/postgresql

Fairly full featured Ansible role for Postgresql.

Primary LanguageJinjaMIT LicenseMIT

ANXS - PostgreSQL Build Status


Help Wanted! If you are able and willing to help maintain this Ansible role then please open a GitHub issue. A lot of people seem to use this role and we (quite obviously) need assistance! πŸ’–

Ansible role which installs and configures PostgreSQL, extensions, databases and users.

Installation

This has been tested on Ansible 2.4.0 and higher.

To install:

ansible-galaxy install anxs.postgresql

Example Playbook

An example how to include this role:

---
- hosts: postgresql-server
  roles:
    - role: ANXS.postgresql
      become: yes

An example how to include this role as a task:

---
- hosts: postgresql-server
  tasks:
    - block: # workaround, see https://stackoverflow.com/a/56558842
        - name: PSQL installation and configuration
          include_role:
            name: ANXS.postgresql
          vars:
            postgresql_users:
              - name: abc
                password: abc
      become: true

Dependencies

  • ANXS.monit (Galaxy/GH) if you want monit protection (in that case, you should set monit_protection: true)

Compatibility matrix

Distribution / PostgreSQL 10 11 12 13 14 15
CentOS 7.x βœ… βœ… βœ… βœ… ❔ ❔
CentOS 8.x βœ… βœ… βœ… βœ… ❔ ❔
Debian 9.x βœ… βœ… βœ… βœ… ❔ ❔
Debian 10.x ❔ ❔ ❔ ❔ ❔ ❔
Debian 11.x ❔ ❔ ❔ ❔ ❔ βœ…
Ubuntu 16.04.x βœ… βœ… βœ… βœ… ❔ ❔
Ubuntu 18.04.x βœ… βœ… βœ… βœ… ❔ ❔
Ubuntu 20.04.x βœ… βœ… βœ… βœ… ❔ ❔
Ubuntu 22.04.x βœ… βœ… βœ… βœ… ❔ βœ…
Fedora 37 ❔ ❔ ❔ ❔ ❔ ❔
  • βœ… - tested, works fine
  • ⚠️ - Not for production use
  • ❔ - will work in the future (help out if you can)
  • ⁉️ - maybe works, not tested
  • β›” - Has reached End of Life (EOL)

Variables

# Basic settings
postgresql_version: 15
postgresql_encoding: "UTF-8"
postgresql_locale: "en_US.UTF-8"
postgresql_ctype: "en_US.UTF-8"

postgresql_admin_user: "postgres"
postgresql_default_auth_method: "peer"

postgresql_service_enabled: false # should the service be enabled, default is true

postgresql_cluster_name: "main"
postgresql_cluster_reset: false

# List of databases to be created (optional)
# Note: for more flexibility with extensions use the postgresql_database_extensions setting.
postgresql_databases:
  - name: foobar
    owner: baz          # optional; specify the owner of the database
    hstore: yes         # flag to install the hstore extension on this database (yes/no)
    uuid_ossp: yes      # flag to install the uuid-ossp extension on this database (yes/no)
    citext: yes         # flag to install the citext extension on this database (yes/no)
    encoding: "UTF-8"   # override global {{ postgresql_encoding }} variable per database
    state: "present"    # optional; one of 'present', 'absent', 'dump', 'restore'
    lc_collate: "en_GB.UTF-8"   # override global {{ postgresql_locale }} variable per database
    lc_ctype: "en_GB.UTF-8"     # override global {{ postgresql_ctype }} variable per database

# List of database extensions to be created (optional)
postgresql_database_extensions:
  - db: foobar
    extensions:
      - hstore
      - citext

# List of users to be created (optional)
postgresql_users:
  - name: baz
    pass: pass
    encrypted: yes  # if password should be encrypted, postgresql >= 10 does only accepts encrypted passwords
    state: "present"    # optional; one of 'present', 'absent'

# List of schemas to be created (optional)
postgresql_database_schemas:
  - database: foobar           # database name
    schema: acme               # schema name
    state: present

  - database: foobar           # database name
    schema: acme_baz           # schema name
    owner: baz                 # owner name
    state: present

# List of user privileges to be applied (optional)
postgresql_user_privileges:
  - name: baz                   # user name
    db: foobar                  # database
    priv: "ALL"                 # privilege string format: example: INSERT,UPDATE/table:SELECT/anothertable:ALL
    role_attr_flags: "CREATEDB" # role attribute flags

There's a lot more knobs and bolts to set, which you can find in the defaults/main.yml

Testing - Molecule

This project comes with a molecule configuration. Please see ./molecule/README.md

Examples:

molecule test

Testing - Vagrant

This project comes with a Vagrantfile, this is a fast and easy way to test changes to the role, fire it up with vagrant up

See vagrant docs for getting setup with vagrant

Once your VM is up, you can reprovision it using either vagrant provision, or ansible-playbook tests/playbook.yml -i vagrant-inventory

If you want to toy with the test play, see tests/playbook.yml, and change the variables in tests/vars.yml

If you are contributing, please first test your changes within the vagrant environment, (using the targeted distribution), and if possible, ensure your change is covered in the tests found in .travis.yml

License

Licensed under the MIT License. See the LICENSE file for details.

Thanks

Creator:

Maintainers:

Top Contributors:

Feedback, bug-reports, requests, ...

Are welcome!