commit 0ffb39f77eef37dfb8eae7f61b647c90585bbd0a Author: Jeff Geerling Date: Thu Sep 29 11:03:13 2016 -0500 Initial commit for Ubuntu, Debian, and RHEL/CentOS. diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..d756614 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,52 @@ +--- +services: docker + +env: + - distro: centos7 + init: /usr/lib/systemd/systemd + run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" + playbook: centos-7-test.yml + - distro: centos6 + init: /sbin/init + run_opts: "" + playbook: test.yml + - distro: ubuntu1604 + init: /lib/systemd/systemd + run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" + playbook: test.yml + - distro: ubuntu1404 + init: /sbin/init + run_opts: "" + playbook: test.yml + +services: + - docker + +before_install: + # Pull container + - 'docker pull geerlingguy/docker-${distro}-ansible:latest' + +script: + - container_id=$(mktemp) + # Run container in detached state. + - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"' + + # Ansible syntax check. + - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} --syntax-check' + + # Test role. + - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' + + # Test role idempotence. + - idempotence=$(mktemp) + - docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} | tee -a ${idempotence} + - > + tail ${idempotence} + | grep -q 'changed=0.*failed=0' + && (echo 'Idempotence test: pass' && exit 0) + || (echo 'Idempotence test: fail' && exit 1) + + # TODO: Check to make sure we can connect to PostgreSQL. + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/README.md b/README.md new file mode 100644 index 0000000..2496790 --- /dev/null +++ b/README.md @@ -0,0 +1,72 @@ +# Ansible Role: PostgreSQL + +[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-postgresql.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-postgresql) + +Installs and configures PostgreSQL server on RHEL/CentOS or Debian/Ubuntu servers. + +## Requirements + +No special requirements; note that this role requires root access, so either run it in a playbook with a global `become: yes`, or invoke the role in your playbook like: + + - hosts: database + roles: + - role: geerlingguy.postgresql + become: yes + +## Role Variables + +Available variables are listed below, along with default values (see `defaults/main.yml`): + + postgresql_enablerepo: "" + +TODO. + + postgresql_databases: + - name: example + lc_collate: 'en_US.UTF-8' # optional + lc_ctype: 'en_US.UTF-8' # optional + encoding: 'UTF-8' # optional + +TODO. + + postgresql_users: + - name: jdoe + password: supersecure # optional + login_host: example.com # optional, defaults to 'localhost' + login_password: supersecure # optional + login_user: admin # optional, defaults to 'postgres' + port: 1234 # optional, defaults to 5432 + priv: table:priv1,priv2 # optional + role_attr_flags: CREATEDB,NOSUPERUSER # optional + state: present # optional + +TODO. + +## Dependencies + +None. + +## Example Playbook + + - hosts: database + become: yes + vars_files: + - vars/main.yml + roles: + - geerlingguy.postgresql + +*Inside `vars/main.yml`*: + + postgresql_databases: + - name: example_db + postgresql_users: + - name: example_user + password: similarly-secure-password + +## License + +MIT / BSD + +## Author Information + +This role was created in 2016 by [Jeff Geerling](http://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/). diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..a2c476d --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,22 @@ +--- +# RHEL/CentOS only. Set a repository to use for PostgreSQL installation. +postgresql_enablerepo: "" + +# Databases to ensure exist. +postgresql_databases: [] + # - name: example + # lc_collate: 'en_US.UTF-8' # optional + # lc_ctype: 'en_US.UTF-8' # optional + # encoding: 'UTF-8' # optional + +# Users to ensure exist. +postgresql_users: [] + # - name: jdoe + # password: supersecure # optional + # login_host: example.com # optional, defaults to 'localhost' + # login_password: supersecure # optional + # login_user: admin # optional, defaults to 'postgres' + # port: 1234 # optional, defaults to 5432 + # priv: table:priv1,priv2 # optional + # role_attr_flags: CREATEDB,NOSUPERUSER # optional + # state: present # optional diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..614177a --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,3 @@ +--- +- name: restart postgresql + service: "name={{ posgresql_daemon }} state=restarted sleep=5" diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..db0b759 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,25 @@ +--- +dependencies: [] + +galaxy_info: + author: geerlingguy + description: PostgreSQL server for Linux. + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 2.0 + platforms: + - name: EL + versions: + - 6 + - 7 + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all + galaxy_tags: + - database + - postgresql + - postgres + - rdbms diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..9fa4d47 --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,2 @@ +--- +# TODO diff --git a/tasks/databases.yml b/tasks/databases.yml new file mode 100644 index 0000000..338b7b3 --- /dev/null +++ b/tasks/databases.yml @@ -0,0 +1,9 @@ +--- +- name: Ensure PostgreSQL databases are present. + postgresql_db: + name: "{{ item.name }}" + lc_collate: "{{ item.lc_collate | default('en_US.UTF-8') }}" + lc_ctype: "{{ item.lc_ctype | default('en_US.UTF-8') }}" + encoding: "{{ item.encoding | default('UTF-8') }}" + state: present + with_items: "{{ postgresql_databases }}" diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..c413538 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,16 @@ +--- +# Variable configuration. +- include: variables.yml + +# Setup/install tasks. +- include: setup-RedHat.yml + when: ansible_os_family == 'RedHat' + +- include: setup-Debian.yml + when: ansible_os_family == 'Debian' + +# Configure PostgreSQL. +- include: configure.yml +- include: secure-installation.yml +- include: databases.yml +- include: users.yml diff --git a/tasks/secure-installation.yml b/tasks/secure-installation.yml new file mode 100644 index 0000000..e506d4e --- /dev/null +++ b/tasks/secure-installation.yml @@ -0,0 +1,2 @@ +--- +# TODO. diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml new file mode 100644 index 0000000..080703f --- /dev/null +++ b/tasks/setup-Debian.yml @@ -0,0 +1,7 @@ +--- +- name: Ensure PostgreSQL Python libraries are installed. + apt: "name=python-psycopg2 state=installed" + +- name: Ensure PostgreSQL packages are installed. + apt: "name={{ item }} state=installed" + with_items: "{{ postgresql_packages }}" diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml new file mode 100644 index 0000000..050c842 --- /dev/null +++ b/tasks/setup-RedHat.yml @@ -0,0 +1,7 @@ +--- +- name: Ensure PostgreSQL packages are installed. + package: "name={{ item }} state=installed enablerepo={{ postgresql_enablerepo }}" + with_items: "{{ postgresql_packages }}" + +- name: Ensure PostgreSQL Python libraries are installed. + package: "name=python-psycopg2 state=installed enablerepo={{ postgresql_enablerepo }}" diff --git a/tasks/users.yml b/tasks/users.yml new file mode 100644 index 0000000..e9a14d7 --- /dev/null +++ b/tasks/users.yml @@ -0,0 +1,14 @@ +--- +- name: Ensure PostgreSQL users are present. + postgresql_user: + name: "{{ item.name }}" + password: "{{ item.password | default(omit) }}" + login_host: "{{ item.login_host | default('localhost') }}" + login_password: "{{ item.login_password | default(omit) }}" + login_user: "{{ item.login_user | default(postgres) }}" + port: "{{ item.port | default('5432') }}" + priv: "{{ item.priv | default(omit) }}" + role_attr_flags: "{{ item.role_attr_flags | default(omit) }}" + state: "{{ item.state | default('present') }}" + with_items: "{{ postgresql_users }}" + no_log: true diff --git a/tasks/variables.yml b/tasks/variables.yml new file mode 100644 index 0000000..e50b1f8 --- /dev/null +++ b/tasks/variables.yml @@ -0,0 +1,14 @@ +--- +# Variable configuration. +- name: Include OS-specific variables. + include_vars: "{{ ansible_os_family }}.yml" + +- name: Define postgresql_packages. + set_fact: + postgresql_packages: "{{ __postgresql_packages | list }}" + when: postgresql_packages is not defined + +- name: Define postgresql_daemon. + set_fact: + postgresql_daemon: "{{ __postgresql_daemon }}" + when: postgresql_daemon is not defined diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..7744b49 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,10 @@ +--- +- hosts: all + + pre_tasks: + - name: Update apt cache. + apt: update_cache=yes + when: ansible_os_family == 'Debian' + + roles: + - role_under_test diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..aab2b71 --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,6 @@ +--- +__postgresql_daemon: postgresql +__postgresql_packages: + - postgresql + - postgresql-contrib + - libpq-dev diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000..26dfe20 --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,7 @@ +--- +__postgresql_daemon: postgresql +__postgresql_packages: + - postgresql + - postgresql-server + - postgresql-contrib + - postgresql-libs