fixed problem with Ansible and Postgres 10 blocking commands without …

…encryption
facebookarchive · Jun 23, 2019 · 19633f0 · 19633f0
1 parent c02e37c
commit 19633f0
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 4 deletions.
diff --git a/ansible_install/roles/piponger/tasks/main.yml b/ansible_install/roles/piponger/tasks/main.yml
@@ -45,11 +45,16 @@
   become: yes
   file: path="{{ final_piponger_dir }}" state=directory
 
-- name: Add host key to know hosts
+- name: Add host key to know hosts (become no)
   become: no
   delegate_to: localhost
   local_action: command ssh-keyscan {{ ansible_default_ipv4.address }} >> ~/.ssh/known_hosts
 
+- name: Add host key to know hosts (become yes)
+  become: yes
+  delegate_to: localhost
+  local_action: command ssh-keyscan {{ ansible_default_ipv4.address }} >> ~/.ssh/known_hosts
+
 - name: define manual rsync
   become: no
   delegate_to: localhost
@@ -90,7 +95,7 @@
   become: true
   template:
     src: templates/config_default.cfg
-    dest: "/srv/piponger/config_default.cfg"
+    dest: "/srv/piponger/config.cfg"
 
 - name: set correct owner and permissions
   become: yes

diff --git a/ansible_install/roles/postgresql/tasks/main.yml b/ansible_install/roles/postgresql/tasks/main.yml
@@ -49,7 +49,7 @@
 - name: Create piponger_user role for database
   become: yes
   become_user: postgres
-  postgresql_user: db="{{ dbname }}" user="{{ dbuser }}" password="{{ database_passwd }}" priv=ALL state=present
+  postgresql_user: db="{{ dbname }}" user="{{ dbuser }}" password="{{ database_passwd }}" encrypted=yes priv=ALL state=present
 
 - name: Start the Postgresql service
   become: yes
@@ -67,7 +67,7 @@
 - name: ensure user has access to database
   become: yes
   become_user: postgres
-  postgresql_user: db="{{ dbname }}" name="{{ dbuser }}" password="{{ database_passwd }}" priv=ALL
+  postgresql_user: db="{{ dbname }}" name="{{ dbuser }}" password="{{ database_passwd }}" encrypted=yes priv=ALL
 
 - name: Grant table permissions for piponger_user role
   become: yes