diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d8899c6..576cdaa 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,7 +5,7 @@ # See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy # See: https://github.com/ansible/galaxy/issues/46 -name: elease +name: release on: push: tags: diff --git a/defaults/main.yml b/defaults/main.yml deleted file mode 100644 index cb5a3d9..0000000 --- a/defaults/main.yml +++ /dev/null @@ -1,40 +0,0 @@ ---- -postgresql_release: 16 -postgresql_package_state: present -postgresql_service_state: started -postgresql_service_enabled: true -postgresql_db_init: true -postgresql_db_path: /var/lib/postgresql -postgresql_user: postgres -postgresql_group: postgres -postgresql_datadir: "/var/lib/postgresql/data" -postgresql_roles: [] -postgresql_databases: [] -postgresql_auth_method: md5 # [ scram-sha-256 | md5 ] -postgresql_default_database: postgres -postgresql_locale: en_US.UTF-8 - -__postgresql_package_name: - debian: - - "postgresql-{{ postgresql_release }}" - - "postgresql-client-{{ postgresql_release }}" - redhat: - - "postgresql{{ postgresql_release }}-server" - - "postgresql{{ postgresql_release }}" - - "glibc-langpack-{{ postgresql_locale | regex_replace('_.*', '') }}" -__postgresql_service_name: - debian: "postgresql@{{ postgresql_release }}-main" - redhat: "postgresql-{{ postgresql_release }}" -__postgresql_bindir: - redhat: "/usr/pgsql-{{ postgresql_release }}/bin" - debian: "/usr/lib/postgresql/{{ postgresql_release }}/bin" -__postgresql_configfile: - redhat: "{{ postgresql_datadir }}/postgresql.conf" - debian: "/etc/postgresql/{{ postgresql_release }}/main/postgresql.conf" - -__postgresql_os_search: - - "{{ ansible_distribution | lower }}-{{ ansible_distribution_release | lower }}" - - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version }}" - - "{{ ansible_distribution | lower }}" - - "{{ ansible_os_family | lower }}" - - "default" diff --git a/defaults/main/conf.yml b/defaults/main/conf.yml new file mode 100644 index 0000000..28b4d06 --- /dev/null +++ b/defaults/main/conf.yml @@ -0,0 +1,17 @@ +--- +__postgresql_conf_main: + redhat: "{{ postgresql_datadir }}/postgresql.conf" + debian: "/etc/postgresql/{{ postgresql_release }}/main/postgresql.conf" +__postgresql_conf_pgaudit: 10-pgaudit.conf +__postgresql_conf_pgcron: 20-pgcron.conf +__postgresql_conf_pgstat_statements: 30-pgstat_statements.conf +__postgresql_conf_local: 70-local.conf +__postgresql_conf_standby: 80-standby.conf +__postgresql_conf_ansible: 90-ansible.conf +__postgresql_conf_exclude: + - "{{ __postgresql_conf_pgaudit }}" + - "{{ __postgresql_conf_pgcron }}" + - "{{ __postgresql_conf_pgstat_statements }}" + - "{{ __postgresql_conf_local }}" + - "{{ __postgresql_conf_ansible }}" + - "{{ __postgresql_conf_standby }}" diff --git a/defaults/main/package.yml b/defaults/main/package.yml new file mode 100644 index 0000000..e14031e --- /dev/null +++ b/defaults/main/package.yml @@ -0,0 +1,24 @@ +--- +__postgresql_os_search: + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_release | lower }}" + - "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version }}" + - "{{ ansible_distribution | lower }}" + - "{{ ansible_os_family | lower }}" + - "default" +__postgresql_package_name: + debian: + - "postgresql-{{ postgresql_release }}" + - "postgresql-client-{{ postgresql_release }}" + - "postgresql-{{ postgresql_release }}-pgaudit" + - "postgresql-{{ postgresql_release }}-cron" + redhat: + - "postgresql{{ postgresql_release }}-server" + - "postgresql{{ postgresql_release }}-contrib" + - "postgresql{{ postgresql_release }}" + - "pgaudit_{{ postgresql_release }}" + - "pg_cron_{{ postgresql_release }}" + - "glibc-langpack-{{ postgresql_locale | regex_replace('_.*', '') }}" + +__postgresql_bindir: + redhat: "/usr/pgsql-{{ postgresql_release }}/bin" + debian: "/usr/lib/postgresql/{{ postgresql_release }}/bin" diff --git a/defaults/main/params.yml b/defaults/main/params.yml new file mode 100644 index 0000000..cddbb5e --- /dev/null +++ b/defaults/main/params.yml @@ -0,0 +1,32 @@ +--- +postgresql_release: 16 +postgresql_package_state: present +postgresql_service_state: started +postgresql_service_enabled: true +postgresql_user: postgres +postgresql_group: postgres +postgresql_datadir: "/var/lib/postgresql/data" +postgresql_roles: [] +postgresql_databases: [] +postgresql_auth_method: md5 # [ scram-sha-256 | md5 ] +postgresql_default_database: postgres +postgresql_locale: en_US.UTF-8 +postgresql_hba_entries: + - type: local + databases: all + users: postgres + method: peer + - type: local + databases: all + users: all + method: peer + - type: host + databases: all + users: all + address: '127.0.0.1/32' + method: "{{ postgresql_auth_method }}" + - type: host + databases: all + users: all + address: '::1/128' + method: "{{ postgresql_auth_method }}" diff --git a/defaults/main/pgaudit.yml b/defaults/main/pgaudit.yml new file mode 100644 index 0000000..e57c127 --- /dev/null +++ b/defaults/main/pgaudit.yml @@ -0,0 +1,22 @@ +--- +postgresql_conf_pgaudit_log: 'ALL' +postgresql_conf_pgaudit_log_catalog: 'off' +postgresql_conf_pgaudit_log_client: 'off' +postgresql_conf_pgaudit_log_level: 'log' +postgresql_conf_pgaudit_log_parameter: 'off' +postgresql_conf_pgaudit_log_parameter_max_size: 0 +postgresql_conf_pgaudit_log_relation: 'off' +postgresql_conf_pgaudit_log_rows: 'off' +postgresql_conf_pgaudit_log_statement: 'on' +postgresql_conf_pgaudit_log_statement_once: 'off' +postgresql_conf_pgaudit: | + pgaudit.log = '{{ postgresql_conf_pgaudit_log }}' + pgaudit.log_catalog = '{{ postgresql_conf_pgaudit_log_catalog }}' + pgaudit.log_clent = '{{ postgresql_conf_pgaudit_log_client }}' + pgaudit.log_level = '{{ postgresql_conf_pgaudit_log_level }}' + pgaudit.log_parameter = '{{ postgresql_conf_pgaudit_log_parameter }}' + pgaudit.log_parameter_max_size = {{ postgresql_conf_pgaudit_log_parameter_max_size }} + pgaudit.log_relation = '{{ postgresql_conf_pgaudit_log_relation }}' + pgaudit.log_rows = '{{ postgresql_conf_pgaudit_log_rows }}' + pgaudit.log_statement = '{{ postgresql_conf_pgaudit_log_statement }}' + pgaudit.log_statement_once = '{{ postgresql_conf_pgaudit_log_statement_once }}' diff --git a/defaults/main/pgcron.yml b/defaults/main/pgcron.yml new file mode 100644 index 0000000..b88dacc --- /dev/null +++ b/defaults/main/pgcron.yml @@ -0,0 +1,7 @@ +--- +postgresql_conf_pgcron_database_name: 'postgres' +postgresql_conf_pgcron_timezone: 'GMT' + +postgresql_conf_pgcron: | + cron.database_name = '{{ postgresql_conf_pgcron_database_name }}' + cron.timezone = '{{ postgresql_conf_pgcron_timezone }}' diff --git a/defaults/main/pgstat_statements.yml b/defaults/main/pgstat_statements.yml new file mode 100644 index 0000000..aa6da15 --- /dev/null +++ b/defaults/main/pgstat_statements.yml @@ -0,0 +1,9 @@ +--- +postgresql_conf_compute_query_id: 'on' +postgresql_conf_pgstat_statements_max: 1000 +postgresql_conf_pgstat_statements_track: 'all' + +postgresql_conf_pgstat_statements: | + compute_query_id = '{{ postgresql_conf_compute_query_id }}' + pg_stat_statements.max = {{ postgresql_conf_pgstat_statements_max }} + pg_stat_statements.track = '{{ postgresql_conf_pgstat_statements_track }}' diff --git a/defaults/main/service.yml b/defaults/main/service.yml new file mode 100644 index 0000000..0cf1ca1 --- /dev/null +++ b/defaults/main/service.yml @@ -0,0 +1,4 @@ +--- +__postgresql_service_name: + debian: "postgresql@{{ postgresql_release }}-main" + redhat: "postgresql-{{ postgresql_release }}" diff --git a/handlers/main.yml b/handlers/main.yml index 923b977..56f8f2c 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: Restart PostgreSQL +- name: Reload PostgreSQL ansible.builtin.service: name: "{{ _postgresql_service_name }}" state: "reloaded" diff --git a/molecule/common/verify.yml b/molecule/common/verify.yml index 2cb9f0a..33c2e09 100644 --- a/molecule/common/verify.yml +++ b/molecule/common/verify.yml @@ -77,6 +77,8 @@ filter: - "databases" - "roles" + become: true + become_user: postgres register: postgresql_info - name: Verify requested databases @@ -111,3 +113,34 @@ loop_control: label: "{{ item.name }}" loop: "{{ postgresql_roles | default([]) | selectattr('groups', 'defined') }}" + + - name: Query registered extensions + community.postgresql.postgresql_query: + query: "SELECT extname FROM pg_extension" + db: postgres + become: true + become_user: postgres + register: _extension_query + + - name: Set extension facts + ansible.builtin.set_fact: + _registered_extensions: "{{ _registered }}" + _missing_extensions: "{{ _missing }}" + vars: + _registered: "{{ _extension_query.query_result | map(attribute='extname') }}" + _expected: + - pgaudit + - pg_cron + - pg_stat_statements + _missing: "{{ _expected | difference(_registered) }}" + + - name: Verify registered extensions + block: + - name: Check registrations + ansible.builtin.assert: + that: _missing_extensions | length == 0 + + rescue: + - name: Debug failed extensions + ansible.builtin.fail: + msg: "Unable to find extensions [{{ ', '.join(_missing_extensions) }}]" diff --git a/molecule/databases/molecule.yml b/molecule/databases/molecule.yml index 3b6208b..2304e7e 100644 --- a/molecule/databases/molecule.yml +++ b/molecule/databases/molecule.yml @@ -24,6 +24,7 @@ provisioner: prepare: ../common/prepare.yml converge: ../common/converge.yml verify: ../common/verify.yml + side_effect: ../common/converge.yml config_options: defaults: callbacks_enabled: ansible.posix.profile_tasks diff --git a/molecule/install/molecule.yml b/molecule/install/molecule.yml index 044e949..6d9d771 100644 --- a/molecule/install/molecule.yml +++ b/molecule/install/molecule.yml @@ -24,6 +24,7 @@ provisioner: prepare: ../common/prepare.yml converge: ../common/converge.yml verify: ../common/verify.yml + side_effect: ../common/converge.yml verifier: name: ansible scenario: diff --git a/tasks/configure.yml b/tasks/configure.yml index d9e647f..f2149c2 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -31,7 +31,7 @@ ansible.builtin.command: cmd: localectl set-locale LANG={{ postgresql_locale }} when: postgresql_locale != _locale_config - changed_when: postgresql_locale != _locale_config + changed_when: false - name: Create PostgreSQL data directory ansible.builtin.file: @@ -50,35 +50,86 @@ - name: Create PostgreSQL include directory ansible.builtin.file: - path: "{{ _postgresql_includedir }}" + path: "{{ _postgresql_conf_include }}" state: directory owner: "{{ postgresql_user }}" group: "{{ postgresql_group }}" mode: 0755 -- name: Manage PostgreSQL include config +- name: Manage PostgreSQL ansible include config ansible.builtin.copy: - dest: "{{ _postgresql_includefile }}" - content: "{{ postgresql_conf }}" + dest: "{{ _postgresql_conf_ansible }}" + content: "{{ postgresql_conf_ansible }}" owner: "{{ postgresql_user }}" group: "{{ postgresql_group }}" mode: 0644 - when: postgresql_conf is defined + when: postgresql_conf_ansible is defined + notify: postgresql_reload -- name: Destroy PostgreSQL include config +- name: Destroy PostgreSQL ansible include config ansible.builtin.file: - path: "{{ _postgresql_includefile }}" + path: "{{ _postgresql_conf_ansible }}" state: absent - when: postgresql_conf is not defined + when: postgresql_conf_ansible is not defined + notify: postgresql_reload + +- name: Create PostgreSQL local config + ansible.builtin.file: + path: "{{ _postgresql_conf_local }}" + state: touch + modification_time: preserve + owner: "{{ postgresql_user }}" + group: "{{ postgresql_group }}" + mode: 0644 + changed_when: false + +- name: Create PostgreSQL standby config + ansible.builtin.file: + path: "{{ _postgresql_conf_standby }}" + state: touch + modification_time: preserve + owner: "{{ postgresql_user }}" + group: "{{ postgresql_group }}" + mode: 0644 + changed_when: false + +- name: Manage PostgreSQL hba config + community.postgresql.postgresql_pg_hba: + dest: "{{ _postgresql_conf_hba }}" + contype: "{{ item.type }}" + databases: "{{ item.databases }}" + users: "{{ item.users }}" + source: "{{ item.address | default(omit) }}" + method: "{{ item.method }}" + create: "{{ postgresql_hba_manage | default(true) }}" + owner: "{{ postgresql_user }}" + group: "{{ postgresql_group }}" + loop: "{{ postgresql_hba_entries }}" + loop_control: + label: "{{ item.type }} {{ item.databases }} {{ item.users }} {{ item.method }}" + notify: postgresql_reload - name: Manage PostgreSQL main config ansible.builtin.template: src: postgres.conf.j2 - dest: "{{ _postgresql_configfile }}" + dest: "{{ _postgresql_conf_main }}" owner: "{{ postgresql_user }}" group: "{{ postgresql_group }}" + backup: true mode: 0644 - notify: postgresql_reload + notify: postgresql_restart + +- name: List PostgreSQL alien config files + ansible.builtin.find: + path: "{{ _postgresql_conf_include }}" + exclude: "{{ _postgresql_conf_exclude }}" + recurse: false + register: _query_includes + +- name: Drop PostgreSQL alien config files + ansible.builtin.file: + path: "{{ item }}" + loop: "{{ _query_includes.files | map(attribute='path') }}" - name: Manage PostgreSQL service configuration when: ansible_os_family == 'RedHat' @@ -105,6 +156,3 @@ group: root mode: 0644 notify: daemon_reload - - - name: Flush handlers - ansible.builtin.meta: flush_handlers diff --git a/tasks/databases.yml b/tasks/databases.yml index 2c31757..96e0e29 100644 --- a/tasks/databases.yml +++ b/tasks/databases.yml @@ -9,7 +9,6 @@ lc_ctype: "{{ item.lc_ctype | default('en_US.UTF-8') }}" encoding: "{{ item.encoding | default('UTF-8') }}" template: "{{ item.template | default('template0') }}" - login_host: "{{ item.login_host | default('localhost') }}" port: "{{ item.port | default(omit) }}" owner: "{{ item.owner | default(postgresql_user) }}" state: "{{ item.state | default('present') }}" @@ -28,7 +27,6 @@ schema: "{{ _role.schema | default(omit) }}" type: "{{ _role.type | default(omit) }}" grant_option: "{{ _role.grant_option | default(omit) }}" - login_host: "{{ _database.login_host | default('localhost') }}" session_role: "{{ _database.session_role | default(omit) }}" ssl_mode: "{{ _database.ssl_mode | default(omit) }}" state: "{{ _role.state | default('present') }}" diff --git a/tasks/extensions.yml b/tasks/extensions.yml new file mode 100644 index 0000000..2dd869a --- /dev/null +++ b/tasks/extensions.yml @@ -0,0 +1,9 @@ +--- +- name: Manage pgaudit extension + ansible.builtin.include_tasks: pgaudit.yml + +- name: Manage pgcron extension + ansible.builtin.include_tasks: pgcron.yml + +- name: Manage pgstat_statements extension + ansible.builtin.include_tasks: pgstat_statements.yml diff --git a/tasks/main.yml b/tasks/main.yml index 569ddf4..7071555 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -11,8 +11,14 @@ - name: Manage PostgreSQL services ansible.builtin.include_tasks: service.yml +- name: Flush handlers + ansible.builtin.meta: flush_handlers + - name: Manage PostgreSQL roles ansible.builtin.include_tasks: roles.yml - name: Manage PostgreSQL databases ansible.builtin.include_tasks: databases.yml + +- name: Manage PostgreSQL extensions + ansible.builtin.include_tasks: extensions.yml diff --git a/tasks/pgaudit.yml b/tasks/pgaudit.yml new file mode 100644 index 0000000..f42c714 --- /dev/null +++ b/tasks/pgaudit.yml @@ -0,0 +1,37 @@ +--- +- name: Manage PostgreSQL pgaudit include config + ansible.builtin.copy: + dest: "{{ _postgresql_conf_pgaudit }}" + content: "{{ postgresql_conf_pgaudit }}" + owner: "{{ postgresql_user }}" + group: "{{ postgresql_group }}" + mode: 0644 + when: postgresql_conf_pgaudit is defined + notify: postgresql_reload + +- name: Destroy PostgreSQL pgaudit include config + ansible.builtin.file: + path: "{{ _postgresql_conf_pgaudit }}" + state: absent + when: postgresql_conf_pgaudit is not defined + notify: postgresql_reload + +- name: Query pgaudit extension + community.postgresql.postgresql_query: + query: "SELECT * FROM pg_extension WHERE extname = 'pgaudit'" + db: postgres + become: true + become_user: "{{ postgresql_user }}" + register: _extension_query + changed_when: false + +- name: Query pgaudit extension + community.postgresql.postgresql_query: + query: "CREATE EXTENSION pgaudit" + db: postgres + become: true + become_user: "{{ postgresql_user }}" + when: _extension_query.rowcount == 0 + +- name: Flush handlers + ansible.builtin.meta: flush_handlers diff --git a/tasks/pgcron.yml b/tasks/pgcron.yml new file mode 100644 index 0000000..86e77d3 --- /dev/null +++ b/tasks/pgcron.yml @@ -0,0 +1,34 @@ +--- +- name: Manage PostgreSQL pgcron include config + ansible.builtin.copy: + dest: "{{ _postgresql_conf_pgcron }}" + content: "{{ postgresql_conf_pgcron }}" + owner: "{{ postgresql_user }}" + group: "{{ postgresql_group }}" + mode: 0644 + when: postgresql_conf_pgcron is defined + notify: postgresql_reload + +- name: Destroy PostgreSQL pgcron include config + ansible.builtin.file: + path: "{{ _postgresql_conf_pgcron }}" + state: absent + when: postgresql_conf_pgcron is not defined + notify: postgresql_reload + +- name: Query pgcron extension + community.postgresql.postgresql_query: + query: "SELECT * FROM pg_extension WHERE extname = 'pg_cron'" + db: postgres + become: true + become_user: "{{ postgresql_user }}" + register: _extension_query + changed_when: false + +- name: Deploy pgcron extension + community.postgresql.postgresql_query: + query: "CREATE EXTENSION pg_cron" + db: postgres + become: true + become_user: "{{ postgresql_user }}" + when: _extension_query.rowcount == 0 diff --git a/tasks/pgstat_statements.yml b/tasks/pgstat_statements.yml new file mode 100644 index 0000000..de14abb --- /dev/null +++ b/tasks/pgstat_statements.yml @@ -0,0 +1,37 @@ +--- +- name: Manage PostgreSQL pgstat_statements include config + ansible.builtin.copy: + dest: "{{ _postgresql_conf_pgstat_statements }}" + content: "{{ postgresql_conf_pgstat_statements }}" + owner: "{{ postgresql_user }}" + group: "{{ postgresql_group }}" + mode: 0644 + when: postgresql_conf_pgstat_statements is defined + notify: postgresql_reload + +- name: Destroy PostgreSQL pgstat_statements include config + ansible.builtin.file: + path: "{{ _postgresql_conf_pgstat_statements }}" + state: absent + when: postgresql_conf_pgstat_statements is not defined + notify: postgresql_reload + +- name: Query pgstat_statements extension + community.postgresql.postgresql_query: + query: "SELECT * FROM pg_extension WHERE extname = 'pg_stat_statements'" + db: postgres + become: true + become_user: "{{ postgresql_user }}" + register: _extension_query + changed_when: false + +- name: Deploy pgstat_statements extension + community.postgresql.postgresql_query: + query: "CREATE EXTENSION pg_stat_statements" + db: postgres + become: true + become_user: "{{ postgresql_user }}" + when: _extension_query.rowcount == 0 + +- name: Flush handlers + ansible.builtin.meta: flush_handlers diff --git a/tasks/roles.yml b/tasks/roles.yml index 780defe..840a5c5 100644 --- a/tasks/roles.yml +++ b/tasks/roles.yml @@ -3,7 +3,6 @@ community.postgresql.postgresql_user: name: "{{ item.name }}" password: "{{ item.password | default(omit) }}" - login_host: "{{ item.login_host | default('localhost') }}" no_password_changes: "{{ item.no_password_changes | default(omit) }}" expires: "{{ item.expires | default(omit) }}" role_attr_flags: "{{ item.role_attr_flags | default(omit) }}" @@ -19,7 +18,6 @@ - name: Manage PostgreSQL role group memberships community.postgresql.postgresql_membership: db: "{{ _role.database | default(postgresql_default_database) }}" - login_host: "{{ _role.login_host | default('localhost') }}" state: "{{ _group_state | default('present') }}" group: "{{ _group_name }}" target_role: "{{ _role.name }}" diff --git a/tasks/vars.yml b/tasks/vars.yml index 92261ab..4cbf64b 100644 --- a/tasks/vars.yml +++ b/tasks/vars.yml @@ -3,20 +3,26 @@ ansible.builtin.set_fact: _postgresql_package_name: "{{ postgresql_package_name | default(_default_package) }}" _postgresql_service_name: "{{ postgresql_service_name | default(_default_service) }}" - _postgresql_configfile: "{{ _default_configfile }}" - _postgresql_includedir: "{{ _includedir }}" - _postgresql_includefile: "{{ _includedir }}/zz_ansible.conf" - _postgresql_bindir: "{{ __postgresql_bindir | nephelaiio.plugins.sorted_get(_default_search) }}" + _postgresql_bindir: "{{ __postgresql_bindir | nephelaiio.plugins.sorted_get(_conf_search) }}" _postgresql_datadir: "{{ postgresql_datadir }}" - _postgresql_hba: "{{ postgresql_datadir }}/pg_hba.conf" - _postgresql_ident: "{{ postgresql_datadir }}/pg_ident.conf" _postgresql_pgoptions: "{{ (_auth_method == _auth_scram_sha256) | ternary(_auth_scram_option, '') }}" + _postgresql_conf_include: "{{ _conf_include }}" + _postgresql_conf_main: "{{ _conf_main }}" + _postgresql_conf_hba: "{{ postgresql_datadir }}/pg_hba.conf" + _postgresql_conf_ident: "{{ postgresql_datadir }}/pg_ident.conf" + _postgresql_conf_ansible: "{{ _conf_include }}/{{ __postgresql_conf_ansible }}" + _postgresql_conf_pgaudit: "{{ _conf_include }}/{{ __postgresql_conf_pgaudit }}" + _postgresql_conf_pgcron: "{{ _conf_include }}/{{ __postgresql_conf_pgcron }}" + _postgresql_conf_pgstat_statements: "{{ _conf_include }}/{{ __postgresql_conf_pgstat_statements }}" + _postgresql_conf_standby: "{{ _conf_include }}/{{ __postgresql_conf_standby }}" + _postgresql_conf_local: "{{ _conf_include }}/{{ __postgresql_conf_local }}" + _postgresql_conf_exclude: "{{ __postgresql_conf_exclude }}" vars: - _default_search: "{{ __postgresql_os_search }}" - _default_package: "{{ __postgresql_package_name | nephelaiio.plugins.sorted_get(_default_search) }}" - _default_service: "{{ __postgresql_service_name | nephelaiio.plugins.sorted_get(_default_search) }}" - _default_configfile: "{{ __postgresql_configfile | nephelaiio.plugins.sorted_get(_default_search) }}" - _includedir: "{{ postgresql_datadir }}/conf.d" + _default_package: "{{ __postgresql_package_name | nephelaiio.plugins.sorted_get(_conf_search) }}" + _default_service: "{{ __postgresql_service_name | nephelaiio.plugins.sorted_get(_conf_search) }}" + _conf_search: "{{ __postgresql_os_search }}" + _conf_include: "{{ postgresql_datadir }}/conf.d" + _conf_main: "{{ __postgresql_conf_main | nephelaiio.plugins.sorted_get(_conf_search) }}" _auth_scram_sha256: "scram-sha-256" _auth_scram_option: '-c password_encryption={{ _auth_scram_sha256 }}' _auth_method: "{{ postgresql_auth_method }}" diff --git a/templates/postgres.conf.j2 b/templates/postgres.conf.j2 index bde72dd..58d5e0f 100644 --- a/templates/postgres.conf.j2 +++ b/templates/postgres.conf.j2 @@ -1,5 +1,7 @@ -include_dir = '{{ _postgresql_includedir | basename }}' +include_dir = '{{ _postgresql_conf_include | basename }}' data_directory = '{{ _postgresql_datadir }}' -hba_file = '{{ _postgresql_hba }}' -ident_file = '{{ _postgresql_ident }}' +hba_file = '{{ _postgresql_conf_hba }}' +ident_file = '{{ _postgresql_conf_ident }}' + +shared_preload_libraries = 'pgaudit,pg_cron,pg_stat_statements'