From 523152d08ec4565bd06407f59820200e9dfd737c Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Thu, 8 Apr 2021 14:14:21 +0200
Subject: [PATCH] Setup the trust for the recovery user.

---
 tasks/postgres_pgpool.yml | 28 ++++++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/tasks/postgres_pgpool.yml b/tasks/postgres_pgpool.yml
index 6325f6c..41249ea 100644
--- a/tasks/postgres_pgpool.yml
+++ b/tasks/postgres_pgpool.yml
@@ -7,7 +7,7 @@
     - ansible_distribution_file_variety == "Debian"
   tags: [ 'postgresql', 'postgres', 'pgpool' ]
 
-- name: PgPool II configuration
+- name: PgPool II users setup
   block:
   - name: Add the postgres user that will manage the recovery, if not postgres
     become: True
@@ -34,8 +34,28 @@
       - ('{{ pgpool_recovery_user }}' != 'postgres')
       - pgpool_recovery_user_pwd is defined
 
+  - name: Configure the replication user permissions on deb
+    postgresql_pg_hba:
+      dest: '{{ psql_conf_dir }}/pg_hba.conf'
+      contype: host
+      users: '{{ pgpool_recovery_user }}'
+      address: '{{ item.0.name }}'
+      databases: 'all'
+      method: 'trust'
+      state: present
+    with_subelements:
+      - '{{ psql_db_data | default([]) }}'
+      - allowed_hosts
+    when:
+      - psql_db_data is defined
+      - item.1 is defined
+      - pgpool_recovery_user_pwd is not defined
+    notify: Reload postgresql
+
+  - meta: flush_handlers
+
   - name: Create the ssh keys for the recovery user
-    user: user={{ pgpool_recovery_user }} generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa ssh_key_type=rsa
+    user: user={{ pgpool_recovery_user }} generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa ssh_key_type=ed25519
 
   - name: Remember to trust the ssh keys between the two nodes
     debug:
@@ -47,6 +67,10 @@
       - '{{ pgpool_backends | default([]) }}'
       - [ '{{ pgpool_recovery_stage1_script }}', '{{ pgpool_recovery_stage2_script }}', '{{ pgpool_remote_start_script }}' ]
 
+  tags: [ 'postgresql', 'postgres', 'pgpool', 'pgpool_user' ]
+
+- name: PgPool II postgres setup
+  block:
   - name: Set the postgresql configuration parameters needed by pgpool
     action: configfile path={{ psql_conf_dir }}/postgresql.conf key={{ item.name }} value="{{ item.value }}"
     with_items: '{{ psql_wal_files_conf }}'