-
Notifications
You must be signed in to change notification settings - Fork 14
/
p_setup-container-postgres.yml
118 lines (100 loc) · 4.17 KB
/
p_setup-container-postgres.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
- name: Setup Postgres VM and Container and Run and Test Containerized PSQL
hosts: postgres
user: "{{ postgres_vm_user }}"
become: true
gather_facts: no
any_errors_fatal: yes
tags:
- postgres
tasks:
- name: Postgres variables should be defined
assert:
that:
- postgres_data_dir != None
- quay_db_admin_username != None
- quay_db_admin_password != None
- quay_db_password != None
- quay_db_password != None
- name: Remove Container
when: remove_postgres_container|bool
block:
- include_role:
name: r_quay
tasks_from: class-remove-container.yml
vars:
service_name: postgres
runtime_user: "{{ postgres_runtime_user }}"
- name: login to {{ image_registry }}
become_user: "{{ postgres_runtime_user }}"
command: "podman login -u={{ image_registry_user }} -p={{ quay_registry_password }} {{ image_registry }}"
- name: Run Postgres container
block:
- name: SSL Certs and hba conf files for Postgresql
when: postgres_ssl_mode|bool
block:
- name: Copy pg_hba config template pg_hba conf
template:
content: "templates/pg_hba.conf.j2"
dest: "{{ postgres_data_dir }}/data/userdata/pg_hba.conf"
owner: "{{ postgres_runtime_user | default(omit) }}"
group: "{{ postgres_runtime_group | default(omit) }}"
mode: "{{ postgres_folder_permissions }}"
- name: Copy postgres config template postgres conf
template:
content: "templates/postgres.conf.j2"
dest: "{{ postgres_data_dir }}/data/userdata/postgres.conf"
owner: "{{ postgres_runtime_user | default(omit) }}"
group: "{{ postgres_runtime_group | default(omit) }}"
mode: "{{ postgres_folder_permissions }}"
- name: Copy CRT
copy:
content: "{{ postgres_ssl_crt }}"
dest: "{{ postgres_data_dir }}/data/server.crt"
owner: "{{ postgres_runtime_user | default(omit) }}"
group: "{{ postgres_runtime_group | default(omit) }}"
mode: "{{ postgres_folder_permissions }}"
- name: Copy KEY
copy:
content: "{{ postgres_ssl_key }}"
dest: "{{ postgres_data_dir }}/data/server.key"
owner: "{{ postgres_runtime_user | default(omit) }}"
group: "{{ postgres_runtime_group | default(omit) }}"
mode: "{{ postgres_folder_permissions }}"
- name: Copy Root CA Cert
copy:
content: "{{ postgres_ssl_ca }}"
dest: "{{ postgres_data_dir }}/data/ca.crt"
owner: "{{ postgres_runtime_user | default(omit) }}"
group: "{{ postgres_runtime_group | default(omit) }}"
mode: "{{ postgres_folder_permissions }}"
- name: Download and Run Postgres Container
become_user: "{{ postgres_runtime_user }}"
command: >
podman run --name postgres
-e POSTGRESQL_ADMIN_USER={{ quay_db_admin_username }}
-e POSTGRESQL_ADMIN_PASSWORD={{ quay_db_admin_password }}
-v {{ postgres_data_dir }}/data:/var/lib/pgsql/data:Z
-p 5432:5432 -d {{ postgres_image }}
register: podman_pid
# -e POSTGRES_HOST_AUTH_METHOD=trust
- name: Wait for PostGres
pause:
seconds: 10
- name: Daemonize Podman
tags: install-service
block:
- include_role:
name: r_quay
tasks_from: class-container-service.yml
vars:
service_name: postgres
runtime_user: "{{ postgres_runtime_user }}"
- name: Postgres Unit Tests
tags: unit-tests
block:
- include_role:
name: r_quay
tasks_from: unit-test-service.yml
vars:
service_name: postgres
runtime_user: "{{ postgres_runtime_user }}"