Use ssl for the replication connection if possible

tasks/postgresql-streaming-replication.yml

@@ -35,6 +35,22 @@
       state: present
     loop: '{{ psql_streaming_replication_hosts }}'
     notify: Reload postgresql
+    when: not psql_enable_ssl
+
+  - name: Configure the replication user permissions
+    postgresql_pg_hba:
+      dest: '{{ psql_conf_dir }}/pg_hba.conf'
+      contype: hostssl
+      users: '{{ psql_streaming_replication_user }}'
+      address: '{{ item }}'
+      databases: 'replication'
+      #method: 'scram-sha-256'
+      method: 'md5'
+      state: present
+    loop: '{{ psql_streaming_replication_hosts }}'
+    notify: Reload postgresql
+    when: psql_enable_ssl
+
   when: ansible_distribution_file_variety == "Debian"
   tags: [ 'postgresql', 'postgres', 'pg_conf', 'pg_hba', 'postgresql_replication' ]
 
@@ -52,5 +68,21 @@
       state: present
     loop: '{{ psql_streaming_replication_hosts }}'
     notify: Reload postgresql
+    when: not psql_enable_ssl
+
+  - name: Configure the replication user permissions
+    postgresql_pg_hba:
+      dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
+      contype: hostssl
+      users: '{{ psql_streaming_replication_user }}'
+      address: '{{ item }}'
+      databases: 'replication'
+      #method: 'scram-sha-256'
+      method: 'md5'
+      state: present
+    loop: '{{ psql_streaming_replication_hosts }}'
+    notify: Reload postgresql
+    when: psql_enable_ssl
+
   when: ansible_distribution_file_variety == "RedHat"
   tags: [ 'postgresql', 'postgres', 'pg_conf', 'pg_hba', 'postgresql_replication' ]