ansible/roles/postgres/tasks/configuration.yml

---
- name: "Create postgres user: {{ db.user }}"
  community.postgresql.postgresql_user:
    state: present
    name: "{{ db.user }}"
    password: "{{ db.password }}"
  become: true
  become_user: "{{ db.default_user.user }}"
  vars:
    ansible_remote_temp: "/tmp/"

- name: "Create database: {{ db.name }}"
  community.postgresql.postgresql_db:
    state: present
    name: "{{ db.name }}"
    encoding: UTF8
    lc_collate: "en_US.UTF-8"
    lc_ctype: "en_US.UTF-8"
  become: yes
  become_user: postgres
  vars:
    ansible_remote_temp: "/tmp/"

- name: "Grant {{ db.user }} user access to db {{ db.name }}"
  postgresql_privs:
    type: database
    database: "{{ db.name }}"
    roles: "{{ db.user }}"
    grant_option: no
    privs: all
  become: yes
  become_user: postgres
  vars:
    ansible_remote_temp: "/tmp/"

- name: "Allow md5 connection for the {{ db.user }} user"
  postgresql_pg_hba:
    dest: "~/15/main/pg_hba.conf"
    contype: host
    databases: all
    method: md5
    users: "{{ db.user }}"
    create: true
  become: yes
  become_user: postgres
  notify:
    - Restart postgres
  vars:
    ansible_remote_temp: "/tmp/"
Finished lb and db Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev> 2024-09-19 23:10:00 +02:00			`---`
			`- name: "Create postgres user: {{ db.user }}"`
			`community.postgresql.postgresql_user:`
			`state: present`
			`name: "{{ db.user }}"`
			`password: "{{ db.password }}"`
			`become: true`
			`become_user: "{{ db.default_user.user }}"`
			`vars:`
			`ansible_remote_temp: "/tmp/"`

			`- name: "Create database: {{ db.name }}"`
			`community.postgresql.postgresql_db:`
			`state: present`
			`name: "{{ db.name }}"`
			`encoding: UTF8`
			`lc_collate: "en_US.UTF-8"`
			`lc_ctype: "en_US.UTF-8"`
			`become: yes`
			`become_user: postgres`
			`vars:`
			`ansible_remote_temp: "/tmp/"`

			`- name: "Grant {{ db.user }} user access to db {{ db.name }}"`
			`postgresql_privs:`
			`type: database`
			`database: "{{ db.name }}"`
			`roles: "{{ db.user }}"`
			`grant_option: no`
			`privs: all`
			`become: yes`
			`become_user: postgres`
			`vars:`
			`ansible_remote_temp: "/tmp/"`

			`- name: "Allow md5 connection for the {{ db.user }} user"`
			`postgresql_pg_hba:`
			`dest: "~/15/main/pg_hba.conf"`
			`contype: host`
			`databases: all`
			`method: md5`
			`users: "{{ db.user }}"`
			`create: true`
			`become: yes`
			`become_user: postgres`
			`notify:`
			`- Restart postgres`
			`vars:`
			`ansible_remote_temp: "/tmp/"`