mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
CI tests: fix setup_postgresql_db (#533)
* CI tests: fix setup_postgresql_db * fix * fix * fix * fix * fix * fix
This commit is contained in:
parent
1d1f7ec582
commit
498ace1210
2 changed files with 38 additions and 0 deletions
|
@ -2,10 +2,12 @@
|
||||||
set_fact:
|
set_fact:
|
||||||
python_suffix: ''
|
python_suffix: ''
|
||||||
when: ansible_python_version is version('3', '<')
|
when: ansible_python_version is version('3', '<')
|
||||||
|
|
||||||
- name: python 3
|
- name: python 3
|
||||||
set_fact:
|
set_fact:
|
||||||
python_suffix: -py3
|
python_suffix: -py3
|
||||||
when: ansible_python_version is version('3', '>=')
|
when: ansible_python_version is version('3', '>=')
|
||||||
|
|
||||||
- name: Include distribution and Python version specific variables
|
- name: Include distribution and Python version specific variables
|
||||||
include_vars: '{{ lookup(''first_found'', params) }}'
|
include_vars: '{{ lookup(''first_found'', params) }}'
|
||||||
vars:
|
vars:
|
||||||
|
@ -17,26 +19,31 @@
|
||||||
- default{{ python_suffix }}.yml
|
- default{{ python_suffix }}.yml
|
||||||
paths:
|
paths:
|
||||||
- '{{ role_path }}/vars'
|
- '{{ role_path }}/vars'
|
||||||
|
|
||||||
- name: make sure the dbus service is started under systemd
|
- name: make sure the dbus service is started under systemd
|
||||||
systemd:
|
systemd:
|
||||||
name: dbus
|
name: dbus
|
||||||
state: started
|
state: started
|
||||||
when: ansible_service_mgr == 'systemd' and ansible_distribution == 'Fedora'
|
when: ansible_service_mgr == 'systemd' and ansible_distribution == 'Fedora'
|
||||||
|
|
||||||
- name: stop postgresql service
|
- name: stop postgresql service
|
||||||
service: name={{ postgresql_service }} state=stopped
|
service: name={{ postgresql_service }} state=stopped
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
|
|
||||||
- name: remove old db (RedHat or Suse)
|
- name: remove old db (RedHat or Suse)
|
||||||
file:
|
file:
|
||||||
path: '{{ pg_dir }}'
|
path: '{{ pg_dir }}'
|
||||||
state: absent
|
state: absent
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
when: ansible_os_family == "RedHat" or ansible_os_family == "Suse"
|
when: ansible_os_family == "RedHat" or ansible_os_family == "Suse"
|
||||||
|
|
||||||
- name: remove old db (FreeBSD)
|
- name: remove old db (FreeBSD)
|
||||||
file:
|
file:
|
||||||
path: '{{ pg_dir }}'
|
path: '{{ pg_dir }}'
|
||||||
state: absent
|
state: absent
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
when: ansible_os_family == "FreeBSD"
|
when: ansible_os_family == "FreeBSD"
|
||||||
|
|
||||||
- name: remove old db config and files (debian)
|
- name: remove old db config and files (debian)
|
||||||
file:
|
file:
|
||||||
path: '{{ loop_item }}'
|
path: '{{ loop_item }}'
|
||||||
|
@ -48,6 +55,7 @@
|
||||||
- /var/lib/postgresql
|
- /var/lib/postgresql
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: loop_item
|
loop_var: loop_item
|
||||||
|
|
||||||
- name: install dependencies for postgresql test
|
- name: install dependencies for postgresql test
|
||||||
package:
|
package:
|
||||||
name: '{{ postgresql_package_item }}'
|
name: '{{ postgresql_package_item }}'
|
||||||
|
@ -55,23 +63,29 @@
|
||||||
with_items: '{{ postgresql_packages }}'
|
with_items: '{{ postgresql_packages }}'
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: postgresql_package_item
|
loop_var: postgresql_package_item
|
||||||
|
|
||||||
- name: initialize postgres (FreeBSD)
|
- name: initialize postgres (FreeBSD)
|
||||||
command: /usr/local/etc/rc.d/postgresql oneinitdb
|
command: /usr/local/etc/rc.d/postgresql oneinitdb
|
||||||
when: ansible_os_family == "FreeBSD"
|
when: ansible_os_family == "FreeBSD"
|
||||||
|
|
||||||
- name: Initialize postgres (RedHat systemd)
|
- name: Initialize postgres (RedHat systemd)
|
||||||
command: postgresql-setup initdb
|
command: postgresql-setup initdb
|
||||||
when: ansible_os_family == "RedHat" and ansible_service_mgr == "systemd"
|
when: ansible_os_family == "RedHat" and ansible_service_mgr == "systemd"
|
||||||
|
|
||||||
- name: Initialize postgres (RedHat sysv)
|
- name: Initialize postgres (RedHat sysv)
|
||||||
command: /sbin/service postgresql initdb
|
command: /sbin/service postgresql initdb
|
||||||
when: ansible_os_family == "RedHat" and ansible_service_mgr != "systemd"
|
when: ansible_os_family == "RedHat" and ansible_service_mgr != "systemd"
|
||||||
|
|
||||||
- name: Initialize postgres (Debian)
|
- name: Initialize postgres (Debian)
|
||||||
shell: . /usr/share/postgresql-common/maintscripts-functions && set_system_locale && /usr/bin/pg_createcluster -u postgres {{ pg_ver }} main
|
shell: . /usr/share/postgresql-common/maintscripts-functions && set_system_locale && /usr/bin/pg_createcluster -u postgres {{ pg_ver }} main
|
||||||
args:
|
args:
|
||||||
creates: /etc/postgresql/{{ pg_ver }}/
|
creates: /etc/postgresql/{{ pg_ver }}/
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
||||||
- name: Initialize postgres (Suse)
|
- name: Initialize postgres (Suse)
|
||||||
service: name=postgresql state=restarted
|
service: name=postgresql state=restarted
|
||||||
when: ansible_os_family == 'Suse'
|
when: ansible_os_family == 'Suse'
|
||||||
|
|
||||||
- name: Copy pg_hba into place
|
- name: Copy pg_hba into place
|
||||||
template:
|
template:
|
||||||
src: files/pg_hba.conf
|
src: files/pg_hba.conf
|
||||||
|
@ -79,6 +93,7 @@
|
||||||
owner: '{{ pg_user }}'
|
owner: '{{ pg_user }}'
|
||||||
group: '{{ pg_group }}'
|
group: '{{ pg_group }}'
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
|
|
||||||
- name: Generate locales (Debian)
|
- name: Generate locales (Debian)
|
||||||
locale_gen:
|
locale_gen:
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
|
@ -87,6 +102,7 @@
|
||||||
- pt_BR
|
- pt_BR
|
||||||
- es_ES
|
- es_ES
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
- name: Install langpacks (RHEL8)
|
- name: Install langpacks (RHEL8)
|
||||||
yum:
|
yum:
|
||||||
|
@ -96,6 +112,7 @@
|
||||||
- glibc-all-langpacks
|
- glibc-all-langpacks
|
||||||
state: present
|
state: present
|
||||||
when: ansible_distribution_major_version is version('8', '>=')
|
when: ansible_distribution_major_version is version('8', '>=')
|
||||||
|
|
||||||
- name: Check if locales need to be generated (RedHat)
|
- name: Check if locales need to be generated (RedHat)
|
||||||
shell: localedef --list-archive | grep -a -q '^{{ locale }}$'
|
shell: localedef --list-archive | grep -a -q '^{{ locale }}$'
|
||||||
register: locale_present
|
register: locale_present
|
||||||
|
@ -105,16 +122,19 @@
|
||||||
- pt_BR
|
- pt_BR
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: locale
|
loop_var: locale
|
||||||
|
|
||||||
- name: Reinstall internationalization files
|
- name: Reinstall internationalization files
|
||||||
shell: yum -y reinstall glibc-common || yum -y install glibc-common
|
shell: yum -y reinstall glibc-common || yum -y install glibc-common
|
||||||
args:
|
args:
|
||||||
warn: false
|
warn: false
|
||||||
when: locale_present is failed
|
when: locale_present is failed
|
||||||
|
|
||||||
- name: Generate locale (RedHat)
|
- name: Generate locale (RedHat)
|
||||||
command: localedef -f ISO-8859-1 -i {{ item.locale }} {{ item.locale }}
|
command: localedef -f ISO-8859-1 -i {{ item.locale }} {{ item.locale }}
|
||||||
when: item is failed
|
when: item is failed
|
||||||
with_items: '{{ locale_present.results }}'
|
with_items: '{{ locale_present.results }}'
|
||||||
when: ansible_os_family == 'RedHat' and ansible_distribution != 'Fedora'
|
when: ansible_os_family == 'RedHat' and ansible_distribution != 'Fedora'
|
||||||
|
|
||||||
- name: Install glibc langpacks (Fedora >= 24)
|
- name: Install glibc langpacks (Fedora >= 24)
|
||||||
package:
|
package:
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
|
@ -123,21 +143,26 @@
|
||||||
- glibc-langpack-es
|
- glibc-langpack-es
|
||||||
- glibc-langpack-pt
|
- glibc-langpack-pt
|
||||||
when: ansible_distribution == 'Fedora' and ansible_distribution_major_version is version('24', '>=')
|
when: ansible_distribution == 'Fedora' and ansible_distribution_major_version is version('24', '>=')
|
||||||
|
|
||||||
- name: enable postgresql service (FreeBSD)
|
- name: enable postgresql service (FreeBSD)
|
||||||
lineinfile:
|
lineinfile:
|
||||||
path: /etc/rc.conf
|
path: /etc/rc.conf
|
||||||
line: postgresql_enable="YES"
|
line: postgresql_enable="YES"
|
||||||
when: ansible_os_family == "FreeBSD"
|
when: ansible_os_family == "FreeBSD"
|
||||||
|
|
||||||
- name: start postgresql service
|
- name: start postgresql service
|
||||||
service: name={{ postgresql_service }} state=started
|
service: name={{ postgresql_service }} state=started
|
||||||
|
|
||||||
- name: restart postgresql service
|
- name: restart postgresql service
|
||||||
service: name={{ postgresql_service }} state=restarted
|
service: name={{ postgresql_service }} state=restarted
|
||||||
|
|
||||||
- name: copy control file for dummy ext
|
- name: copy control file for dummy ext
|
||||||
copy:
|
copy:
|
||||||
src: dummy.control
|
src: dummy.control
|
||||||
dest: /usr/share/postgresql/{{ pg_ver }}/extension/dummy.control
|
dest: /usr/share/postgresql/{{ pg_ver }}/extension/dummy.control
|
||||||
mode: '0444'
|
mode: '0444'
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
||||||
- name: copy version files for dummy ext
|
- name: copy version files for dummy ext
|
||||||
copy:
|
copy:
|
||||||
src: '{{ item }}'
|
src: '{{ item }}'
|
||||||
|
@ -148,6 +173,7 @@
|
||||||
- dummy--2.0.sql
|
- dummy--2.0.sql
|
||||||
- dummy--3.0.sql
|
- dummy--3.0.sql
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
||||||
- name: add update paths
|
- name: add update paths
|
||||||
file:
|
file:
|
||||||
path: /usr/share/postgresql/{{ pg_ver }}/extension/{{ item }}
|
path: /usr/share/postgresql/{{ pg_ver }}/extension/{{ item }}
|
||||||
|
@ -157,14 +183,17 @@
|
||||||
- dummy--1.0--2.0.sql
|
- dummy--1.0--2.0.sql
|
||||||
- dummy--2.0--3.0.sql
|
- dummy--2.0--3.0.sql
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
||||||
- name: Get PostgreSQL version
|
- name: Get PostgreSQL version
|
||||||
become_user: '{{ pg_user }}'
|
become_user: '{{ pg_user }}'
|
||||||
become: true
|
become: true
|
||||||
shell: echo 'SHOW SERVER_VERSION' | psql --tuples-only --no-align --dbname postgres
|
shell: echo 'SHOW SERVER_VERSION' | psql --tuples-only --no-align --dbname postgres
|
||||||
register: postgres_version_resp
|
register: postgres_version_resp
|
||||||
|
|
||||||
- name: Print PostgreSQL server version
|
- name: Print PostgreSQL server version
|
||||||
debug:
|
debug:
|
||||||
msg: '{{ postgres_version_resp.stdout }}'
|
msg: '{{ postgres_version_resp.stdout }}'
|
||||||
|
|
||||||
- import_tasks: ssl.yml
|
- import_tasks: ssl.yml
|
||||||
when:
|
when:
|
||||||
- ansible_os_family == 'Debian'
|
- ansible_os_family == 'Debian'
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
become: true
|
become: true
|
||||||
postgresql_db:
|
postgresql_db:
|
||||||
name: '{{ ssl_db }}'
|
name: '{{ ssl_db }}'
|
||||||
|
|
||||||
- name: postgresql SSL - create role
|
- name: postgresql SSL - create role
|
||||||
become_user: '{{ pg_user }}'
|
become_user: '{{ pg_user }}'
|
||||||
become: true
|
become: true
|
||||||
|
@ -10,25 +11,31 @@
|
||||||
name: '{{ ssl_user }}'
|
name: '{{ ssl_user }}'
|
||||||
role_attr_flags: SUPERUSER
|
role_attr_flags: SUPERUSER
|
||||||
password: '{{ ssl_pass }}'
|
password: '{{ ssl_pass }}'
|
||||||
|
|
||||||
- name: postgresql SSL - install openssl
|
- name: postgresql SSL - install openssl
|
||||||
become: true
|
become: true
|
||||||
package: name=openssl state=present
|
package: name=openssl state=present
|
||||||
|
|
||||||
- name: postgresql SSL - create certs 1
|
- name: postgresql SSL - create certs 1
|
||||||
become_user: root
|
become_user: root
|
||||||
become: true
|
become: true
|
||||||
shell: openssl req -new -nodes -text -out ~{{ pg_user }}/root.csr \ -keyout ~{{ pg_user }}/root.key -subj "/CN=localhost.local"
|
shell: openssl req -new -nodes -text -out ~{{ pg_user }}/root.csr \ -keyout ~{{ pg_user }}/root.key -subj "/CN=localhost.local"
|
||||||
|
|
||||||
- name: postgresql SSL - create certs 2
|
- name: postgresql SSL - create certs 2
|
||||||
become_user: root
|
become_user: root
|
||||||
become: true
|
become: true
|
||||||
shell: openssl x509 -req -in ~{{ pg_user }}/root.csr -text -days 3650 \ -extensions v3_ca -signkey ~{{ pg_user }}/root.key -out ~{{ pg_user }}/root.crt
|
shell: openssl x509 -req -in ~{{ pg_user }}/root.csr -text -days 3650 \ -extensions v3_ca -signkey ~{{ pg_user }}/root.key -out ~{{ pg_user }}/root.crt
|
||||||
|
|
||||||
- name: postgresql SSL - create certs 3
|
- name: postgresql SSL - create certs 3
|
||||||
become_user: root
|
become_user: root
|
||||||
become: true
|
become: true
|
||||||
shell: openssl req -new -nodes -text -out ~{{ pg_user }}/server.csr \ -keyout ~{{ pg_user }}/server.key -subj "/CN=localhost.local"
|
shell: openssl req -new -nodes -text -out ~{{ pg_user }}/server.csr \ -keyout ~{{ pg_user }}/server.key -subj "/CN=localhost.local"
|
||||||
|
|
||||||
- name: postgresql SSL - create certs 4
|
- name: postgresql SSL - create certs 4
|
||||||
become_user: root
|
become_user: root
|
||||||
become: true
|
become: true
|
||||||
shell: openssl x509 -req -in ~{{ pg_user }}/server.csr -text -days 365 \ -CA ~{{ pg_user }}/root.crt -CAkey ~{{ pg_user }}/root.key -CAcreateserial -out server.crt
|
shell: openssl x509 -req -in ~{{ pg_user }}/server.csr -text -days 365 \ -CA ~{{ pg_user }}/root.crt -CAkey ~{{ pg_user }}/root.key -CAcreateserial -out server.crt
|
||||||
|
|
||||||
- name: postgresql SSL - set right permissions to files
|
- name: postgresql SSL - set right permissions to files
|
||||||
become_user: root
|
become_user: root
|
||||||
become: true
|
become: true
|
||||||
|
@ -42,6 +49,7 @@
|
||||||
- ~{{ pg_user }}/server.key
|
- ~{{ pg_user }}/server.key
|
||||||
- ~{{ pg_user }}/root.crt
|
- ~{{ pg_user }}/root.crt
|
||||||
- ~{{ pg_user }}/server.csr
|
- ~{{ pg_user }}/server.csr
|
||||||
|
|
||||||
- name: postgresql SSL - enable SSL
|
- name: postgresql SSL - enable SSL
|
||||||
become_user: '{{ pg_user }}'
|
become_user: '{{ pg_user }}'
|
||||||
become: true
|
become: true
|
||||||
|
@ -50,6 +58,7 @@
|
||||||
db: postgres
|
db: postgres
|
||||||
name: ssl
|
name: ssl
|
||||||
value: true
|
value: true
|
||||||
|
|
||||||
- name: postgresql SSL - reload PostgreSQL to enable ssl on
|
- name: postgresql SSL - reload PostgreSQL to enable ssl on
|
||||||
become: true
|
become: true
|
||||||
service:
|
service:
|
||||||
|
|
Loading…
Reference in a new issue