refactor(ansible): restructure inventory and remove postgres role

Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>
2025-07-12 20:35:26 +02:00
parent cb8ccd8f00
commit 3d7f652ff3
42 changed files with 114 additions and 513 deletions
--- a/roles/k3s_server/tasks/installation.yml
+++ b/roles/k3s_server/tasks/installation.yml
@@ -17,8 +17,6 @@
    /tmp/k3s_install.sh server \
    --node-taint CriticalAddonsOnly=true:NoExecute \
    --tls-san {{ k3s.loadbalancer.ip }}
-  environment:
-    K3S_DATASTORE_ENDPOINT: "{{ k3s_db_connection_string }}"
  become: true
  async: 300
  poll: 0
@@ -53,6 +51,5 @@
    --node-taint CriticalAddonsOnly=true:NoExecute \
    --tls-san {{ k3s.loadbalancer.ip }}
  environment:
-    K3S_DATASTORE_ENDPOINT: "{{ k3s_db_connection_string }}"
    K3S_TOKEN: "{{ hostvars[(hostvars | dict2items | map(attribute='value') | map('dict2items') | map('selectattr', 'key', 'match', 'host') | map('selectattr', 'value.ip', 'match', k3s.server.ips[0] ) | select() | first | items2dict).host.hostname].k3s_token }}"
  become: true
--- a/roles/postgres/handlers/main.yml
+++ b/roles/postgres/handlers/main.yml
@@ -1,6 +0,0 @@
---
- name: Restart postgres
-  ansible.builtin.systemd:
-    name: postgresql
-    state: restarted
-  become: true
--- a/roles/postgres/tasks/ansible_deps.yml
+++ b/roles/postgres/tasks/ansible_deps.yml
@@ -1,10 +0,0 @@
---
- name: Update apt cache
-  ansible.builtin.apt:
-    update_cache: true
-  become: true
-
- name: Install ansible dependencies
-  ansible.builtin.apt:
-    name: "{{ ansible_dependencies }}"
-  become: true
--- a/roles/postgres/tasks/configuration.yml
+++ b/roles/postgres/tasks/configuration.yml
@@ -1,69 +0,0 @@
---
- name: "Create postgres user: {{ db.user }}"
-  community.postgresql.postgresql_user:
-    state: present
-    name: "{{ db.user }}"
-    password: "{{ db.password }}"
-  become: true
-  become_user: "{{ db.default_user.user }}"
-  vars:
-    ansible_remote_temp: "/tmp/"
-
- name: "Create database: {{ db.name }}"
-  community.postgresql.postgresql_db:
-    state: present
-    name: "{{ db.name }}"
-    encoding: UTF8
-    lc_collate: "en_US.UTF-8"
-    lc_ctype: "en_US.UTF-8"
-  become: true
-  become_user: postgres
-  vars:
-    ansible_remote_temp: "/tmp/"
-
- name: "Grant privileges to {{ db.user }}"
-  community.postgresql.postgresql_privs:
-    db: "{{ db.name }}"
-    privs: ALL
-    type: database
-    roles: "{{ db.user }}"
-  become: true
-  become_user: postgres
-  vars:
-    ansible_remote_temp: "/tmp/"
-
- name: "Grant all privileges on schema public to {{ db.user }};"
-  community.postgresql.postgresql_privs:
-    db: "{{ db.name }}"
-    privs: ALL
-    type: schema
-    obj: "public"
-    roles: "{{ db.user }}"
-  become: true
-  become_user: postgres
-  vars:
-    ansible_remote_temp: "/tmp/"
-
- name: "Allow md5 connection for the user {{ db.user }}"
-  community.postgresql.postgresql_pg_hba:
-    dest: "/etc/postgresql/15/main/pg_hba.conf"
-    contype: host
-    databases: all
-    method: md5
-    address: "{{ k3s.net }}"
-    users: "{{ db.user }}"
-    create: false
-  become: true
-  notify:
-    - Restart postgres
-
- name: "Set public listen address"
-  become: true
-  ansible.builtin.lineinfile:
-    dest: "/etc/postgresql/15/main/conf.d/listen.conf"
-    regexp: "^#?listen_addresses="
-    line: "listen_addresses='{{ db.listen_address | default('localhost') }}'"
-    state: present
-    mode: "644"
-    create: true
-  notify: "Restart postgres"
--- a/roles/postgres/tasks/installation.yml
+++ b/roles/postgres/tasks/installation.yml
@@ -1,14 +0,0 @@
---
- name: Install postgres
-  ansible.builtin.apt:
-    name: "{{ postgres_packages }}"
-    state: present
-  become: true
-
- name: Start and enable the service
-  ansible.builtin.systemd:
-    name: postgresql
-    state: started
-    daemon_reload: true
-    enabled: true
-  become: true
--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -1,7 +0,0 @@
---
- name: Install ansible dependencies for this role
-  ansible.builtin.include_tasks: ansible_deps.yml
- name: Install postgres
-  ansible.builtin.include_tasks: installation.yml
- name: Configure Database
-  ansible.builtin.include_tasks: configuration.yml
--- a/roles/postgres/vars/main.yml
+++ b/roles/postgres/vars/main.yml
@@ -1,9 +0,0 @@
-ansible_dependencies:
-  - python3-pip
-  - python3-psycopg
-  - python3-pexpect
-  - acl
-
-postgres_packages:
-  - postgresql
-  - postgresql-client
--- a/roles/postgres_exporter/handlers/main.yml
+++ b/roles/postgres_exporter/handlers/main.yml
@@ -1,6 +0,0 @@
---
- name: "Restart {{ bin_name }}"
-  ansible.builtin.service:
-    name: "{{ bin_name }}"
-    state: restarted
-  become: true
--- a/roles/postgres_exporter/tasks/get_version.yml
+++ b/roles/postgres_exporter/tasks/get_version.yml
@@ -1,18 +0,0 @@
---
- name: Determine latest GitHub release (local)
-  delegate_to: localhost
-  ansible.builtin.uri:
-    url: "https://api.github.com/repos/{{ repository }}/releases/{{ version }}"
-    body_format: json
-  register: _github_release
-  until: _github_release.status == 200
-  retries: 3
-
- name: Set version
-  ansible.builtin.set_fact:
-    tag: "{{ _github_release.json.tag_name
-      | regex_replace('^v?([0-9\\.]+)$', '\\1') }}"
-
- name: Set download_url
-  ansible.builtin.set_fact:
-    download_url: "https://github.com/{{ repository }}/releases/download/v{{ tag }}/{{ bin_name }}-{{ tag }}.linux-{{ go_arch }}.tar.gz"
--- a/roles/postgres_exporter/tasks/install.yml
+++ b/roles/postgres_exporter/tasks/install.yml
@@ -1,29 +0,0 @@
---
- name: Download/Extract "{{ download_url }}"
-  ansible.builtin.unarchive:
-    src: "{{ download_url }}"
-    dest: /tmp/
-    remote_src: true
-    mode: "755"
-
- name: "Move binary into path: {{ bin_path }}"
-  ansible.builtin.copy:
-    src: "/tmp/{{ bin_name }}-{{ tag }}.linux-{{ go_arch }}/{{ bin_name }}"
-    dest: "{{ bin_path }}"
-    mode: "755"
-    remote_src: true
-  become: true
-
- name: "Create user: {{ bin_name }}"
-  ansible.builtin.user:
-    name: "{{ bin_name }}"
-    shell: /sbin/nologin
-    state: present
-  become: true
-
- name: Copy the node_exporter systemd unit file.
-  ansible.builtin.template:
-    src: "{{ bin_name }}.service.j2"
-    dest: "/etc/systemd/system/{{ bin_name }}.service"
-    mode: "644"
-  become: true
--- a/roles/postgres_exporter/tasks/main.yml
+++ b/roles/postgres_exporter/tasks/main.yml
@@ -1,7 +0,0 @@
---
- name: Get Version
-  ansible.builtin.include_tasks: get_version.yml
- name: Install exporter
-  ansible.builtin.include_tasks: install.yml
- name: Create service
-  ansible.builtin.include_tasks: systemd.yml
--- a/roles/postgres_exporter/tasks/systemd.yml
+++ b/roles/postgres_exporter/tasks/systemd.yml
@@ -1,10 +0,0 @@
---
- name: "Ensure service is running and enabled: {{ bin_name }}"
-  ansible.builtin.service:
-    name: "{{ bin_name }}"
-    state: started
-    daemon_reload: true
-    enabled: true
-  notify:
-    - Restart "{{ bin_name }}"
-  become: true
--- a/roles/postgres_exporter/templates/postgres_exporter.service.j2
+++ b/roles/postgres_exporter/templates/postgres_exporter.service.j2
@@ -1,14 +0,0 @@
-[Unit]
-Description=PostgresExporter
-
-[Service]
-TimeoutStartSec=0
-User={{ bin_name }}
-ExecStart={{ bin_path }} --web.listen-address={{ ansible_host }}:{{ bind_port }} {{ options }}
-Environment="DATA_SOURCE_URI=localhost:5432/postgres?sslmode=disable"
-Environment="DATA_SOURCE_USER={{ db.user }}"
-Environment="DATA_SOURCE_PASS={{ db.password }}"
-
-[Install]
-WantedBy=multi-user.target
-
--- a/roles/postgres_exporter/vars/main.yml
+++ b/roles/postgres_exporter/vars/main.yml
@@ -1,16 +0,0 @@
-go_arch_map:
-  i386: "386"
-  x86_64: "amd64"
-  aarch64: "arm64"
-  armv7l: "armv7"
-  armv6l: "armv6"
-
-go_arch: "{{ go_arch_map[ansible_architecture] | default(ansible_architecture) }}"
-
-repository: "prometheus-community/postgres_exporter"
-bind_port: 9187
-version: "latest"
-serve: "localhost"
-options: ""
-bin_name: postgres_exporter
-bin_path: "/usr/local/bin/{{ bin_name }}"