feat: set up pg_hba.conf
This commit is contained in:
parent
a25aecbd72
commit
dde9b88088
4 changed files with 57 additions and 7 deletions
|
@ -1,11 +1,33 @@
|
||||||
---
|
---
|
||||||
pleroma_config_email: admin@localhost
|
pleroma_config_email: admin@localhost
|
||||||
|
pleroma_config_notify_email: no_reply@{{ pleroma_config_host }}
|
||||||
pleroma_config_host: pleroma.localhost
|
pleroma_config_host: pleroma.localhost
|
||||||
pleroma_config_listeningPort: 4000
|
pleroma_config_listeningPort: 4000
|
||||||
pleroma_config_instanceName: "New Pleroma Instance"
|
pleroma_config_instanceName: Pleroma
|
||||||
|
pleroma_config_instanceDescription: "A new Pleroma instance."
|
||||||
pleroma_config_characterLimit: 5000
|
pleroma_config_characterLimit: 5000
|
||||||
pleroma_config_registrationsOpen: "false"
|
pleroma_config_registrationsOpen: "false"
|
||||||
pleroma_config_dynamicConfiguration: "false"
|
pleroma_config_dynamicConfiguration: "false"
|
||||||
|
pleroma_config_healthCheck: "true"
|
||||||
|
pleroma_config_logLevel: info
|
||||||
|
pleroma_config_federating: "true"
|
||||||
|
|
||||||
plerom_db_user: pleroma
|
pleroma_db_user: pleroma
|
||||||
plerom_db_name: pleroma_db
|
pleroma_db_name: pleroma_db
|
||||||
|
|
||||||
|
pleroma_db_hba:
|
||||||
|
- type: local
|
||||||
|
database: postgres
|
||||||
|
user: postgres
|
||||||
|
address: ""
|
||||||
|
method: peer
|
||||||
|
- type: local
|
||||||
|
database: "{{ pleroma_db_name }}"
|
||||||
|
user: postgres
|
||||||
|
address: ""
|
||||||
|
method: peer
|
||||||
|
- type: host
|
||||||
|
database: "{{ pleroma_db_name }}"
|
||||||
|
user: "{{ pleroma_db_user }}"
|
||||||
|
address: 127.0.0.1/32
|
||||||
|
method: md5
|
||||||
|
|
4
handlers/main.yml
Normal file
4
handlers/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
- name: restart postgres
|
||||||
|
service:
|
||||||
|
name: postgresql
|
||||||
|
state: restarted
|
|
@ -11,16 +11,27 @@
|
||||||
- setup
|
- setup
|
||||||
creates: /var/lib/postgresql/11/data/postgresql.conf
|
creates: /var/lib/postgresql/11/data/postgresql.conf
|
||||||
|
|
||||||
# TODO: Take a look at the postgres configuration file before going into production.
|
# -----------------------------------
|
||||||
# TODO: Take a look at pg_hba before going into production.
|
# TODO: Take a look at the postgres
|
||||||
|
# configuration file before going
|
||||||
|
# into production.
|
||||||
|
# -----------------------------------
|
||||||
|
- name: Postgres -- Ensure that pg_hba.conf is configured.
|
||||||
|
template:
|
||||||
|
src: etc_postgresql_pg_hba.conf.j2
|
||||||
|
dest: /etc/postgresql/pg_hba.conf
|
||||||
|
owner: postgres
|
||||||
|
group: postgres
|
||||||
|
mode: '0400'
|
||||||
|
notify: restart postgres
|
||||||
|
|
||||||
- name: Postgres -- Ensure that PostgreSQL is enabled and started
|
- name: Postgres -- Ensure that PostgreSQL is enabled and started.
|
||||||
service:
|
service:
|
||||||
name: postgresql
|
name: postgresql
|
||||||
enabled: yes
|
enabled: yes
|
||||||
state: started
|
state: started
|
||||||
|
|
||||||
- name: waiting for Postgres to become available.
|
- name: Postgres -- Ensuring that Postgres is available before continuing.
|
||||||
wait_for:
|
wait_for:
|
||||||
connect_timeout: 10
|
connect_timeout: 10
|
||||||
delay: 5
|
delay: 5
|
||||||
|
@ -29,22 +40,29 @@
|
||||||
state: started
|
state: started
|
||||||
|
|
||||||
- name: Postgres -- Ensuring that the database user {{ pleroma_db_user }} exists.
|
- name: Postgres -- Ensuring that the database user {{ pleroma_db_user }} exists.
|
||||||
|
become_user: postgres
|
||||||
postgresql_user:
|
postgresql_user:
|
||||||
db: postgres
|
db: postgres
|
||||||
encrypted: yes
|
encrypted: yes
|
||||||
name: "{{ pleroma_db_user }}"
|
name: "{{ pleroma_db_user }}"
|
||||||
password: "{{ pleroma_db_password }}"
|
password: "{{ pleroma_db_password }}"
|
||||||
state: present
|
state: present
|
||||||
|
vars:
|
||||||
|
ansible_ssh_pipelining: true
|
||||||
|
|
||||||
- name: Postgres -- Ensuring that the database {{ pleroma_db_name }} exists.
|
- name: Postgres -- Ensuring that the database {{ pleroma_db_name }} exists.
|
||||||
|
become_user: postgres
|
||||||
postgresql_db:
|
postgresql_db:
|
||||||
conn_limit: "20"
|
conn_limit: "20"
|
||||||
encoding: UTF-8
|
encoding: UTF-8
|
||||||
name: "{{ pleroma_db_name }}"
|
name: "{{ pleroma_db_name }}"
|
||||||
owner: "{{ pleroma_db_user }}"
|
owner: "{{ pleroma_db_user }}"
|
||||||
state: present
|
state: present
|
||||||
|
vars:
|
||||||
|
ansible_ssh_pipelining: true
|
||||||
|
|
||||||
- name: Postgres -- Ensuring the PostgreSQL extensions is added to the database.
|
- name: Postgres -- Ensuring the PostgreSQL extensions is added to the database.
|
||||||
|
become_user: postgres
|
||||||
postgresql_ext:
|
postgresql_ext:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
db: "{{ pleroma_db_name }}"
|
db: "{{ pleroma_db_name }}"
|
||||||
|
@ -53,3 +71,5 @@
|
||||||
- citext
|
- citext
|
||||||
- pg_trgm
|
- pg_trgm
|
||||||
- uuid-ossp
|
- uuid-ossp
|
||||||
|
vars:
|
||||||
|
ansible_ssh_pipelining: true
|
||||||
|
|
4
templates/etc_postgresql_pg_hba.conf.j2
Normal file
4
templates/etc_postgresql_pg_hba.conf.j2
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# TYPE DATABASE USER ADDRESS METHOD
|
||||||
|
{% for i in pleroma_db_hba %}
|
||||||
|
{{ i.type }} {{ i.database }} {{ i.user }} {{ i.address }} {{ i.method }}
|
||||||
|
{% endfor %}
|
Reference in a new issue