From 187120291a40ba1d7054eaee2475ecbc307ae5e1 Mon Sep 17 00:00:00 2001 From: ace Date: Fri, 10 Feb 2023 00:49:13 +0300 Subject: [PATCH] add rhel 9 and debian 11 support --- README.md | 5 +++- defaults/main.yaml | 22 +++++++------- handlers/main.yaml | 7 +++-- tasks/Debian/config.yaml | 40 +++++++++++++++++++++++++ tasks/Debian/install.yaml | 55 ++++++++++++++++++++++++++++++++++ tasks/Debian/main.yaml | 47 ++++++++--------------------- tasks/{ => RedHat}/config.yaml | 6 ++-- tasks/RedHat/main.yaml | 15 +++++++--- tasks/{RedHat => }/cacert.yaml | 41 +++++++++++++++++++++---- tasks/locale.yaml | 42 ++++++++++++++++++++++++++ tasks/main.yaml | 16 ++++++---- tasks/user.yaml | 11 ++----- vars/Debian-11.yaml | 24 +++++++++++++++ vars/Debian.yaml | 10 ------- vars/RedHat-8.yaml | 14 +++++++++ vars/RedHat-9.yaml | 14 +++++++++ vars/RedHat.yaml | 4 --- vars/main.yaml | 4 ++- 18 files changed, 285 insertions(+), 92 deletions(-) create mode 100644 tasks/Debian/config.yaml create mode 100644 tasks/Debian/install.yaml rename tasks/{ => RedHat}/config.yaml (83%) rename tasks/{RedHat => }/cacert.yaml (73%) create mode 100644 tasks/locale.yaml create mode 100644 vars/Debian-11.yaml delete mode 100644 vars/Debian.yaml create mode 100644 vars/RedHat-8.yaml create mode 100644 vars/RedHat-9.yaml delete mode 100644 vars/RedHat.yaml diff --git a/README.md b/README.md index 694683b..ee39290 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,7 @@ -Setup PostgreSQL for RHEL8 +Setup PostgreSQL +Supported OS: + - RHEL 8/9 + - Debian 11 Supported PostgreSQL versions: - 13 - 14 diff --git a/defaults/main.yaml b/defaults/main.yaml index 8a283aa..88cdddb 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -1,19 +1,22 @@ -postgresql_version: "14.6" +postgresql_version: "15.2" # Options +postgresql_superuser_db: "postgres" +postgresql_superuser_name: "postgres" postgresql_superuser_password: "postgres" # SSL options -postgresql_ssl: yes -postgresql_ssl_path: "/var/lib/pgsql/{{ postgresql_major_version }}" -postgresql_self_signed_cert: yes +postgresql_ssl: true +postgresql_group: "postgresql" +postgresql_self_signed_cert: true postgresql_self_signed_cert_name: "cert" ## Backup options -postgresql_wal_g_install: no +postgresql_wal_g_install: false postgresql_password_encryption_algorithm: "scram-sha-256" postgresql_default_parameters: + data_directory: '{{ postgresql_data_dir }}' listen_addresses: '*' max_connections: '1000' superuser_reserved_connections: '5' @@ -37,10 +40,10 @@ postgresql_default_parameters: log_timezone: 'Europe/Moscow' datestyle: 'iso, mdy' timezone: 'Europe/Moscow' - lc_messages: 'en_US.UTF-8' - lc_monetary: 'en_US.UTF-8' - lc_numeric: 'en_US.UTF-8' - lc_time: 'en_US.UTF-8' + lc_messages: '{{ postgresql_system_locale | default("en_US.UTF-8") }}' + lc_monetary: '{{ postgresql_system_locale | default("en_US.UTF-8") }}' + lc_numeric: '{{ postgresql_system_locale | default("en_US.UTF-8") }}' + lc_time: '{{ postgresql_system_locale | default("en_US.UTF-8") }}' default_text_search_config: 'pg_catalog.english' password_encryption: '{{ postgresql_password_encryption_algorithm }}' @@ -55,4 +58,3 @@ postgresql_supported_versions: - 13 - 14 - 15 - diff --git a/handlers/main.yaml b/handlers/main.yaml index 03ec50e..cf448e6 100644 --- a/handlers/main.yaml +++ b/handlers/main.yaml @@ -2,8 +2,9 @@ - name: Restart PostgreSQL throttle: 1 ansible.builtin.systemd: + name: "{{ postgresql_unit_name }}" state: restarted daemon_reload: yes - name: "postgresql-{{ postgresql_major_version }}" - when: "not postgresql_setup.changed or not postgresql_enable_and_start.changed" - + when: + - not postgresql_setup.changed + - not postgresql_enable_and_start.changed diff --git a/tasks/Debian/config.yaml b/tasks/Debian/config.yaml new file mode 100644 index 0000000..bdc0c1a --- /dev/null +++ b/tasks/Debian/config.yaml @@ -0,0 +1,40 @@ +--- +- name: Merge user options for PostgreSQL config + set_fact: + postgresql_combined_parameters: "{{ postgresql_default_parameters | combine(postgresql_custom_parameters|default({}), recursive=true) }}" + +- name: Merge backup options for PostgreSQL config + set_fact: + postgresql_combined_parameters: "{{ postgresql_combined_parameters | combine(postgresql_backup_parameters|default({}), recursive=true) }}" + when: + +- name: Propagate PostgreSQL configs + block: + - name: Template PostgreSQL pg_hba configuration + template: + src: "{{ postgresql_major_version }}-pg_hba.conf.j2" + dest: "{{ postgresql_config_dir }}/{{ postgresql_major_version }}/{{ postgresql_cluster_name }}/pg_hba.conf" + mode: 0600 + owner: postgres + group: postgres + register: pg_hba_config_file + notify: Restart PostgreSQL + - name: Template PostgreSQL configuration + template: + src: "{{ postgresql_major_version }}-postgresql.conf.j2" + dest: "{{ postgresql_config_dir }}/{{ postgresql_major_version }}/{{ postgresql_cluster_name }}/postgresql.conf" + mode: 0600 + owner: postgres + group: postgres + register: postgresql_config_file + notify: Restart PostgreSQL + - name: Template PostgreSQL SSL configuration + template: + src: "{{ postgresql_major_version }}-postgresql.ssl.conf.j2" + dest: "{{ postgresql_config_dir }}/{{ postgresql_major_version }}/{{ postgresql_cluster_name }}/postgresql.ssl.conf" + mode: 0600 + owner: postgres + group: postgres + register: postgresql_ssl_config_file + notify: Restart PostgreSQL + when: postgresql_ssl diff --git a/tasks/Debian/install.yaml b/tasks/Debian/install.yaml new file mode 100644 index 0000000..b510454 --- /dev/null +++ b/tasks/Debian/install.yaml @@ -0,0 +1,55 @@ +- name: Install deps packages + apt: + name: "{{ postgresql_deps_packages }}" + state: present + update_cache: yes + +- name: Add gpg keys for PostgreSQL repo + ansible.builtin.apt_key: + url: "{{ item.url }}" + keyring: "{{ item.keyring }}" + loop: "{{ postgresql_apt_key }}" + +- name: Add PostgreSQL repository + ansible.builtin.apt_repository: + repo: "{{ item.repo }}" + state: present + filename: "{{ item.filename }}" + update_cache: yes + loop: "{{ postgresql_apt_repository }}" + +- name: Gather packages + package_facts: + manager: auto + +- name: Set fact about PostgreSQL package + set_fact: + postgresql_installed_package: "{{ ansible_facts.packages[postgresql_package_name][0]['name'] }}" + when: postgresql_package_name in ansible_facts.packages + +- debug: + msg: "{{ ansible_facts.packages[postgresql_package_name][0]['version'] }}" + when: postgresql_installed_package is defined + +- name: Mask PostgreSQL before install + ansible.builtin.systemd: + name: "{{ postgresql_unit_name }}" + masked: yes + when: postgresql_package_name not in ansible_facts.packages or ansible_facts.packages[postgresql_package_name][0]['version'] != (postgresql_version + "-" + postgresql_version_build) + +- name: "Install {{ postgresql_package_name }}-{{ postgresql_version }}-{{ postgresql_version_build }}" + apt: + name: "{{ postgresql_package }}" + update_cache: yes + register: postgresql_setup + when: postgresql_package_name not in ansible_facts.packages + +- name: "Update {{ postgresql_package_name }}-{{ postgresql_version }}-{{ postgresql_version_build }}" + apt: + name: "{{ postgresql_package }}" + update_cache: yes + register: postgresql_update + notify: Restart PostgreSQL + when: + - postgresql_package_name in ansible_facts.packages + - ansible_facts.packages[postgresql_package_name][0]['version'] != (postgresql_version + "-" + postgresql_version_build) diff --git a/tasks/Debian/main.yaml b/tasks/Debian/main.yaml index 09e55c8..fc25bd0 100644 --- a/tasks/Debian/main.yaml +++ b/tasks/Debian/main.yaml @@ -1,37 +1,14 @@ -- name: Add gpg package - apt: - name: gpg +- name: "Install PostgreSQL" + include_tasks: install.yaml + tags: postgresql_installation -- name: Add gpg keys for postgresql - ansible.builtin.apt_key: - url: "{{ item.url }}" - keyring: "{{ item.keyring }}" - loop: "{{ postgresql_apt_key }}" +- name: "Configure PostgreSQL" + include_tasks: config.yaml + tags: postgresql_configuration -- name: Add Hashicorp repository - apt_repository: - repo: "{{ item.repo }}" - state: present - filename: "{{ item.filename }}" - update_cache: yes - loop: "{{ postgresql_apt_repository }}" - -- name: Check if Patroni is installed - ansible.builtin.shell: dpkg-query -l {{ postgresql_package_name }} 2>&1 | grep {{ postgresql_version }} - ignore_errors: True - register: is_postgresql - changed_when: is_postgresql.rc != 0 - failed_when: False - -- name: Mask Patroni before install - ansible.builtin.systemd: - name: "{{ postgresql_package_name }}" - masked: yes - when: is_postgresql.rc != 0 - -- name: "Install {{ postgresql_package_name }} {{ postgresql_version }}" - apt: - name: "{{ postgresql_package }}" - update_cache: yes - register: postgresql_setup - when: is_postgresql.rc != 0 +- name: "PostgreSQL initdb" + become_user: "{{ postgresql_superuser_name }}" + shell: "/usr/lib/postgresql/{{ postgresql_major_version }}/bin/initdb -D {{ postgresql_data_dir }} --auth-local peer --auth-host {{ postgresql_password_encryption_algorithm }} --no-instructions" + register: initdb + changed_when: "'exists but is not empty' not in initdb.stderr" + failed_when: false diff --git a/tasks/config.yaml b/tasks/RedHat/config.yaml similarity index 83% rename from tasks/config.yaml rename to tasks/RedHat/config.yaml index 4b7ab21..a0ee688 100644 --- a/tasks/config.yaml +++ b/tasks/RedHat/config.yaml @@ -13,7 +13,7 @@ - name: Template PostgreSQL pg_hba configuration template: src: "{{ postgresql_major_version }}-pg_hba.conf.j2" - dest: "/var/lib/pgsql/{{ postgresql_major_version }}/data/pg_hba.conf" + dest: "{{ postgresql_data_dir }}/pg_hba.conf" mode: 0600 owner: postgres group: postgres @@ -22,7 +22,7 @@ - name: Template PostgreSQL configuration template: src: "{{ postgresql_major_version }}-postgresql.conf.j2" - dest: "/var/lib/pgsql/{{ postgresql_major_version }}/data/postgresql.conf" + dest: "{{ postgresql_data_dir }}/postgresql.conf" mode: 0600 owner: postgres group: postgres @@ -31,7 +31,7 @@ - name: Template PostgreSQL SSL configuration template: src: "{{ postgresql_major_version }}-postgresql.ssl.conf.j2" - dest: "/var/lib/pgsql/{{ postgresql_major_version }}/data/postgresql.ssl.conf" + dest: "{{ postgresql_data_dir }}/postgresql.ssl.conf" mode: 0600 owner: postgres group: postgres diff --git a/tasks/RedHat/main.yaml b/tasks/RedHat/main.yaml index 5d8795e..3466302 100644 --- a/tasks/RedHat/main.yaml +++ b/tasks/RedHat/main.yaml @@ -1,7 +1,14 @@ +- name: Install deps packages + dnf: + name: "{{ postgresql_deps_packages }}" + state: present + - name: Disable PostgreSQL module shell: dnf module disable -y postgresql register: disable_postgresql_module changed_when: "'Nothing to do' not in disable_postgresql_module.stdout" + when: + - ansible_facts['distribution_major_version'] == '8' - name: Add PostgreSQL repository dnf: @@ -16,16 +23,16 @@ disable_gpg_check: yes register: postgresql_setup -- name: Manage TLS/SSL certificates - include_tasks: cacert.yaml - when: postgresql_ssl - - name: PostgreSQL Initdb shell: "/usr/pgsql-{{ postgresql_major_version }}/bin/postgresql-{{ postgresql_major_version }}-setup initdb" register: initdb changed_when: "'Data directory is not empty!' not in initdb.stdout" failed_when: false +- name: "Configure PostgreSQL" + include_tasks: config.yaml + tags: postgresql_configuration + - name: Include WAL-G role ansible.builtin.include_role: name: wal-g diff --git a/tasks/RedHat/cacert.yaml b/tasks/cacert.yaml similarity index 73% rename from tasks/RedHat/cacert.yaml rename to tasks/cacert.yaml index 393a2e9..a93a8c7 100644 --- a/tasks/RedHat/cacert.yaml +++ b/tasks/cacert.yaml @@ -1,3 +1,18 @@ +- name: "Add host to {{ postgresql_group }} group" + add_host: + groups: "{{ postgresql_group }}" + hostname: "{{ hostvars[item]['inventory_hostname'] }}" + ansible_host: "{{ hostvars[item]['ansible_host'] | default(omit) }}" + loop: "{{ ansible_play_hosts }}" + when: groups[postgresql_group] is not defined + changed_when: false + +- name: Install python3-cryptography as dependence + dnf: + name: python3-cryptography + state: present + when: ansible_facts['os_family'] == 'RedHat' + - name: Check if ssl dir exist file: name: "{{ postgresql_ssl_path }}" @@ -16,7 +31,7 @@ when: postgresql_cert is defined - name: Generate OpenSSL key and cert for PostgreSQL - when: "inventory_hostname == groups.postgresql|first" + when: "inventory_hostname == groups[postgresql_group]|first" block: - name: Generate an OpenSSL private CA key with the default values (4096 bits, RSA) community.crypto.openssl_privatekey: @@ -61,12 +76,26 @@ when: postgresql_cert is not defined register: postgresql_key_gen + - name: Generate PostgreSQL subject_alt_ips from ansible_host + set_fact: + postgresql_server_subject_alt_ips_from_ansible_host: "{{ groups[postgresql_group] | default([]) | map('extract', hostvars, ['ansible_host']) | map('regex_replace', '^', 'IP:') | list }}" + when: hostvars[inventory_hostname]['ansible_host'] is defined + + - name: Generate PostgreSQL subject_alt_ips from default ipv4 address + set_fact: + postgresql_server_subject_alt_ips: "{{ groups[postgresql_group] | default([]) | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | map('regex_replace', '^', 'IP:') | list }}" + when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] is defined + + - name: Generate PostgreSQL subject_alt_names + set_fact: + postgresql_server_subject_alt_names: "{{ groups[postgresql_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}" + - name: Generate an OpenSSL Certificate Signing Request for client community.crypto.openssl_csr: path: "{{ postgresql_ssl_path }}/{{ postgresql_self_signed_cert_name }}.csr" privatekey_path: "{{ postgresql_ssl_path }}/{{ postgresql_self_signed_cert_name }}.key" common_name: "{{ postgresql_self_signed_cert_name }}" - subject_alt_name: "{{ groups.postgresql | map('regex_replace', '^', 'IP:') | list }}" + subject_alt_name: "{{ postgresql_server_subject_alt_ips | default([]) + postgresql_server_subject_alt_names | default([]) + postgresql_agent_subject_alt_ips | default([]) + postgresql_agent_subject_alt_names | default([]) + postgresql_server_subject_alt_ips_from_ansible_host | default([]) + postgresql_agent_subject_alt_ips_from_ansible_host | default([]) }}" owner: postgres group: postgres register: postgresql_csr @@ -133,13 +162,13 @@ - name: Put PostgreSQL CA OpenSSL cert to PKI copy: content: "{{ postgresql_ca_cert }}" - dest: "/etc/pki/ca-trust/source/anchors/CA-{{ postgresql_self_signed_cert_name }}.crt" - register: ca_trust_anchors + dest: "{{ postgresql_ssl_ca_trust_dir }}/CA-{{ postgresql_self_signed_cert_name }}.crt" + register: ca_trust notify: Restart PostgreSQL - name: Update CA trust - shell: update-ca-trust extract - when: ca_trust_anchors.changed + shell: "{{ postgresql_ssl_update_ca_command }}" + when: ca_trust.changed - name: Put PostgreSQL OpenSSL key copy: diff --git a/tasks/locale.yaml b/tasks/locale.yaml new file mode 100644 index 0000000..43415f9 --- /dev/null +++ b/tasks/locale.yaml @@ -0,0 +1,42 @@ +- name: Install glibc-all-langpacks for RedHat + dnf: + name: glibc-all-langpacks + state: present + when: ansible_facts['os_family'] == 'RedHat' + +- name: Check if locale exists + shell: "locale -a | grep -i {{ postgresql_system_locale | regex_replace('-', '') | quote }}" + register: found_locale + changed_when: false + failed_when: false + +- name: Create locale + command: "localedef -i {{ postgresql_system_locale | regex_replace('(.*)\\..*', '\\1') | quote }} -f {{ postgresql_system_locale | regex_replace('.*\\.(.*)', '\\1') | quote }} {{ postgresql_system_locale | quote }}" + when: not ansible_check_mode and found_locale.rc != 0 + +- name: Check if language exists + shell: "locale -a | grep -i {{ postgresql_system_language | regex_replace('-', '') | quote }}" + register: found_language + changed_when: false + failed_when: false + +- name: Create language + command: "localedef -i {{ postgresql_system_language | regex_replace('(.*)\\..*', '\\1') | quote }} -f {{ postgresql_system_language | regex_replace('.*\\.(.*)', '\\1') | quote }} {{ postgresql_system_language | quote }}" + when: not ansible_check_mode and found_language.rc != 0 + +- name: Get current locale and language configuration + command: localectl status + register: locale_status + changed_when: false + +- name: Parse 'LANG' from current locale and language configuration + set_fact: + locale_lang: "{{ locale_status.stdout | regex_search('LANG=([^\n]+)', '\\1') | first }}" + +- name: Parse 'LANGUAGE' from current locale and language configuration + set_fact: + locale_language: "{{ locale_status.stdout | regex_search('LANGUAGE=([^\n]+)', '\\1') | default([locale_lang], true) | first }}" + +- name: Configure locale to '{{ postgresql_system_locale }}' and language to '{{ postgresql_system_language }}' + command: localectl set-locale LANG={{ postgresql_system_locale }} LANGUAGE={{ postgresql_system_language }} + changed_when: locale_lang != postgresql_system_locale or locale_language != postgresql_system_language diff --git a/tasks/main.yaml b/tasks/main.yaml index a77db19..fb65753 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -6,24 +6,28 @@ vars: params: files: - - "{{ ansible_facts['distribution'] }}.yaml" - - "{{ ansible_facts['os_family'] }}.yaml" + - "{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yaml" + - "{{ ansible_facts['os_family'] }}-{{ ansible_facts['distribution_major_version'] }}.yaml" paths: - "vars" tags: postgresql_vars +- name: "Set locale for PostgreSQL" + include_tasks: locale.yaml + tags: postgresql_locale + - name: "Install PostgreSQL for {{ ansible_facts['os_family'] }}" include_tasks: "{{ ansible_facts['os_family'] }}/main.yaml" tags: postgresql_setup -- name: "Configure PostgreSQL" - include_tasks: config.yaml - tags: postgresql_configuration +- name: "Manage TLS/SSL certificates" + include_tasks: cacert.yaml + when: postgresql_ssl - name: Enable and start PostgreSQL systemd: daemon_reload: true - name: "postgresql-{{ postgresql_major_version }}" + name: "{{ postgresql_unit_name }}" enabled: true state: started masked: no diff --git a/tasks/user.yaml b/tasks/user.yaml index f59c36c..87e9dc6 100644 --- a/tasks/user.yaml +++ b/tasks/user.yaml @@ -1,17 +1,10 @@ -- name: Ensure Python 3.9 and psycopg2 installed - dnf: - name: - - python39 - - python39-psycopg2 - state: present - - name: Set initial PostgreSQL user become: true become_user: postgres vars: ansible_python_interpreter: '/usr/bin/env python3' community.postgresql.postgresql_user: - db: "postgres" - name: "postgres" + db: "{{ postgresql_superuser_db }}" + name: "{{ postgresql_superuser_name }}" password: "{{ postgresql_superuser_password }}" state: present diff --git a/vars/Debian-11.yaml b/vars/Debian-11.yaml new file mode 100644 index 0000000..0f4148d --- /dev/null +++ b/vars/Debian-11.yaml @@ -0,0 +1,24 @@ +postgresql_apt_key: + - name: org.postgresql.gpg + url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc" + keyring: /etc/apt/trusted.gpg.d/org.postgresql.gpg +postgresql_apt_repository: + - repo: deb http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main + filename: postgresql + +postgresql_deps_packages: + - gnupg + - python3-psycopg2 + +postgresql_package_name: "postgresql-{{ postgresql_major_version }}" +postgresql_package: "{{ postgresql_package_name }}={{ postgresql_version }}-{{ postgresql_version_build }}" +postgresql_version_build: "1.pgdg110+1" +postgresql_config_dir: "/etc/postgresql" +postgresql_base_dir: "/var/lib/postgresql" +postgresql_data_dir: "{{ postgresql_base_dir }}/{{ postgresql_major_version }}/{{ postgresql_cluster_name }}" +postgresql_ssl_path: "{{ postgresql_config_dir }}/{{ postgresql_major_version }}/{{ postgresql_cluster_name }}" +postgresql_package_name_regex: "{{ postgresql_package_name }}-{{ postgresql_version }}-{{ postgresql_version_build }}" +postgresql_cluster_name: "main" +postgresql_ssl_update_ca_command: "update-ca-certificates --fresh" +postgresql_ssl_ca_trust_dir: "/usr/local/share/ca-certificates" +postgresql_unit_name: "postgresql@{{ postgresql_major_version}}-{{ postgresql_cluster_name }}" diff --git a/vars/Debian.yaml b/vars/Debian.yaml deleted file mode 100644 index a64927a..0000000 --- a/vars/Debian.yaml +++ /dev/null @@ -1,10 +0,0 @@ -postgresql_apt_key: - - name: org.postgresql.gpg - url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc" - keyring: /etc/apt/trusted.gpg.d/org.postgresql.gpg -postgresql_apt_repository: - - repo: deb http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main - filename: postgresql - -postgresql_package: "{{ postgresql_package_name }}-{{ postgresql_major_version }}={{ postgresql_version }}" -postgresql_home_dir: "/var/lib/postgresql" diff --git a/vars/RedHat-8.yaml b/vars/RedHat-8.yaml new file mode 100644 index 0000000..3956526 --- /dev/null +++ b/vars/RedHat-8.yaml @@ -0,0 +1,14 @@ +postgresql_repo_package: "https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm" + +postgresql_package_name: "postgresql" +postgresql_package: "{{ postgresql_package_name }}{{ postgresql_major_version }}-server-{{ postgresql_version }}" +postgresql_base_dir: "/var/lib/pgsql" +postgresql_data_dir: "{{ postgresql_base_dir }}/{{ postgresql_major_version }}/data" +postgresql_ssl_path: "{{ postgresql_base_dir }}/{{ postgresql_major_version }}" + +postgresql_ssl_update_ca_command: "update-ca-trust extract" +postgresql_ssl_ca_trust_dir: "/etc/pki/ca-trust/source/anchors" +postgresql_unit_name: "postgresql-{{ postgresql_major_version }}" +postgresql_deps_packages: + - python39 + - python39-psycopg2 diff --git a/vars/RedHat-9.yaml b/vars/RedHat-9.yaml new file mode 100644 index 0000000..545e66c --- /dev/null +++ b/vars/RedHat-9.yaml @@ -0,0 +1,14 @@ +postgresql_repo_package: "https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm" + +postgresql_package_name: "postgresql" +postgresql_package: "{{ postgresql_package_name }}{{ postgresql_major_version }}-server-{{ postgresql_version }}" +postgresql_base_dir: "/var/lib/pgsql" +postgresql_data_dir: "{{ postgresql_base_dir }}/{{ postgresql_major_version }}/data" +postgresql_ssl_path: "{{ postgresql_base_dir }}/{{ postgresql_major_version }}" + +postgresql_ssl_update_ca_command: "update-ca-trust extract" +postgresql_ssl_ca_trust_dir: "/etc/pki/ca-trust/source/anchors" +postgresql_unit_name: "postgresql-{{ postgresql_major_version }}" +postgresql_deps_packages: + - python3 + - python3-psycopg2 diff --git a/vars/RedHat.yaml b/vars/RedHat.yaml deleted file mode 100644 index 464ffbf..0000000 --- a/vars/RedHat.yaml +++ /dev/null @@ -1,4 +0,0 @@ -postgresql_repo_package: "https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm" - -postgresql_package: "{{ postgresql_package_name }}{{ postgresql_major_version }}-server-{{ postgresql_version }}" -postgresql_home_dir: "/var/lib/pgsql" diff --git a/vars/main.yaml b/vars/main.yaml index fefb5e4..65beb7e 100644 --- a/vars/main.yaml +++ b/vars/main.yaml @@ -1,3 +1,5 @@ -postgresql_package_name: "postgresql" postgresql_major_version: "{{ postgresql_version | split('.') | first }}" postgresql_minor_version: "{{ postgresql_version | split('.') | last }}" +postgresql_system_locale: "en_US.UTF-8" +postgresql_system_language: "{{ postgresql_system_locale }}" +