From 0f3ab126ca463ecc25ca481edad2096e72f3387a Mon Sep 17 00:00:00 2001 From: Daniel Palomar Date: Fri, 20 Sep 2019 16:45:36 +0200 Subject: [PATCH 1/5] Replace the geerlingguy.postgresql role with a custom db role Use the custom role to install ONLY the version 9.4. --- playbooks/provision.yml | 17 +----------- roles/database/tasks/main.yml | 52 +++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 16 deletions(-) create mode 100644 roles/database/tasks/main.yml diff --git a/playbooks/provision.yml b/playbooks/provision.yml index fcd6b94..227fde3 100644 --- a/playbooks/provision.yml +++ b/playbooks/provision.yml @@ -25,22 +25,7 @@ rbenv_users: - timeoverflow default_gems_file: ../files/custom-gems - - role: vendor/geerlingguy.postgresql - vars: - postgresql_hba_entries: - - { type: local, database: all, user: postgres, auth_method: peer } - - { type: local, database: all, user: "{{ database_user }}", auth_method: peer } - postgresql_locales: - - 'es_ES.UTF-8' - postgresql_users: - - name: "{{ database_user }}" - role_attr_flags: "{{ database_role_attributes }}" - postgresql_databases: - - name: "{{ database_name }}" - owner: "{{ database_user }}" - lc_collate: 'es_ES.UTF-8' - lc_ctype: 'es_ES.UTF-8' - postgresql_python_library: python3-psycopg2 # related to ansible_python_interpreter + - role: database - role: vendor/elastic.elasticsearch es_instance_name: timeoverflow es_heap_size: "512m" diff --git a/roles/database/tasks/main.yml b/roles/database/tasks/main.yml new file mode 100644 index 0000000..ffa3450 --- /dev/null +++ b/roles/database/tasks/main.yml @@ -0,0 +1,52 @@ +--- +- name: Install gnupg2 + apt: + name: gnupg2 + +- name: Add apt key + apt_key: + url: https://www.postgresql.org/media/keys/ACCC4CF8.asc + +- name: Add PostgreSQL 9.4 PPA repository + apt_repository: + repo: deb https://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main + filename: pgdg.list + +- name: APT upgrade + apt: + update_cache: true + upgrade: true + +- name: Ensure all configured locales are present. + locale_gen: "name=es_ES.UTF-8 state=present" + +- name: Install PostgreSQL 9.4 and dependencies + apt: + name: + - postgresql-9.4 + - libpq-dev + - python3-psycopg2 + +- name: Add hba entry for user + postgresql_pg_hba: + dest: /etc/postgresql/9.4/main/pg_hba.conf + users: "{{ database_user }}" + contype: local + databases: all + method: peer + +- name: Add user + become_user: postgres + postgresql_user: + name: "{{ database_user }}" + role_attr_flags: "{{ database_role_attributes }}" + +- name: Create db + become_user: postgres + postgresql_db: + name: "{{ database_name }}" + owner: "{{ database_user }}" + lc_collate: 'es_ES.UTF-8' + lc_ctype: 'es_ES.UTF-8' + encoding: 'UTF-8' + template: 'template0' From 6ab2dce618c9601bbbe3bfe50e200a2507710772 Mon Sep 17 00:00:00 2001 From: Daniel Palomar Date: Fri, 20 Sep 2019 16:46:50 +0200 Subject: [PATCH 2/5] Remove geerlingguy.postgresql role from Galaxy dependencies --- requirements.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/requirements.yml b/requirements.yml index a39f786..180189e 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,8 +4,6 @@ version: 1.8.1 - src: zzet.rbenv version: 3.4.3 -- src: geerlingguy.postgresql - version: 2.0.0 - src: elastic.elasticsearch version: 5.5.1 - src: jdauphant.nginx From 9acb321bf769b1a7c0b937a0eb59c9e000b4c862 Mon Sep 17 00:00:00 2001 From: Pau Perez Date: Fri, 20 Sep 2019 18:00:12 +0200 Subject: [PATCH 3/5] Remove .list from PPA The systems adds the .list extension already --- roles/database/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/database/tasks/main.yml b/roles/database/tasks/main.yml index ffa3450..94c0757 100644 --- a/roles/database/tasks/main.yml +++ b/roles/database/tasks/main.yml @@ -10,7 +10,7 @@ - name: Add PostgreSQL 9.4 PPA repository apt_repository: repo: deb https://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main - filename: pgdg.list + filename: pgdg - name: APT upgrade apt: From 88449dbec430f6065630fa547f258d5a01df36d1 Mon Sep 17 00:00:00 2001 From: Pau Perez Date: Fri, 20 Sep 2019 18:00:41 +0200 Subject: [PATCH 4/5] Fix unparseable value for variable The role needs a value so that it can call `split` on it. --- inventory/host_vars/staging18.timeoverflow.org/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/inventory/host_vars/staging18.timeoverflow.org/config.yml b/inventory/host_vars/staging18.timeoverflow.org/config.yml index 5a37ed5..9a14960 100644 --- a/inventory/host_vars/staging18.timeoverflow.org/config.yml +++ b/inventory/host_vars/staging18.timeoverflow.org/config.yml @@ -1,7 +1,7 @@ --- database_name: timeoverflow_staging rails_environment: staging -database_role_attributes: # Left empty +database_role_attributes: NOSUPERUSER sys_admins: - name: enrico From ad1424c3d1eae867bd996143d1856240a30e5010 Mon Sep 17 00:00:00 2001 From: Pau Perez Date: Fri, 20 Sep 2019 18:08:46 +0200 Subject: [PATCH 5/5] Fix linting errors --- roles/database/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/database/tasks/main.yml b/roles/database/tasks/main.yml index 94c0757..82ebbfd 100644 --- a/roles/database/tasks/main.yml +++ b/roles/database/tasks/main.yml @@ -36,12 +36,14 @@ method: peer - name: Add user + become: yes become_user: postgres postgresql_user: name: "{{ database_user }}" role_attr_flags: "{{ database_role_attributes }}" - name: Create db + become: yes become_user: postgres postgresql_db: name: "{{ database_name }}"