patroni/tasks/reset-password-after-restore.yaml

42 lines
1.4 KiB
YAML

---
- name: Reset {{ patroni_superuser_username }} password after restore
block:
- name: Wait for Patroni leader
vars:
_query: 'json.members[].role'
ansible.builtin.uri:
url: "{{ 'https://' if patroni_ssl else 'http://' }}{{ patroni_restapi_listen_address }}:{{ patroni_restapi_listen_port }}/cluster"
method: GET
body_format: json
status_code:
- 200
- 503
register: patroni_role
until: patroni_role | json_query(_query) | regex_findall('leader') | count > 0
retries: 100
delay: 10
- name: Get Patroni nodes roles
ansible.builtin.uri:
url: "{{ 'https://' if patroni_ssl else 'http://' }}{{ patroni_restapi_listen_address }}:{{ patroni_restapi_listen_port }}"
method: GET
body_format: json
status_code:
- 200
- 503
register: patroni_role
- name: Set fact about roles
set_fact:
role: "{{ patroni_role.json.role }}"
- name: Reset {{ patroni_superuser_username }} password after restore
become_user: "{{ patroni_user }}"
community.postgresql.postgresql_query:
db: "{{ patroni_superuser_db }}"
query: ALTER USER {{ patroni_superuser_username }} with password '{{ patroni_superuser_password }}';
when:
- "hostvars[inventory_hostname]['role'] == 'master'"
rescue:
- include_tasks: reset-password-after-restore.yaml