30 lines
1.1 KiB
YAML
30 lines
1.1 KiB
YAML
---
|
|
- name: configure-access | Manage the pg_hba.conf file
|
|
delegate_to: "{{ item.0.db_host }}"
|
|
when: item.0.db_host is defined
|
|
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db']
|
|
block:
|
|
- name: configure-access | Give access to the remote postgresql client
|
|
community.postgresql.postgresql_pg_hba:
|
|
dest: "{{ psql_conf_base_dir }}/{{ item.pgsql_version | default('psql_version') }}/main/pg_hba.conf"
|
|
contype: '{% if psql_force_ssl_client_connection %}hostssl{% else %}host{% endif %}'
|
|
users: '{{ item.0.user }}'
|
|
address: '{{ item.1 }}'
|
|
databases: '{{ item.0.name }}'
|
|
# method: 'scram-sha-256'
|
|
method: 'md5'
|
|
owner: root
|
|
group: postgres
|
|
mode: "0640"
|
|
state: "{{ item.0.state | default('present') }}"
|
|
with_subelements:
|
|
- '{{ psql_db_data | default([]) }}'
|
|
- allowed_hosts
|
|
when:
|
|
- psql_db_data is defined
|
|
- item.1 is defined
|
|
notify: Reload postgresql
|
|
|
|
- name: configure-access | Flush handlers
|
|
ansible.builtin.meta: flush_handlers
|