml - include: monit.yml when: monit_protection is defined and monit_protection == true diff --git a/tasks/users.yml b/tasks/users.yml index 9323d86a..58739a52 100644 --- a/tasks/users.yml +++ b/tasks/users.yml @@ -13,13 +13,3 @@ login_host: "{{item.host | default('localhost')}}" with_items: postgresql_users when: postgresql_users|length > 0 - -- name: PostgreSQL | Update the user privileges - postgresql_user: - name: "{{item.name}}" - db: "{{item.db}}" - priv: "{{item.priv | default('ALL')}}" - state: present - login_host: "{{item.host | default('localhost')}}" - with_items: postgresql_user_privileges - when: postgresql_users|length > 0 diff --git a/tasks/users_priv.yml b/tasks/users_priv.yml new file mode 100644 index 00000000..144b897b --- /dev/null +++ b/tasks/users_priv.yml @@ -0,0 +1,11 @@ +# file: postgresql/tasks/users_priv.yml + +- name: PostgreSQL | Update the user privileges + postgresql_user: + name: "{{item.name}}" + db: "{{item.db}}" + priv: "{{item.priv | default('ALL')}}" + state: present + login_host: "{{item.host | default('localhost')}}" + with_items: postgresql_user_privileges + when: postgresql_users|length > 0