self-hosting/roles/mailserver_database/tasks/main.yml

---

- name: Install needed packages
  become: true
  ansible.builtin.apt:
    name:
      - postgresql
      - postfix-pgsql
      - python3-psycopg2
      - acl

- name: Create postgresql users
  become: true
  become_user: postgres
  loop:
    - "{{ mailserver_database.admin_user }}"
    - "{{ mailserver_database.ro_user }}"
  community.postgresql.postgresql_user:
    name: "{{ item.name }}"
    state: present
    password: "{{ item.pwd }}"

- name: Create postgresql database
  become: true
  become_user: postgres
  community.postgresql.postgresql_db:
    name: "{{ mailserver_database.db }}"
    owner: "{{ mailserver_database.admin_user.name }}"
    state: present

- name: Upload postgresql tables script
  become: true
  become_user: postgres
  ansible.builtin.template:
    src: tables.sql.j2
    dest: ~/mailserver_tables.sql
    mode: "644"
  notify: Create postgresql tables

- name: Make sure tables are created before setting permissions
  ansible.builtin.meta: flush_handlers

- name: Set privileges for postgresql RO user
  become: true
  become_user: postgres
  community.postgresql.postgresql_privs:
    database: "{{ mailserver_database.db }}"
    roles: "{{ mailserver_database.ro_user.name }}"
    privs: select
    objs: ALL_IN_SCHEMA
    state: present
Add mailserver_database role 2024-01-05 18:58:27 +01:00			`---`

			`- name: Install needed packages`
			`become: true`
			`ansible.builtin.apt:`
			`name:`
			`- postgresql`
			`- postfix-pgsql`
Create mailserver_database db and users 2024-01-05 19:20:56 +01:00			`- python3-psycopg2`
			`- acl`

			`- name: Create postgresql users`
			`become: true`
			`become_user: postgres`
			`loop:`
Group mailserver_database vars in a dict 2024-01-10 09:23:56 +01:00			`- "{{ mailserver_database.admin_user }}"`
			`- "{{ mailserver_database.ro_user }}"`
Create mailserver_database db and users 2024-01-05 19:20:56 +01:00			`community.postgresql.postgresql_user:`
			`name: "{{ item.name }}"`
			`state: present`
			`password: "{{ item.pwd }}"`

			`- name: Create postgresql database`
			`become: true`
			`become_user: postgres`
			`community.postgresql.postgresql_db:`
Group mailserver_database vars in a dict 2024-01-10 09:23:56 +01:00			`name: "{{ mailserver_database.db }}"`
			`owner: "{{ mailserver_database.admin_user.name }}"`
Create mailserver_database db and users 2024-01-05 19:20:56 +01:00			`state: present`

Create mailserver tables 2024-01-05 21:40:13 +01:00			`- name: Upload postgresql tables script`
			`become: true`
			`become_user: postgres`
Use var for the main virtual_domain 2024-01-12 20:44:44 +01:00			`ansible.builtin.template:`
			`src: tables.sql.j2`
Create mailserver tables 2024-01-05 21:40:13 +01:00			`dest: ~/mailserver_tables.sql`
			`mode: "644"`
Move execution of postgresql script to a handler 2024-01-17 09:58:15 +01:00			`notify: Create postgresql tables`
Create mailserver tables 2024-01-05 21:40:13 +01:00
Move execution of postgresql script to a handler 2024-01-17 09:58:15 +01:00			`- name: Make sure tables are created before setting permissions`
			`ansible.builtin.meta: flush_handlers`
Create mailserver tables 2024-01-05 21:40:13 +01:00
Create mailserver_database db and users 2024-01-05 19:20:56 +01:00			`- name: Set privileges for postgresql RO user`
			`become: true`
			`become_user: postgres`
			`community.postgresql.postgresql_privs:`
Group mailserver_database vars in a dict 2024-01-10 09:23:56 +01:00			`database: "{{ mailserver_database.db }}"`
			`roles: "{{ mailserver_database.ro_user.name }}"`
Create mailserver_database db and users 2024-01-05 19:20:56 +01:00			`privs: select`
			`objs: ALL_IN_SCHEMA`
			`state: present`