- name: create db in postgres
  community.postgresql.postgresql_db:
    name: authentik

- name: create postgres authentik user
  community.postgresql.postgresql_user:
    name: authentik
    db: authentik
    password: "{{ lookup('ansible.builtin.password', 'secrets/' + inventory_hostname + '/authentik-pg-password.txt', length=15) }}"

- name: grant postgres authentik user permissions
  community.postgresql.postgresql_privs:
    database: authentik
    role: authentik
    type: database
    privs: all

- name: grant postgres authentik user permissions
  community.postgresql.postgresql_privs:
    database: authentik
    role: authentik
    type: schema
    objs: public
    privs: all