1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

CI tests: fix setup_postgresql_db (#533)

* CI tests: fix setup_postgresql_db

* fix

* fix

* fix

* fix

* fix

* fix
This commit is contained in:
Andrew Klychkov 2020-06-18 12:11:40 +03:00 committed by GitHub
parent 1d1f7ec582
commit 498ace1210
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 38 additions and 0 deletions

View file

@ -2,10 +2,12 @@
set_fact: set_fact:
python_suffix: '' python_suffix: ''
when: ansible_python_version is version('3', '<') when: ansible_python_version is version('3', '<')
- name: python 3 - name: python 3
set_fact: set_fact:
python_suffix: -py3 python_suffix: -py3
when: ansible_python_version is version('3', '>=') when: ansible_python_version is version('3', '>=')
- name: Include distribution and Python version specific variables - name: Include distribution and Python version specific variables
include_vars: '{{ lookup(''first_found'', params) }}' include_vars: '{{ lookup(''first_found'', params) }}'
vars: vars:
@ -17,26 +19,31 @@
- default{{ python_suffix }}.yml - default{{ python_suffix }}.yml
paths: paths:
- '{{ role_path }}/vars' - '{{ role_path }}/vars'
- name: make sure the dbus service is started under systemd - name: make sure the dbus service is started under systemd
systemd: systemd:
name: dbus name: dbus
state: started state: started
when: ansible_service_mgr == 'systemd' and ansible_distribution == 'Fedora' when: ansible_service_mgr == 'systemd' and ansible_distribution == 'Fedora'
- name: stop postgresql service - name: stop postgresql service
service: name={{ postgresql_service }} state=stopped service: name={{ postgresql_service }} state=stopped
ignore_errors: true ignore_errors: true
- name: remove old db (RedHat or Suse) - name: remove old db (RedHat or Suse)
file: file:
path: '{{ pg_dir }}' path: '{{ pg_dir }}'
state: absent state: absent
ignore_errors: true ignore_errors: true
when: ansible_os_family == "RedHat" or ansible_os_family == "Suse" when: ansible_os_family == "RedHat" or ansible_os_family == "Suse"
- name: remove old db (FreeBSD) - name: remove old db (FreeBSD)
file: file:
path: '{{ pg_dir }}' path: '{{ pg_dir }}'
state: absent state: absent
ignore_errors: true ignore_errors: true
when: ansible_os_family == "FreeBSD" when: ansible_os_family == "FreeBSD"
- name: remove old db config and files (debian) - name: remove old db config and files (debian)
file: file:
path: '{{ loop_item }}' path: '{{ loop_item }}'
@ -48,6 +55,7 @@
- /var/lib/postgresql - /var/lib/postgresql
loop_control: loop_control:
loop_var: loop_item loop_var: loop_item
- name: install dependencies for postgresql test - name: install dependencies for postgresql test
package: package:
name: '{{ postgresql_package_item }}' name: '{{ postgresql_package_item }}'
@ -55,23 +63,29 @@
with_items: '{{ postgresql_packages }}' with_items: '{{ postgresql_packages }}'
loop_control: loop_control:
loop_var: postgresql_package_item loop_var: postgresql_package_item
- name: initialize postgres (FreeBSD) - name: initialize postgres (FreeBSD)
command: /usr/local/etc/rc.d/postgresql oneinitdb command: /usr/local/etc/rc.d/postgresql oneinitdb
when: ansible_os_family == "FreeBSD" when: ansible_os_family == "FreeBSD"
- name: Initialize postgres (RedHat systemd) - name: Initialize postgres (RedHat systemd)
command: postgresql-setup initdb command: postgresql-setup initdb
when: ansible_os_family == "RedHat" and ansible_service_mgr == "systemd" when: ansible_os_family == "RedHat" and ansible_service_mgr == "systemd"
- name: Initialize postgres (RedHat sysv) - name: Initialize postgres (RedHat sysv)
command: /sbin/service postgresql initdb command: /sbin/service postgresql initdb
when: ansible_os_family == "RedHat" and ansible_service_mgr != "systemd" when: ansible_os_family == "RedHat" and ansible_service_mgr != "systemd"
- name: Initialize postgres (Debian) - name: Initialize postgres (Debian)
shell: . /usr/share/postgresql-common/maintscripts-functions && set_system_locale && /usr/bin/pg_createcluster -u postgres {{ pg_ver }} main shell: . /usr/share/postgresql-common/maintscripts-functions && set_system_locale && /usr/bin/pg_createcluster -u postgres {{ pg_ver }} main
args: args:
creates: /etc/postgresql/{{ pg_ver }}/ creates: /etc/postgresql/{{ pg_ver }}/
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: Initialize postgres (Suse) - name: Initialize postgres (Suse)
service: name=postgresql state=restarted service: name=postgresql state=restarted
when: ansible_os_family == 'Suse' when: ansible_os_family == 'Suse'
- name: Copy pg_hba into place - name: Copy pg_hba into place
template: template:
src: files/pg_hba.conf src: files/pg_hba.conf
@ -79,6 +93,7 @@
owner: '{{ pg_user }}' owner: '{{ pg_user }}'
group: '{{ pg_group }}' group: '{{ pg_group }}'
mode: '0644' mode: '0644'
- name: Generate locales (Debian) - name: Generate locales (Debian)
locale_gen: locale_gen:
name: '{{ item }}' name: '{{ item }}'
@ -87,6 +102,7 @@
- pt_BR - pt_BR
- es_ES - es_ES
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- block: - block:
- name: Install langpacks (RHEL8) - name: Install langpacks (RHEL8)
yum: yum:
@ -96,6 +112,7 @@
- glibc-all-langpacks - glibc-all-langpacks
state: present state: present
when: ansible_distribution_major_version is version('8', '>=') when: ansible_distribution_major_version is version('8', '>=')
- name: Check if locales need to be generated (RedHat) - name: Check if locales need to be generated (RedHat)
shell: localedef --list-archive | grep -a -q '^{{ locale }}$' shell: localedef --list-archive | grep -a -q '^{{ locale }}$'
register: locale_present register: locale_present
@ -105,16 +122,19 @@
- pt_BR - pt_BR
loop_control: loop_control:
loop_var: locale loop_var: locale
- name: Reinstall internationalization files - name: Reinstall internationalization files
shell: yum -y reinstall glibc-common || yum -y install glibc-common shell: yum -y reinstall glibc-common || yum -y install glibc-common
args: args:
warn: false warn: false
when: locale_present is failed when: locale_present is failed
- name: Generate locale (RedHat) - name: Generate locale (RedHat)
command: localedef -f ISO-8859-1 -i {{ item.locale }} {{ item.locale }} command: localedef -f ISO-8859-1 -i {{ item.locale }} {{ item.locale }}
when: item is failed when: item is failed
with_items: '{{ locale_present.results }}' with_items: '{{ locale_present.results }}'
when: ansible_os_family == 'RedHat' and ansible_distribution != 'Fedora' when: ansible_os_family == 'RedHat' and ansible_distribution != 'Fedora'
- name: Install glibc langpacks (Fedora >= 24) - name: Install glibc langpacks (Fedora >= 24)
package: package:
name: '{{ item }}' name: '{{ item }}'
@ -123,21 +143,26 @@
- glibc-langpack-es - glibc-langpack-es
- glibc-langpack-pt - glibc-langpack-pt
when: ansible_distribution == 'Fedora' and ansible_distribution_major_version is version('24', '>=') when: ansible_distribution == 'Fedora' and ansible_distribution_major_version is version('24', '>=')
- name: enable postgresql service (FreeBSD) - name: enable postgresql service (FreeBSD)
lineinfile: lineinfile:
path: /etc/rc.conf path: /etc/rc.conf
line: postgresql_enable="YES" line: postgresql_enable="YES"
when: ansible_os_family == "FreeBSD" when: ansible_os_family == "FreeBSD"
- name: start postgresql service - name: start postgresql service
service: name={{ postgresql_service }} state=started service: name={{ postgresql_service }} state=started
- name: restart postgresql service - name: restart postgresql service
service: name={{ postgresql_service }} state=restarted service: name={{ postgresql_service }} state=restarted
- name: copy control file for dummy ext - name: copy control file for dummy ext
copy: copy:
src: dummy.control src: dummy.control
dest: /usr/share/postgresql/{{ pg_ver }}/extension/dummy.control dest: /usr/share/postgresql/{{ pg_ver }}/extension/dummy.control
mode: '0444' mode: '0444'
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: copy version files for dummy ext - name: copy version files for dummy ext
copy: copy:
src: '{{ item }}' src: '{{ item }}'
@ -148,6 +173,7 @@
- dummy--2.0.sql - dummy--2.0.sql
- dummy--3.0.sql - dummy--3.0.sql
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: add update paths - name: add update paths
file: file:
path: /usr/share/postgresql/{{ pg_ver }}/extension/{{ item }} path: /usr/share/postgresql/{{ pg_ver }}/extension/{{ item }}
@ -157,14 +183,17 @@
- dummy--1.0--2.0.sql - dummy--1.0--2.0.sql
- dummy--2.0--3.0.sql - dummy--2.0--3.0.sql
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
- name: Get PostgreSQL version - name: Get PostgreSQL version
become_user: '{{ pg_user }}' become_user: '{{ pg_user }}'
become: true become: true
shell: echo 'SHOW SERVER_VERSION' | psql --tuples-only --no-align --dbname postgres shell: echo 'SHOW SERVER_VERSION' | psql --tuples-only --no-align --dbname postgres
register: postgres_version_resp register: postgres_version_resp
- name: Print PostgreSQL server version - name: Print PostgreSQL server version
debug: debug:
msg: '{{ postgres_version_resp.stdout }}' msg: '{{ postgres_version_resp.stdout }}'
- import_tasks: ssl.yml - import_tasks: ssl.yml
when: when:
- ansible_os_family == 'Debian' - ansible_os_family == 'Debian'

View file

@ -3,6 +3,7 @@
become: true become: true
postgresql_db: postgresql_db:
name: '{{ ssl_db }}' name: '{{ ssl_db }}'
- name: postgresql SSL - create role - name: postgresql SSL - create role
become_user: '{{ pg_user }}' become_user: '{{ pg_user }}'
become: true become: true
@ -10,25 +11,31 @@
name: '{{ ssl_user }}' name: '{{ ssl_user }}'
role_attr_flags: SUPERUSER role_attr_flags: SUPERUSER
password: '{{ ssl_pass }}' password: '{{ ssl_pass }}'
- name: postgresql SSL - install openssl - name: postgresql SSL - install openssl
become: true become: true
package: name=openssl state=present package: name=openssl state=present
- name: postgresql SSL - create certs 1 - name: postgresql SSL - create certs 1
become_user: root become_user: root
become: true become: true
shell: openssl req -new -nodes -text -out ~{{ pg_user }}/root.csr \ -keyout ~{{ pg_user }}/root.key -subj "/CN=localhost.local" shell: openssl req -new -nodes -text -out ~{{ pg_user }}/root.csr \ -keyout ~{{ pg_user }}/root.key -subj "/CN=localhost.local"
- name: postgresql SSL - create certs 2 - name: postgresql SSL - create certs 2
become_user: root become_user: root
become: true become: true
shell: openssl x509 -req -in ~{{ pg_user }}/root.csr -text -days 3650 \ -extensions v3_ca -signkey ~{{ pg_user }}/root.key -out ~{{ pg_user }}/root.crt shell: openssl x509 -req -in ~{{ pg_user }}/root.csr -text -days 3650 \ -extensions v3_ca -signkey ~{{ pg_user }}/root.key -out ~{{ pg_user }}/root.crt
- name: postgresql SSL - create certs 3 - name: postgresql SSL - create certs 3
become_user: root become_user: root
become: true become: true
shell: openssl req -new -nodes -text -out ~{{ pg_user }}/server.csr \ -keyout ~{{ pg_user }}/server.key -subj "/CN=localhost.local" shell: openssl req -new -nodes -text -out ~{{ pg_user }}/server.csr \ -keyout ~{{ pg_user }}/server.key -subj "/CN=localhost.local"
- name: postgresql SSL - create certs 4 - name: postgresql SSL - create certs 4
become_user: root become_user: root
become: true become: true
shell: openssl x509 -req -in ~{{ pg_user }}/server.csr -text -days 365 \ -CA ~{{ pg_user }}/root.crt -CAkey ~{{ pg_user }}/root.key -CAcreateserial -out server.crt shell: openssl x509 -req -in ~{{ pg_user }}/server.csr -text -days 365 \ -CA ~{{ pg_user }}/root.crt -CAkey ~{{ pg_user }}/root.key -CAcreateserial -out server.crt
- name: postgresql SSL - set right permissions to files - name: postgresql SSL - set right permissions to files
become_user: root become_user: root
become: true become: true
@ -42,6 +49,7 @@
- ~{{ pg_user }}/server.key - ~{{ pg_user }}/server.key
- ~{{ pg_user }}/root.crt - ~{{ pg_user }}/root.crt
- ~{{ pg_user }}/server.csr - ~{{ pg_user }}/server.csr
- name: postgresql SSL - enable SSL - name: postgresql SSL - enable SSL
become_user: '{{ pg_user }}' become_user: '{{ pg_user }}'
become: true become: true
@ -50,6 +58,7 @@
db: postgres db: postgres
name: ssl name: ssl
value: true value: true
- name: postgresql SSL - reload PostgreSQL to enable ssl on - name: postgresql SSL - reload PostgreSQL to enable ssl on
become: true become: true
service: service: