psql_install

1. ---
2. # postgres_install playbook
3. - hosts: rhel8
4.  
5.   tasks:
7.   - name: prepare postgres environment - create base directories
8.     file:
9.       path: "{{ postgres_base }}/{{ item }}"
10.       mode: 0750
11.       state: directory
12.       owner: "{{ ansible_postgres_user }}"
13.     become: yes
14.     become_user: "{{ ansible_postgres_user }}"
15.     loop:
16.      - bin
17.       - install
18.       - nrpe
19.       - tmp
20.       - tools
21.  
22.   - name: download artifacts - fetch {{ postgres_distribution }} from repo
23.     get_url:
24.       url: "{{ postgres_repo }}/{{ postgres_distribution }}"
25.       checksum: "sha512:{{ postgres_repo }}/{{ postgres_distribution }}.sha512"
26.       dest: "{{ postgres_install }}/{{ postgres_distribution }}"
27.     become: yes
28.     become_user: "{{ ansible_postgres_user }}"
29.  
30.   - name: download artifacts - fetch postgres env package
31.     get_url:
32.       url: "{{ postgres_mirror }}/postgres/Linux/el7/{{ item }}" # pg-rhel7-env.tar.gz" # {{ item }}"  # was: "{{ postgres_repo }}/{{ item }}"
33.       dest: "{{ postgres_install }}/{{ item }}"
34.     become: yes
35.     become_user: "{{ ansible_postgres_user }}"
36.     loop:
37.      - pg-rhel7-env.tar.gz
38.  
39.   - name: check installed system packages for postgres
40.     package:
41.       name:
42.      - psmisc
43.       - strace
44.       - gdb
45.       - nagios-plugins-mysql
46.       - nagios-plugins-pgsql
47.       - nagios-plugins-http
48.       - openssl
49.       - pam
50.       - readline
51.       - libselinux
52.       - systemd-libs
53.       - zlib
54.       state: present
55.     become: yes
56.     become_user: "{{ ansible_become_user }}"
57.  
58.  
59.   - name: prepare postgres environment - create data & backup directories
60.     file:
61.       path: "{{ item }}"
62.       mode: 0750
63.       state: directory
64.     become: yes
65.     become_user: "{{ ansible_postgres_user }}"
66.     loop:
67.      - "{{ postgres_data }}"
68.       - "{{ postgres_arch }}"
69.       - "{{ postgres_back }}"
70.  
71.   - name: prepare postgres environment - copy shell environment
72.     copy:
73.       src: "files/{{ item }}"
74.       dest: "{{ postgres_user_home }}/{{ item }}"
75.       #mode: 0755
76.     become: yes
77.     become_user: "{{ ansible_postgres_user }}"
78.     loop:
79.      - .alias
80.       - .bashrc
81.       - .editrc
82.       - .forward
83.       - .toprc
84.  
85.  
86.   - name: prepare postgres environment - copy nrpe-check config
87.     copy:
88.       src: "files/{{ item }}"
89.       dest: "{{ postgres_nrpe }}/{{ item }}"
90.     become: yes
91.     become_user: "{{ ansible_postgres_user }}"
92.     loop:
93.      - scb_opensource_postgres.cfg
94.  
95.   - name: prepare postgres environment - prepare env and start/stop-scripts
96.     unarchive:
97.       src: "{{ postgres_install }}/pg-rhel7-env.tar.gz"
98.       dest: "{{ postgres_base }}/"
99.       creates: "{{ postgres_base }}/bin/.pg.env"
100.       remote_src: yes
101.     become: yes
102.     become_user: "{{ ansible_postgres_user }}"
103.  
104. # ##### postgresql.service based on current state ##########
105.  
106.   - name: gather service facts
107.     service_facts:
109.   - name: return postgres running or not
110.     debug:
111.       msg: "{{ ansible_facts.services.postgresql | default({ 'state' : 'absent'}) }}"
112.  
113.   - name: stop postgresql.service from systemd if running
114.     service:
115.       name: postgresql.service
116.       state: stopped
117.     become: yes
118.     register: psql_result
119.     when: "'postgresql.service' in services"    # was: failed_when: psql_result is failed and 'Could not find the requested service postgresql.service' not in psql_result['msg']
120.  
121.  
122.   - name: install postgres - unarchive postgres package
123.     unarchive:
124.       src: "{{ postgres_install }}/{{ postgres_distribution }}"
125.       dest: "{{ postgres_base }}/"
126.       remote_src: yes
127.     become: yes
128.     become_user: "{{ ansible_postgres_user }}"
129.  
130.   - name: install postgres - create postgres symlink
131.     file:
132.       src: "{{ postgres_base }}/{{ postgres_version }}"
133.       dest: "{{ postgres_base }}/postgresql"
134.       state: link
135.     become: yes
136.     become_user: "{{ ansible_postgres_user }}"
137.  
138.   - name: configure postgres - create database
139.     command: "{{ postgres_home }}/bin/initdb -D {{ postgres_data }}"
140.     # args:
141.       # creates: "{{ postgres_data }}/PG_VERSION"
142.     become: yes
143.     become_user: "{{ ansible_postgres_user }}"  # 'postgres' does not work neither
144.  
145.   - name: configure postgres - create postgresql.conf
146.     copy:
147.       src: "files/postgresql.conf"
148.       dest: "{{ postgres_data }}/postgresql.conf"
149.       backup: yes
150.       mode: preserve
151.     become: yes
152.     become_user: "{{ ansible_postgres_user }}"
153.  
154.   - name: configure postgres - create pg_hba.conf
155.     copy:
156.       src: "files/pg_hba.conf"
157.       dest: "{{ postgres_data }}/pg_hba.conf"
158.       backup: yes
159.       mode: preserve
160.     become: yes
161.     become_user: "{{ ansible_postgres_user }}"
162.  
163.   - name: start or restart postgresql.service from systemd
164.     command: "/usr/bin/sudo /usr/bin/systemctl restart postgresql.service"
165.     #register: start_postgres
166.     ignore_errors: yes
167.  
168.   - set_fact:
169.       postgres_auth_pass: "{{ postgres_auth_pass }}"
170.   - debug:
171.       msg: "Safe new postgres user password to password safe: {{ postgres_auth_pass }}"
172.    
173.   - name: configure postgres - set password of postgres role
174.     command: "{{ postgres_home }}/bin/psql -c \"ALTER ROLE postgres WITH password '{{ postgres_auth_pass }}';\""
175.     become: yes
176.     become_user: "{{ ansible_postgres_user }}"
177.  
178.   - name: configure postgres - update .pgpass file
179.     lineinfile:
180.       path: "{{ postgres_user_home }}/.pgpass"
181.       regexp: '^localhost:5432:\*:postgres'
182.       line: 'localhost:5432:*:postgres:{{ postgres_auth_pass }}'
183.       create: yes
184.       mode: 0600
185.     become: yes
186.     become_user: "{{ ansible_postgres_user }}"
187.     ignore_errors: yes
188.  
189.   - name: "logrotate cronjob - postgres compress logs"
190.     cron:
191.       name: "postgres compress logs"
192.       minute: "0"
193.       hour: "1"
194.       day: "*"
195.       month: "*"
196.       weekday: "*"
197.       job: find {{ postgres_data }}/log -type f -mtime +0 -name "postgresql-*.log" | xargs -r nice -n 19 gzip -9
198.     become: yes
199.     become_user: "{{ ansible_postgres_user }}"
200.  
201.   - name: "logrotate cronjob - postgres cleanup logs"
202.     cron:
203.       name: "postgres cleanup logs"
204.       minute: "30"
205.       hour: "1"
206.       day: "*"
207.       month: "*"
208.       weekday: "*"
209.       job: find {{ postgres_data }}/log -type f -mtime +90 -name "postgresql-*.log.gz" | xargs -r rm
210.     become: yes
211.     become_user: "{{ ansible_postgres_user }}"
212.