Flush handlers after configuring pg_hba.
This commit is contained in:
parent
a6f71dda75
commit
fd68e8d04a
GPG Key ID:
147ABE6CEB9E20FF
|
|
@ -1,8 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: configure-access | Configure accesses on Deb/Ubuntu
|
- name: configure-access | Configure accesses on Deb/Ubuntu
|
||||||
when: ansible_distribution_file_variety == "Debian"
|
when: ansible_distribution_file_variety == "Debian"
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db']
|
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db']
|
||||||
block:
|
block:
|
||||||
- name: configure-access | Give access to the remote postgresql client
|
- name: configure-access | Give access to the remote postgresql client
|
||||||
|
|
@ -14,6 +12,9 @@
|
||||||
databases: '{{ item.0.name }}'
|
databases: '{{ item.0.name }}'
|
||||||
# method: 'scram-sha-256'
|
# method: 'scram-sha-256'
|
||||||
method: 'md5'
|
method: 'md5'
|
||||||
|
owner: root
|
||||||
|
group: postgres
|
||||||
|
mode: "0640"
|
||||||
state: "{{ item.0.state | default('present') }}"
|
state: "{{ item.0.state | default('present') }}"
|
||||||
with_subelements:
|
with_subelements:
|
||||||
- '{{ psql_db_data | default([]) }}'
|
- '{{ psql_db_data | default([]) }}'
|
||||||
|
|
@ -33,8 +34,14 @@
|
||||||
databases: 'replication'
|
databases: 'replication'
|
||||||
method: 'peer'
|
method: 'peer'
|
||||||
state: present
|
state: present
|
||||||
|
owner: root
|
||||||
|
group: postgres
|
||||||
|
mode: "0640"
|
||||||
notify: Reload postgresql
|
notify: Reload postgresql
|
||||||
|
|
||||||
|
- name: configure-access | Flush handlers
|
||||||
|
ansible.builtin.meta: flush_handlers
|
||||||
|
|
||||||
- name: configure-access | Configure accesses on EL
|
- name: configure-access | Configure accesses on EL
|
||||||
when: ansible_distribution_file_variety == "RedHat"
|
when: ansible_distribution_file_variety == "RedHat"
|
||||||
block:
|
block:
|
||||||
|
|
@ -51,8 +58,6 @@
|
||||||
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db', 'firewall', 'iptables_rules']
|
tags: ['postgresql', 'postgres', 'pg_hba', 'pg_db', 'firewall', 'iptables_rules']
|
||||||
|
|
||||||
- name: configure-access | Give access to the remote postgresql client
|
- name: configure-access | Give access to the remote postgresql client
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
community.postgresql.postgresql_pg_hba:
|
community.postgresql.postgresql_pg_hba:
|
||||||
dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
|
dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
|
||||||
contype: '{% if psql_force_ssl_client_connection %}hostssl{% else %}host{% endif %}'
|
contype: '{% if psql_force_ssl_client_connection %}hostssl{% else %}host{% endif %}'
|
||||||
|
|
@ -62,6 +67,9 @@
|
||||||
# method: 'scram-sha-256'
|
# method: 'scram-sha-256'
|
||||||
method: 'md5'
|
method: 'md5'
|
||||||
state: "{{ item.0.state | default('present') }}"
|
state: "{{ item.0.state | default('present') }}"
|
||||||
|
owner: root
|
||||||
|
group: postgres
|
||||||
|
mode: "0640"
|
||||||
with_subelements:
|
with_subelements:
|
||||||
- '{{ psql_db_data | default([]) }}'
|
- '{{ psql_db_data | default([]) }}'
|
||||||
- allowed_hosts
|
- allowed_hosts
|
||||||
|
|
@ -73,8 +81,6 @@
|
||||||
|
|
||||||
# No conditionals, it is required to perform base backups when the WAL archive is active
|
# No conditionals, it is required to perform base backups when the WAL archive is active
|
||||||
- name: configure-access | Remove the ident authentication for the local connections
|
- name: configure-access | Remove the ident authentication for the local connections
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
community.postgresql.postgresql_pg_hba:
|
community.postgresql.postgresql_pg_hba:
|
||||||
dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
|
dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
|
||||||
contype: 'local'
|
contype: 'local'
|
||||||
|
|
@ -82,11 +88,12 @@
|
||||||
databases: 'all'
|
databases: 'all'
|
||||||
method: 'ident'
|
method: 'ident'
|
||||||
state: absent
|
state: absent
|
||||||
|
owner: root
|
||||||
|
group: postgres
|
||||||
|
mode: "0640"
|
||||||
notify: Reload postgresql
|
notify: Reload postgresql
|
||||||
|
|
||||||
- name: configure-access | Give local access with replication privileges to the postgres user
|
- name: configure-access | Give local access with replication privileges to the postgres user
|
||||||
become: true
|
|
||||||
become_user: postgres
|
|
||||||
community.postgresql.postgresql_pg_hba:
|
community.postgresql.postgresql_pg_hba:
|
||||||
dest: '{{ psql_conf_dir }}/pg_hba.conf'
|
dest: '{{ psql_conf_dir }}/pg_hba.conf'
|
||||||
contype: 'local'
|
contype: 'local'
|
||||||
|
|
@ -94,4 +101,10 @@
|
||||||
databases: 'replication'
|
databases: 'replication'
|
||||||
method: 'peer'
|
method: 'peer'
|
||||||
state: present
|
state: present
|
||||||
|
owner: root
|
||||||
|
group: postgres
|
||||||
|
mode: "0640"
|
||||||
notify: Reload postgresql
|
notify: Reload postgresql
|
||||||
|
|
||||||
|
- name: configure-access | Flush handlers
|
||||||
|
ansible.builtin.meta: flush_handlers
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue