From e07113daa566039f0fb5e887a31fb50574e8d202 Mon Sep 17 00:00:00 2001 From: Hamatoma Date: Thu, 8 May 2025 20:14:50 +0200 Subject: [PATCH] postgres tasks nginx_sites --- .../nginx_create_site copy.yaml | 22 ++++++++++ playbooks.templates/pg_create_admin.yaml | 9 ++++ .../pg_create_db_and_user.yaml | 14 +++++++ tasks.templates/t_pg_create_admin.yaml | 15 +++++++ tasks.templates/t_pg_create_db_and_user.yaml | 42 +++++++++++++++++++ 5 files changed, 102 insertions(+) create mode 100644 playbooks.templates/nginx_create_site copy.yaml create mode 100644 playbooks.templates/pg_create_admin.yaml create mode 100644 playbooks.templates/pg_create_db_and_user.yaml create mode 100644 tasks.templates/t_pg_create_admin.yaml create mode 100644 tasks.templates/t_pg_create_db_and_user.yaml diff --git a/playbooks.templates/nginx_create_site copy.yaml b/playbooks.templates/nginx_create_site copy.yaml new file mode 100644 index 0000000..3eaa2c5 --- /dev/null +++ b/playbooks.templates/nginx_create_site copy.yaml @@ -0,0 +1,22 @@ +--- +- name: Creates the NGINX configuration file for a PHP site + # needed facts (variables) from commandline (e.g. -e domain=example.com -e force=true): + # domain: the site domain name + # optional facts: + # document_root: the document root of the site without path, e.g. example.com. Default: domain + # shortname: the short name of the site. Used for log file names + # php_version: the PHP version to use. Default: 8.3 + # force: if true, the site will be created even if it already exists. Default: false + hosts: all + vars_files: + - ../vars/common.yaml + - ../vars/ssl-certificate.yaml + tasks: + - name: Check pre-requisites + fail: msg="The variable 'domain' must be defined and not empty." + when: domain is not defined or domain == "" + - name: create certificate for {{ domain }} + import_tasks: ../tasks/t_ssl_create_certificate.yaml + - name: Create the NGINX configuration for {{domain}} + import_tasks: ../tasks/t_nginx_create_site.yaml + diff --git a/playbooks.templates/pg_create_admin.yaml b/playbooks.templates/pg_create_admin.yaml new file mode 100644 index 0000000..17cc89d --- /dev/null +++ b/playbooks.templates/pg_create_admin.yaml @@ -0,0 +1,9 @@ +--- +- name: Creates the MySQL administrator with all privileges for all databases + hosts: all + vars_files: + - ../vars/mysql_vault.yaml + - ../vars/mysql.yaml + tasks: + - name: Create the database adminstrator {{dba_name}} + import_tasks : ../tasks/t_pg_create_admin.yaml diff --git a/playbooks.templates/pg_create_db_and_user.yaml b/playbooks.templates/pg_create_db_and_user.yaml new file mode 100644 index 0000000..ba96926 --- /dev/null +++ b/playbooks.templates/pg_create_db_and_user.yaml @@ -0,0 +1,14 @@ +--- +- name: Create PostGreSql database and user for a web application +# needed facts (variables) from commandline (e.g. -e db_name=webapp): +# db_name: name of the database +# db_host: the ip or name of the host hosting mysql. Normally: localhost +# db_user: name of the database user +# db_password: password of the database user + hosts: all + vars_files: + - ../vars/pg_vault.yaml + - ../vars/pg.yaml + tasks: + - name: Create the database adminstrator {{dba_name}} + import_tasks : ../tasks/t_pg_db_and_user.yaml diff --git a/tasks.templates/t_pg_create_admin.yaml b/tasks.templates/t_pg_create_admin.yaml new file mode 100644 index 0000000..72277a5 --- /dev/null +++ b/tasks.templates/t_pg_create_admin.yaml @@ -0,0 +1,15 @@ +# needed facts (variables): +# dba_name: name of the database user with all privileges +# dba_password: password of the database user with all privileges +- name: Create the database administrator {{dba_name}} + community.postgresql.postgresql_user: + name: "{{ dba_name }}" + password: "{{ dba_password }}" + state: present + +- name: Grant all privileges to dba + community.postgresql.postgresql_privs: + db: all + role: "dba" + privs: "ALL" + type: database diff --git a/tasks.templates/t_pg_create_db_and_user.yaml b/tasks.templates/t_pg_create_db_and_user.yaml new file mode 100644 index 0000000..dc79741 --- /dev/null +++ b/tasks.templates/t_pg_create_db_and_user.yaml @@ -0,0 +1,42 @@ +# needed facts: +# db_name: name of the database +# db_host: the ip or name of the host hosting mysql. Normally: localhost +# db_user: name of the database user +# db_password: password of the database user +# webapp_name: name of the web application +# dba_name: name of the database user with all privileges +# dba_password: password of the database user with all privileges + +- name: Ensure PostgreSQL database {{ db_name }} exists + community.postgresql.postgresql_db: + name: "{{ db_name }}" + login_host: "{{ db_host | default('localhost') }}" + login_user: "{{ dba_name }}" + login_password: "{{ dba_password }}" + state: present +- name: Create the role with the name of the database: {{ db_name }} for PostgreSQL + community.postgresql.postgresql_user: + name: "{{ db_name }}" + login_host: "{{ db_host | default('localhost') }}" + login_user: "{{ dba_name }}" + login_password: "{{ dba_password }}" + db: "{{ db_name }}" + state: present +- name: Create the database user {{ db_user }} for PostgreSQL + community.postgresql.postgresql_user: + name: "{{ db_user }}" + password: "{{ db_password }}" + login_host: "{{ db_host | default('localhost') }}" + login_user: "{{ dba_name }}" + login_password: "{{ dba_password }}" + db: "{{ db_name }}" + state: present + - name: Grant role {{ db_name }} to user {{ db_user }} + community.postgresql.postgresql_privs: + db: "postgres" + role: "{{ db_user }}" + type: role + privs: "{{ db_name }}" + login_host: "{{ db_host | default('localhost') }}" + login_user: "{{ dba_name }}" + login_password: "{{ dba_password }}" \ No newline at end of file -- 2.39.5