1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Merge pull request #712 from lorin/postgres-fixup

Postgres fixup
This commit is contained in:
Michael DeHaan 2012-07-29 10:28:50 -07:00
commit b3aba405dd
4 changed files with 64 additions and 26 deletions

View file

@ -0,0 +1,38 @@
##
# Example Ansible playbook that uses the PostgreSQL module.
#
# This installs PostgreSQL on an Ubuntu system, creates a database called
# "myapp" and a user called "django" with password "mysupersecretpassword"
# with access to the "myapp" database.
#
---
- hosts: webservers
sudo: True
gather_facts: False
tasks:
- name: ensure apt cache is up to date
action: apt update_cache=yes
- name: ensure packages are installed
action: apt pkg=$item
with_items:
- postgresql
- libpq-dev
- python-psycopg2
- hosts: webservers
sudo: True
sudo_user: postgres
gather_facts: False
vars:
dbname: myapp
dbuser: django
dbpassword: mysupersecreetpassword
tasks:
- name: ensure database is created
action: postgresql_db db=$dbname
- name: ensure user has access to database
action: postgresql_user db=$dbname user=$dbuser password=$dbpassword

View file

@ -128,7 +128,7 @@ def main():
p = module.params p = module.params
if p['package'] is None and p['update_cache'] != 'yes': if p['package'] is None and p['update_cache'] != 'yes':
module.fail_json(msg='pkg=name and/or update-cache=yes is required') module.fail_json(msg='pkg=name and/or update_cache=yes is required')
install_recommends = (p['install_recommends'] == 'yes') install_recommends = (p['install_recommends'] == 'yes')

View file

@ -52,9 +52,9 @@ def db_create(cursor, db):
def main(): def main():
module = AnsibleModule( module = AnsibleModule(
argument_spec=dict( argument_spec=dict(
loginuser=dict(default="postgres"), login_user=dict(default="postgres"),
loginpass=dict(default=""), login_password=dict(default=""),
loginhost=dict(default=""), login_host=dict(default=""),
db=dict(required=True), db=dict(required=True),
state=dict(default="present", choices=["absent", "present"]), state=dict(default="present", choices=["absent", "present"]),
) )
@ -67,9 +67,9 @@ def main():
state = module.params["state"] state = module.params["state"]
changed = False changed = False
try: try:
db_connection = psycopg2.connect(host=module.params["loginhost"], db_connection = psycopg2.connect(host=module.params["login_host"],
user=module.params["loginuser"], user=module.params["login_user"],
password=module.params["loginpass"], password=module.params["login_password"],
database="template1") database="template1")
# Enable autocommit so we can create databases # Enable autocommit so we can create databases
db_connection.autocommit = True db_connection.autocommit = True

View file

@ -33,10 +33,10 @@ def user_exists(cursor, user):
return cursor.rowcount > 0 return cursor.rowcount > 0
def user_add(cursor, user, passwd, db): def user_add(cursor, user, password, db):
"""Create a new user with write access to the database""" """Create a new user with write access to the database"""
query = "CREATE USER %(user)s with PASSWORD '%(passwd)s'" query = "CREATE USER %(user)s with PASSWORD '%(password)s'"
cursor.execute(query % {"user": user, "passwd": passwd}) cursor.execute(query % {"user": user, "password": password})
grant_privileges(cursor, user, db) grant_privileges(cursor, user, db)
return True return True
@ -60,19 +60,19 @@ def revoke_privileges(cursor, user, db):
cursor.execute(query % {'user': user, 'db': db}) cursor.execute(query % {'user': user, 'db': db})
def user_mod(cursor, user, passwd, db): def user_mod(cursor, user, password, db):
"""Update password and permissions""" """Update password and permissions"""
changed = False changed = False
# Handle passwords. # Handle passwords.
if passwd is not None: if password is not None:
select = "SELECT rolpassword FROM pg_authid where rolname=%(user)s" select = "SELECT rolpassword FROM pg_authid where rolname=%(user)s"
cursor.execute(select, {"user": user}) cursor.execute(select, {"user": user})
current_pass_hash = cursor.fetchone()[0] current_pass_hash = cursor.fetchone()[0]
# Not sure how to hash the new password, so we just initiate the # Not sure how to hash the new password, so we just initiate the
# change and check if the hash changed # change and check if the hash changed
alter = "ALTER USER %(user)s WITH PASSWORD '%(passwd)s'" alter = "ALTER USER %(user)s WITH PASSWORD '%(password)s'"
cursor.execute(alter % {"user": user, "passwd": passwd}) cursor.execute(alter % {"user": user, "password": password})
cursor.execute(select, {"user": user}) cursor.execute(select, {"user": user})
new_pass_hash = cursor.fetchone()[0] new_pass_hash = cursor.fetchone()[0]
if current_pass_hash != new_pass_hash: if current_pass_hash != new_pass_hash:
@ -103,17 +103,17 @@ def user_delete(cursor, user, db):
def main(): def main():
module = AnsibleModule( module = AnsibleModule(
argument_spec=dict( argument_spec=dict(
loginuser=dict(default="postgres"), login_user=dict(default="postgres"),
loginpass=dict(default=""), login_password=dict(default=""),
loginhost=dict(default=""), login_host=dict(default=""),
user=dict(required=True), user=dict(required=True),
passwd=dict(default=None), password=dict(default=None),
state=dict(default="present", choices=["absent", "present"]), state=dict(default="present", choices=["absent", "present"]),
db=dict(required=True), db=dict(required=True),
) )
) )
user = module.params["user"] user = module.params["user"]
passwd = module.params["passwd"] password = module.params["password"]
state = module.params["state"] state = module.params["state"]
db = module.params["db"] db = module.params["db"]
@ -121,9 +121,9 @@ def main():
module.fail_json(msg="the python psycopg2 module is required") module.fail_json(msg="the python psycopg2 module is required")
try: try:
db_connection = psycopg2.connect(host=module.params["loginhost"], db_connection = psycopg2.connect(host=module.params["login_host"],
user=module.params["loginuser"], user=module.params["login_user"],
password=module.params["loginpass"], password=module.params["login_password"],
database=db) database=db)
cursor = db_connection.cursor() cursor = db_connection.cursor()
except Exception as e: except Exception as e:
@ -131,12 +131,12 @@ def main():
if state == "present": if state == "present":
if user_exists(cursor, user): if user_exists(cursor, user):
changed = user_mod(cursor, user, passwd, db) changed = user_mod(cursor, user, password, db)
else: else:
if passwd is None: if password is None:
msg = "passwd parameter required when adding a user" msg = "password parameter required when adding a user"
module.fail_json(msg=msg) module.fail_json(msg=msg)
changed = user_add(cursor, user, passwd, db) changed = user_add(cursor, user, password, db)
elif state == "absent": elif state == "absent":
if user_exists(cursor, user): if user_exists(cursor, user):