Last active
August 9, 2018 11:43
-
-
Save tumainimosha/c94f716dac856186475d5156b1efb8e9 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # Example Ansible playbook that uses the PostgreSQL module. | |
| # | |
| # This installs PostgreSQL on an Ubuntu system, creates a database called | |
| # "app" and a user called "app" with password "secret" | |
| # with access to the "app" database. | |
| # | |
| --- | |
| - hosts: appBackend | |
| become: yes | |
| gather_facts: no | |
| tasks: | |
| - name: ensure apt cache is up to date | |
| apt: update_cache=yes | |
| - name: ensure packages are installed | |
| apt: name={{item}} | |
| with_items: | |
| - postgresql | |
| - libpq-dev | |
| - python-psycopg2 | |
| - hosts: appBackend | |
| become: yes | |
| become_user: postgres | |
| gather_facts: no | |
| vars: | |
| dbname: app | |
| dbuser: app_usr | |
| dbpassword: secret | |
| tasks: | |
| - name: ensure database is created | |
| postgresql_db: name={{dbname}} | |
| - name: ensure user has access to database | |
| postgresql_user: db={{dbname}} name={{dbuser}} password={{dbpassword}} priv=ALL | |
| - name: ensure user does not have unnecessary privilege | |
| postgresql_user: name={{dbuser}} role_attr_flags=NOSUPERUSER,NOCREATEDB | |
| - name: ensure no other user can access the database | |
| postgresql_privs: db={{dbname}} role=PUBLIC type=database priv=ALL state=absent |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment