36 lines
1 KiB
YAML
36 lines
1 KiB
YAML
- name: create db in postgres
|
|
community.postgresql.postgresql_db:
|
|
name: pdns
|
|
notify:
|
|
- create db schema
|
|
|
|
- meta: flush_handlers # schema must be created before permission grants happen
|
|
|
|
- name: create postgres pdns user
|
|
community.postgresql.postgresql_user:
|
|
name: pdns
|
|
db: pdns
|
|
password: "{{ lookup('ansible.builtin.password', 'secrets/' + inventory_hostname + '/pg-pdns-password.txt', length=15) }}"
|
|
|
|
- name: grant postgres pdns user permissions
|
|
community.postgresql.postgresql_privs:
|
|
database: pdns
|
|
roles: pdns
|
|
type: "{{ item }}"
|
|
privs: all
|
|
objs: ALL_IN_SCHEMA
|
|
with_items: ["table", "sequence"]
|
|
|
|
- name: create subscription
|
|
community.postgresql.postgresql_subscription:
|
|
db: pdns
|
|
name: pdns_{{ ansible_hostname }}
|
|
publications: pdns
|
|
connparams:
|
|
host: 10.6.0.1
|
|
port: 5432
|
|
user: "replication"
|
|
password: "{{ lookup('ansible.builtin.password', 'secrets/pg-replication-password.txt', length=15) }}"
|
|
dbname: pdns
|
|
subsparams:
|
|
copy_data: true
|