Add configuration management flags (#19)

nephelaiio · Mar 22, 2024 · ea9e9b6 · ea9e9b6
1 parent 714a7f3
commit ea9e9b6
Show file tree

Hide file tree

Showing 4 changed files with 83 additions and 65 deletions.
diff --git a/README.md b/README.md
@@ -11,15 +11,22 @@ The following is the list of end-user serviceable parameters:
 
 Global PostgreSQL configuration
 
-| Parameter                  |                  Default | Type   | Description                        | Required |
-|:---------------------------|-------------------------:|:-------|:-----------------------------------|:---------|
-| postgresql_release         |                       16 | string | Target PostgreSQL major release    | false    |
-| postgresql_package_state   |                  present | string | PostgreSQL package state           | false    |
-| postgresql_service_state   |                  started | string | PostgreSQL service state           | false    |
-| postgresql_service_enabled |                     true | bool   | Start PostgreSQL on boot           | false    |
-| postgresql_roles           |                       [] | list   | List of PostgreSQL roles           | false    |
-| postgresql_databases       |                       [] | list   | List of PostgreSQL databases       | false    |
-| postgresql_hba_entries     |                       [] | list   | List of HBA entries                | false    |
+| Parameter                    |  Default | Type   | Description                                | Required |
+|:-----------------------------|---------:|:-------|:-------------------------------------------|:---------|
+| postgresql_release           |       16 | string | Target PostgreSQL major release            | false    |
+| postgresql_user              | postgres | string | OS user for postgres daemon                | false    |
+| postgresql_group             | postgres | string | OS group for postgres daemon               | false    |
+| postgresql_package_state     |  present | string | PostgreSQL package state                   | false    |
+| postgresql_service_state     |  started | string | PostgreSQL service state                   | false    |
+| postgresql_service_enabled   |     true | bool   | Start PostgreSQL on boot                   | false    |
+| postgresql_roles             |       [] | list   | List of PostgreSQL roles                   | false    |
+| postgresql_databases         |       [] | list   | List of PostgreSQL databases               | false    |
+| postgresql_hba_entries       |       [] | list   | List of HBA entries                        | false    |
+| postgresql_ident_entries     |       [] | list   | List of ident entries                      | false    |
+| postgresql_initdb            |     true | list   | Toggle flag for database initialization    | false    |
+| postgresql_conf_main_manage  |     true | list   | Toggle flag for postgresql.conf management | false    |
+| postgresql_conf_hba_manage   |     true | list   | Toggle flag for pg_hba.conf management     | false    |
+| postgresql_conf_ident_manage |     true | list   | Toggle flag for pg_ident.conf management   | false    |
 
 Please refer to the [defaults directory](/defaults/main/) for an up to date list of input parameters.
 

diff --git a/defaults/main/params.yml b/defaults/main/params.yml
@@ -15,6 +15,9 @@ postgresql_profile: '/etc/profile.d/postgresql.sh'
 postgresql_auth_method: md5  # [ scram-sha-256 | md5 ]
 postgresql_default_database: postgres
 postgresql_locale: en_US.UTF-8
+postgresql_conf_main_manage: true
+postgresql_conf_hba_manage: true
+postgresql_conf_ident_manage: true
 postgresql_ident_entries: []
 postgresql_hba_entries:
   - type: "host"

diff --git a/tasks/configure.yml b/tasks/configure.yml
@@ -74,63 +74,66 @@
         - pg_hba.conf
         - postgresql.conf
 
-- name: Create PostgreSQL include directory
-  ansible.builtin.file:
-    path: "{{ _postgresql_conf_include }}"
-    state: directory
-    owner: "{{ _postgresql_user }}"
-    group: "{{ _postgresql_group }}"
-    mode: 0755
-
-- name: Manage PostgreSQL ansible include config
-  ansible.builtin.copy:
-    dest: "{{ _postgresql_conf_ansible }}"
-    content: "{{ postgresql_conf_ansible }}"
-    owner: "{{ _postgresql_user }}"
-    group: "{{ _postgresql_group }}"
-    mode: 0644
-  when: postgresql_conf_ansible is defined
-  notify: postgresql_reload
-
-- name: Destroy PostgreSQL ansible include config
-  ansible.builtin.file:
-    path: "{{ _postgresql_conf_ansible }}"
-    state: absent
-  when: postgresql_conf_ansible is not defined
-  notify: postgresql_reload
-
-- name: Create PostgreSQL local config
-  ansible.builtin.file:
-    path: "{{ _postgresql_conf_local }}"
-    state: touch
-    modification_time: preserve
-    owner: "{{ _postgresql_user }}"
-    group: "{{ _postgresql_group }}"
-    mode: 0644
-  changed_when: false
-
-- name: List PostgreSQL alien config files
-  ansible.builtin.find:
-    path: "{{ _postgresql_conf_include }}"
-    exclude: "{{ _postgresql_conf_exclude }}"
-    recurse: false
-  register: _query_includes
+- name: Manage PostgreSQL configuration
+  when: _postgresql_conf_main_manage | bool
+  block:
+    - name: Create PostgreSQL include directory
+      ansible.builtin.file:
+        path: "{{ _postgresql_conf_include }}"
+        state: directory
+        owner: "{{ _postgresql_user }}"
+        group: "{{ _postgresql_group }}"
+        mode: 0755
+
+    - name: Manage PostgreSQL ansible include config
+      ansible.builtin.copy:
+        dest: "{{ _postgresql_conf_ansible }}"
+        content: "{{ postgresql_conf_ansible }}"
+        owner: "{{ _postgresql_user }}"
+        group: "{{ _postgresql_group }}"
+        mode: 0644
+      when: postgresql_conf_ansible is defined
+      notify: postgresql_reload
+
+    - name: Destroy PostgreSQL ansible include config
+      ansible.builtin.file:
+        path: "{{ _postgresql_conf_ansible }}"
+        state: absent
+      when: postgresql_conf_ansible is not defined
+      notify: postgresql_reload
 
-- name: Drop PostgreSQL alien config files
-  ansible.builtin.file:
-    path: "{{ item }}"
-  loop: "{{ _query_includes.files | map(attribute='path') }}"
+    - name: Create PostgreSQL local config
+      ansible.builtin.file:
+        path: "{{ _postgresql_conf_local }}"
+        state: touch
+        modification_time: preserve
+        owner: "{{ _postgresql_user }}"
+        group: "{{ _postgresql_group }}"
+        mode: 0644
+      changed_when: false
 
-- name: Manage PostgreSQL main config
-  ansible.builtin.template:
-    src: postgresql.conf.j2
-    dest: "{{ _postgresql_conf_main }}"
-    owner: "{{ _postgresql_user }}"
-    group: "{{ _postgresql_group }}"
-    mode: 0644
-  notify: postgresql_restart
+    - name: List PostgreSQL alien config files
+      ansible.builtin.find:
+        path: "{{ _postgresql_conf_include }}"
+        exclude: "{{ _postgresql_conf_exclude }}"
+        recurse: false
+      register: _query_includes
 
-- name: Manage PostgreSQL hba config
+    - name: Drop PostgreSQL alien config files
+      ansible.builtin.file:
+        path: "{{ item }}"
+      loop: "{{ _query_includes.files | map(attribute='path') }}"
+
+    - name: Manage PostgreSQL main config
+      ansible.builtin.template:
+        src: postgresql.conf.j2
+        dest: "{{ _postgresql_conf_main }}"
+        owner: "{{ _postgresql_user }}"
+        group: "{{ _postgresql_group }}"
+        mode: 0644
+      notify: postgresql_restart
+
+- name: Manage PostgreSQL hba entries
   ansible.builtin.template:
     src: pg_hba.conf.j2
     dest: "{{ _postgresql_conf_hba }}"
@@ -139,9 +142,10 @@
     mode: 0644
   vars:
     _entries: "{{ postgresql_hba_entries }}"
-  notify: postgresql_restart
+  when: _postgresql_conf_hba_manage | bool
+  notify: postgresql_reload
 
-- name: Manage PostgreSQL ident config
+- name: Manage PostgreSQL ident entries
   ansible.builtin.template:
     src: pg_ident.conf.j2
     dest: "{{ _postgresql_conf_ident }}"
@@ -150,6 +154,7 @@
     mode: 0644
   vars:
     _entries: "{{ postgresql_ident_entries }}"
+  when: _postgresql_conf_ident_manage | bool
   notify: postgresql_reload
 
 - name: Manage PostgreSQL profile configuration

diff --git a/tasks/vars.yml b/tasks/vars.yml
@@ -16,6 +16,9 @@
     _postgresql_auth_method: "{{ _auth_method }}"
     _postgresql_pgoptions: "{{ (_auth_method == _auth_scram_sha256) | ternary(_auth_scram_option, '') }}"
     _postgresql_conf_include: "{{ _conf_include }}"
+    _postgresql_conf_main_manage: "{{ postgresql_conf_main_manage | default(True) }}"
+    _postgresql_conf_hba_manage: "{{ postgresql_conf_hba_manage | default(True) }}"
+    _postgresql_conf_ident_manage: "{{ postgresql_conf_ident_manage | default(True) }}"
     _postgresql_conf_main: "{{ _conf_confdir }}/postgresql.conf"
     _postgresql_conf_ident: "{{ _conf_confdir }}/pg_ident.conf"
     _postgresql_conf_hba: "{{ _conf_confdir }}/pg_hba.conf"