sets postgresql with a giteadb and gitea user

This commit is contained in:
Ibrahim Mkusa 2024-09-07 17:10:38 -04:00
parent 91824b7002
commit 3986b4fb6e

View File

@ -2,11 +2,26 @@
- name: This playbook installs and setups postgresql - name: This playbook installs and setups postgresql
hosts: aws hosts: aws
become: true become: true
vars_files:
- ../vars/secrets.yml
vars:
postgresql_user: gitea
postgresql_db: giteadb
tasks: tasks:
- name: install postgresql - name: install postgresql
apt: apt:
name: postgresql name: "{{item}}"
update_cache: true loop:
- postgresql
- postgresql-contrib
- libpq-dev
- python3-dev
- python3-pip
- acl
- name: install pyscopg python module
ansible.builtin.pip:
name: psycopg2
- name: enable the postgresql service - name: enable the postgresql service
service: service:
@ -17,3 +32,34 @@
service: service:
name: postgresql name: postgresql
state: started state: started
- name: create giteadb database
become_user: postgres
community.postgresql.postgresql_db:
name: "{{postgresql_db}}"
encoding: UTF-8
lc_collate: en_US.UTF-8
lc_ctype: en_US.UTF-8
template: template0
- name: create user gitea
become_user: postgres
community.postgresql.postgresql_user:
name: "{{postgresql_user}}"
password: "{{postgresql_password}}"
environment:
PGOPTIONS: "-c password_encryption=scram-sha-256"
- name: grant priviledges to giteadb to user gitea
become_user: postgres
community.postgresql.postgresql_privs:
db: giteadb
privs: ALL
type: database
role: gitea
- name: let gitea authenticate as a peer
ansible.builtin.lineinfile:
path: /etc/postgresql/14/main/pg_hba.conf
regexp: "^local.*all.*all.*peer"
line: "local all all scram-sha-256"