From 0ce576f6e43b776c7114dad6337b9398f4084a37 Mon Sep 17 00:00:00 2001 From: Ted Cook Date: Fri, 29 Mar 2024 19:14:48 -0600 Subject: [PATCH 1/2] Add socket directory config manage flag --- README.md | 43 +++++++++++++++++---------------- defaults/main/params.yml | 1 + molecule/configure/molecule.yml | 3 +++ tasks/vars.yml | 1 + templates/postgresql.conf.j2 | 4 ++- 5 files changed, 30 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index 4a3ec2f..5911e20 100644 --- a/README.md +++ b/README.md @@ -11,27 +11,28 @@ The following is the list of end-user serviceable parameters: Global PostgreSQL configuration -| Parameter | Default | Type | Description | Required | -|:-----------------------------|----------------:|:-------|:-------------------------------------------|:---------| -| postgresql_release | 16 | string | Target PostgreSQL major release | false | -| postgresql_user | postgres | string | OS user for postgres daemon | false | -| postgresql_group | postgres | string | OS group for postgres daemon | false | -| postgresql_package_state | present | string | PostgreSQL package state | false | -| postgresql_service_state | started | string | PostgreSQL service state | false | -| postgresql_service_enabled | true | bool | Start PostgreSQL on boot | false | -| postgresql_roles | [] | list | List of PostgreSQL roles | false | -| postgresql_databases | [] | list | List of PostgreSQL databases | false | -| postgresql_hba_entries | [] | list | List of HBA entries | false | -| postgresql_ident_entries | [] | list | List of ident entries | false | -| postgresql_initdb | true | list | Toggle flag for database initialization | false | -| postgresql_conf_main_file | postgresql.conf | string | Main config file basename | false | -| postgresql_conf_ident_file | pg_ident.conf | string | Ident config file basename | false | -| postgresql_conf_hba_file | pg_hba.conf | string | HBA config file basename | false | -| postgresql_conf_main_manage | true | list | Toggle flag for postgresql.conf management | false | -| postgresql_conf_hba_manage | true | list | Toggle flag for pg_hba.conf management | false | -| postgresql_conf_ident_manage | true | list | Toggle flag for pg_ident.conf management | false | -| postgresql_role_manage | true | list | Toggle flag for role management | false | -| postgresql_datrabase_manage | true | list | Toggle flag for database management | false | +| Parameter | Default | Type | Description | Required | +|:---------------------------------|----------------:|:-------|:-----------------------------------------------|:---------| +| postgresql_release | 16 | string | Target PostgreSQL major release | false | +| postgresql_user | postgres | string | OS user for postgres daemon | false | +| postgresql_group | postgres | string | OS group for postgres daemon | false | +| postgresql_package_state | present | string | PostgreSQL package state | false | +| postgresql_service_state | started | string | PostgreSQL service state | false | +| postgresql_service_enabled | true | bool | Start PostgreSQL on boot | false | +| postgresql_roles | [] | list | List of PostgreSQL roles | false | +| postgresql_databases | [] | list | List of PostgreSQL databases | false | +| postgresql_hba_entries | [] | list | List of HBA entries | false | +| postgresql_ident_entries | [] | list | List of ident entries | false | +| postgresql_initdb | true | list | Toggle flag for database initialization | false | +| postgresql_conf_main_file | postgresql.conf | string | Main config file basename | false | +| postgresql_conf_ident_file | pg_ident.conf | string | Ident config file basename | false | +| postgresql_conf_hba_file | pg_hba.conf | string | HBA config file basename | false | +| postgresql_conf_main_manage | true | list | Toggle flag for postgresql.conf management | false | +| postgresql_conf_hba_manage | true | list | Toggle flag for pg_hba.conf management | false | +| postgresql_conf_ident_manage | true | list | Toggle flag for pg_ident.conf management | false | +| postgresql_conf_socketdir_manage | true | list | Toggle flag for socket directory configuration | false | +| postgresql_role_manage | true | list | Toggle flag for role management | false | +| postgresql_datrabase_manage | true | list | Toggle flag for database management | false | Please refer to the [defaults directory](/defaults/main/) for an up to date list of input parameters. diff --git a/defaults/main/params.yml b/defaults/main/params.yml index be0a190..17c7402 100644 --- a/defaults/main/params.yml +++ b/defaults/main/params.yml @@ -17,6 +17,7 @@ postgresql_default_database: postgres postgresql_locale: en_US.UTF-8 postgresql_conf_main_manage: true postgresql_conf_hba_manage: true +postgresql_conf_socketdir_manage: true postgresql_conf_ident_manage: true postgresql_role_manage: "{{ postgresql_service_state == 'started' }}" postgresql_database_manage: "{{ postgresql_service_state == 'started' }}" diff --git a/molecule/configure/molecule.yml b/molecule/configure/molecule.yml index f0f6e47..79e5bbf 100644 --- a/molecule/configure/molecule.yml +++ b/molecule/configure/molecule.yml @@ -33,6 +33,9 @@ provisioner: vars: postgresql_nolog: false postgresql_conf_max_conns: 600 + postgresql_conf_socketdir_manage: false + postgresql_conf_hba_manage: false + postgresql_conf_ident_manage: false postgresql_conf_ansible: | max_connections = {{ postgresql_conf_max_conns }} verifier: diff --git a/tasks/vars.yml b/tasks/vars.yml index 1503a07..aafa7f1 100644 --- a/tasks/vars.yml +++ b/tasks/vars.yml @@ -23,6 +23,7 @@ _postgresql_conf_main: "{{ _conf_confdir }}/{{ postgresql_conf_main_file | default('postgresql.conf') }}" _postgresql_conf_ident: "{{ _conf_confdir }}/{{ postgresql_conf_ident_file | default('pg_ident.conf') }}" _postgresql_conf_hba: "{{ _conf_confdir }}/{{ postgresql_conf_hba_file | default('pg_hba.conf') }}" + _postgresql_conf_socket: "{{ postgresql_conf_socketdir_manage | bool }}" _postgresql_conf_ansible: "{{ _conf_include }}/{{ __postgresql_conf_ansible }}" _postgresql_conf_pgaudit: "{{ _conf_include }}/{{ __postgresql_conf_pgaudit }}" _postgresql_conf_pgcron: "{{ _conf_include }}/{{ __postgresql_conf_pgcron }}" diff --git a/templates/postgresql.conf.j2 b/templates/postgresql.conf.j2 index 827bcc1..6fb4058 100644 --- a/templates/postgresql.conf.j2 +++ b/templates/postgresql.conf.j2 @@ -5,6 +5,8 @@ include_dir = '{{ _postgresql_conf_include | basename }}' listen_addresses = '*' data_directory = '{{ _postgresql_datadir }}' -unix_socket_directories = '{{ _postgresql_socketdir }}, /tmp' hba_file = '{{ _postgresql_conf_hba }}' ident_file = '{{ _postgresql_conf_ident }}' +{%if _postgresql_conf_socket | bool %} +unix_socket_directories = '{{ _postgresql_socketdir }},/tmp' +{% endif %} From b37724e78de926634823a9b16ed0546da86e37c4 Mon Sep 17 00:00:00 2001 From: Ted Cook Date: Fri, 29 Mar 2024 20:03:17 -0600 Subject: [PATCH 2/2] Enable hba management for configuration scenario --- molecule/configure/molecule.yml | 1 - tasks/lock.yml | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/molecule/configure/molecule.yml b/molecule/configure/molecule.yml index 79e5bbf..d5b51d6 100644 --- a/molecule/configure/molecule.yml +++ b/molecule/configure/molecule.yml @@ -34,7 +34,6 @@ provisioner: postgresql_nolog: false postgresql_conf_max_conns: 600 postgresql_conf_socketdir_manage: false - postgresql_conf_hba_manage: false postgresql_conf_ident_manage: false postgresql_conf_ansible: | max_connections = {{ postgresql_conf_max_conns }} diff --git a/tasks/lock.yml b/tasks/lock.yml index 2828331..37d8fed 100644 --- a/tasks/lock.yml +++ b/tasks/lock.yml @@ -11,7 +11,7 @@ _packages: "{{ ([_postgresql_package_name] | flatten) }}" _package_versions: "{{ _packages | map('regex_search', _version_regex) }}" _package_holds: "{{ _package_versions | select('string') }}" - _package_target: "{{ item.split('=') | first }}" + _package_target: "{{ item.split('=') | first }}" loop: "{{ _package_holds }}" when: - ansible_os_family == "Debian" @@ -27,7 +27,7 @@ _packages: "{{ ([_postgresql_package_name] | flatten) }}" _package_versions: "{{ _packages | map('regex_search', _version_regex) }}" _package_holds: "{{ _package_versions | select('string') }}" - _package_target: "{{ item.split('=') | first }}" + _package_target: "{{ item.split('=') | first }}" loop: "{{ _package_holds }}" when: - ansible_os_family == "RedHat"