Refactoring defaults for db and users

dtrdnk · May 17, 2024 · e66ef52 · e66ef52
1 parent 00c1357
commit e66ef52
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 17 deletions.
diff --git a/config_pgcluster.yml b/config_pgcluster.yml
@@ -127,7 +127,8 @@
         firewall_additional_rules: "{{ firewall_rules_dynamic_var | default([]) | unique }}"
       when: firewall_enabled_at_boot | bool
       tags: firewall
-
+    - role: pg_cluster_defaults
+      tags: always
     - role: hostname
     - role: resolv_conf
     - role: etc_hosts

diff --git a/roles/postgresql-databases/defaults/main.yml b/roles/postgresql-databases/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+# (optional) list of databases to be created (if not already exists)
+postgresql_databases: []
+#  - { db: "mydatabase", encoding: "UTF8", lc_collate: "ru_RU.UTF-8", lc_ctype: "ru_RU.UTF-8", owner: "mydb-user" }
+#  - { db: "mydatabase2", encoding: "UTF8", lc_collate: "ru_RU.UTF-8", lc_ctype: "ru_RU.UTF-8", owner: "mydb-user", conn_limit: "50" }
+#  - { db: "", encoding: "UTF8", lc_collate: "en_US.UTF-8", lc_ctype: "en_US.UTF-8", owner: "" }
+#  - { db: "", encoding: "UTF8", lc_collate: "en_US.UTF-8", lc_ctype: "en_US.UTF-8", owner: "" }
diff --git a/roles/postgresql-users/defaults/main.yml b/roles/postgresql-users/defaults/main.yml
@@ -0,0 +1,9 @@
+---
+# (optional) list of users to be created (if not already exists)
+postgresql_users:
+  - { name: "{{ pgbouncer_auth_username }}", password: "{{ pgbouncer_auth_password }}", flags: "LOGIN", role: "" }
+#  - { name: "monitoring_auth_username", password: "monitoring_user_password", flags: "LOGIN", role: "pg_monitor" } # monitoring Service Account
+#  - { name: "mydb-user", password: "mydb-user-pass", flags: "SUPERUSER" }
+#  - { name: "", password: "", flags: "NOSUPERUSER" }
+#  - { name: "", password: "", flags: "NOSUPERUSER" }
+#  - { name: "", password: "", flags: "NOLOGIN" }
diff --git a/vars/main.yml b/vars/main.yml
@@ -153,22 +153,6 @@ postgresql_locale: "en_US.UTF-8"  # for bootstrap only (initdb)
 postgresql_data_checksums: true  # for bootstrap only (initdb)
 postgresql_password_encryption_algorithm: "scram-sha-256"  # or "md5" if your clients do not work with passwords encrypted with SCRAM-SHA-256
 
-# (optional) list of users to be created (if not already exists)
-postgresql_users:
-  - { name: "{{ pgbouncer_auth_username }}", password: "{{ pgbouncer_auth_password }}", flags: "LOGIN", role: "" }
-#  - { name: "monitoring_auth_username", password: "monitoring_user_password", flags: "LOGIN", role: "pg_monitor" } # monitoring Service Account
-#  - { name: "mydb-user", password: "mydb-user-pass", flags: "SUPERUSER" }
-#  - { name: "", password: "", flags: "NOSUPERUSER" }
-#  - { name: "", password: "", flags: "NOSUPERUSER" }
-#  - { name: "", password: "", flags: "NOLOGIN" }
-
-# (optional) list of databases to be created (if not already exists)
-postgresql_databases: []
-#  - { db: "mydatabase", encoding: "UTF8", lc_collate: "ru_RU.UTF-8", lc_ctype: "ru_RU.UTF-8", owner: "mydb-user" }
-#  - { db: "mydatabase2", encoding: "UTF8", lc_collate: "ru_RU.UTF-8", lc_ctype: "ru_RU.UTF-8", owner: "mydb-user", conn_limit: "50" }
-#  - { db: "", encoding: "UTF8", lc_collate: "en_US.UTF-8", lc_ctype: "en_US.UTF-8", owner: "" }
-#  - { db: "", encoding: "UTF8", lc_collate: "en_US.UTF-8", lc_ctype: "en_US.UTF-8", owner: "" }
-
 # (optional) list of schemas to be created (if not already exists)
 postgresql_schemas: []
 #  - { schema: "myschema", db: "mydatabase", owner: "mydb-user" }