Add verification tasks for custom configuration (#15)

handlers/main.yml

@@ -17,6 +17,4 @@
     name: "{{ _postgresql_service_name }}"
     state: "restarted"
   when: postgresql_service_state == 'started'
-  listen:
-    - postgresql_restart
-    - daemon_reload
+  listen: postgresql_restart

molecule/common/verify.yml

@@ -94,7 +94,7 @@
           - "databases"
           - "roles"
       become: true
-      become_user: postgres
+      become_user: "{{ _postgresql_user }}"
       register: postgresql_info
 
     - name: Verify requested databases
@@ -139,7 +139,7 @@
         db: postgres
         query: 'SHOW data_checksums'
       become: true
-      become_user: postgres
+      become_user: "{{ _postgresql_user }}"
       register: postgresql_checksums
 
     - name: Verify data checksum

molecule/configure/molecule.yml

@@ -23,7 +23,6 @@ provisioner:
   playbooks:
     prepare: ../common/prepare.yml
     converge: ../common/converge.yml
-    verify: ../common/verify.yml
     side_effect: ../common/converge.yml
   config_options:
     defaults:
@@ -33,6 +32,9 @@ provisioner:
       all:
         vars:
           postgresql_nolog: false
+          postgresql_conf_max_conns: 600
+          postgresql_conf_ansible: |
+            max_connections = {{ postgresql_conf_max_conns }}
 verifier:
   name: ansible
 scenario:

molecule/configure/verify.yml

@@ -0,0 +1,39 @@
+---
+- ansible.builtin.import_playbook: ../common/verify.yml
+
+- name: Verify configuration
+  hosts: all
+  gather_facts: true
+  become: true
+  tasks:
+    - name: Import role defaults
+      ansible.builtin.include_role:
+        name: nephelaiio.postgresql
+        tasks_from: vars.yml
+
+    - name: Stat Ansible configuration file
+      ansible.builtin.stat:
+        path: "{{ _postgresql_conf_ansible }}"
+      register: _ansible_conf_query
+
+    - name: Verify Ansible configuration file
+      ansible.builtin.assert:
+        that: _ansible_conf_query.stat.exists
+
+    - name: Query PostgreSQL settings
+      community.postgresql.postgresql_query:
+        db: postgres
+        query: 'SELECT name,setting from pg_settings'
+      become: true
+      become_user: "{{ _postgresql_user }}"
+      register: _postgresql_settings
+
+    - name: Check PostgreSQL settings
+      ansible.builtin.assert:
+        that: (_max_connections | int) == (postgresql_conf_max_conns | int)
+        fail_msg: "Expected max_connections = {{ postgresql_conf_max_conns }}, found {{ _max_connections }}"
+        success_msg: "max_connections = {{ _max_connections }}"
+      vars:
+        _settings: "{{ _postgresql_settings.query_result  }}"
+        _max_connections_setting: "{{ _settings | selectattr('name', 'equalto', 'max_connections') | first }}"
+        _max_connections: "{{ _max_connections_setting.setting }}"

tasks/configure.yml

@@ -41,19 +41,22 @@
     state: directory
     mode: 0700
 
-- name: Initialize PostgreSQL database
-  ansible.builtin.command:
-    cmd: "{{ _postgresql_bindir }}/initdb -D {{ _postgresql_datadir }}"
-    creates: "{{ _postgresql_datadir }}/PG_VERSION"
-  become: true
-  become_user: "{{ _postgresql_user }}"
+- name: Manage PostgreSQL initialization
   when: _postgresql_initdb | bool
+  block:
+    - name: Initialize PostgreSQL database
+      ansible.builtin.command:
+        cmd: "{{ _postgresql_bindir }}/initdb -D {{ _postgresql_datadir }}"
+        creates: "{{ _postgresql_datadir }}/PG_VERSION"
+      become: true
+      become_user: "{{ _postgresql_user }}"
+      when: _postgresql_initdb | bool
 
-- name: Enable PostgreSQL checksums
-  ansible.builtin.command:
-    cmd: "{{ _postgresql_bindir }}/pg_checksums -D {{ _postgresql_datadir }} --enable"
-  when: _postgresql_checksum_enable | bool
-  changed_when: false
+    - name: Enable PostgreSQL checksums
+      ansible.builtin.command:
+        cmd: "{{ _postgresql_bindir }}/pg_checksums -D {{ _postgresql_datadir }} --enable"
+      when: _postgresql_checksum_enable | bool
+      changed_when: false
 
 - name: Create PostgreSQL include directory
   ansible.builtin.file:

tasks/vars.yml

@@ -8,17 +8,16 @@
     _postgresql_service_name: "{{ postgresql_service_name | default(_default_service) }}"
     _postgresql_user: "{{ postgresql_user }}"
     _postgresql_group: "{{ postgresql_group }}"
-    _postgresql_bindir: "{{ __postgresql_bindir | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _postgresql_confdir: "{{ _conf_confdir }}"
     _postgresql_datadir: "{{ _conf_datadir }}"
+    _postgresql_bindir: "{{ _conf_bindir }}"
     _postgresql_socketdir: "{{ _conf_socketdir }}"
     _postgresql_initdb: "{{ postgresql_initdb }}"
     _postgresql_auth_method: "{{ _auth_method }}"
     _postgresql_pgoptions: "{{ (_auth_method == _auth_scram_sha256) | ternary(_auth_scram_option, '') }}"
     _postgresql_conf_include: "{{ _conf_include }}"
     _postgresql_conf_main: "{{ _conf_main }}"
     _postgresql_conf_hba: "{{ _conf_datadir }}/pg_hba.conf"
-    _postgresql_conf_ident: "{{ _conf_datadir }}/pg_ident.conf"
     _postgresql_conf_ansible: "{{ _conf_include }}/{{ __postgresql_conf_ansible }}"
     _postgresql_conf_pgaudit: "{{ _conf_include }}/{{ __postgresql_conf_pgaudit }}"
     _postgresql_conf_pgcron: "{{ _conf_include }}/{{ __postgresql_conf_pgcron }}"
@@ -30,6 +29,7 @@
     _default_service: "{{ __postgresql_service_name | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _conf_confdir: "{{ _conf_main | dirname }}"
     _conf_datadir: "{{ __postgresql_datadir | nephelaiio.plugins.sorted_get(_conf_search) }}"
+    _conf_bindir: "{{ __postgresql_bindir | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _conf_socketdir: "{{ __postgresql_socketdir | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _conf_search: "{{ __postgresql_os_search }}"
     _conf_main: "{{ __postgresql_conf_main | nephelaiio.plugins.sorted_get(_conf_search) }}"

templates/postgresql.conf.j2

@@ -7,4 +7,3 @@ listen_addresses = '*'
 data_directory = '{{ _postgresql_datadir }}'
 unix_socket_directories = '{{ _postgresql_socketdir }}, /tmp'
 hba_file = '{{ _postgresql_conf_hba }}'
-ident_file = '{{ _postgresql_conf_ident }}'