diff --git a/CHANGELOG.md b/CHANGELOG.md index ddbe7d661..6cf7025a7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - [Apt] Add `trusted` parameter for repositories - [Apt] Add `default_src`, `backports_src`, and `backports_sloppy_src` repositories +- [PostgreSQL] Add more global default login options (`manala_postgresql_login_port`, `manala_postgresql_login_unix_socket`, `manala_postgresql_login_user` and `manala_postgresql_login_password`) +- [MySQL] Add global default login options (`manala_mysql_login_host`, `manala_mysql_login_port`, `manala_mysql_login_unix_socket`, `manala_mysql_login_user` and `manala_mysql_login_password`) +- [MySQL] Support replications login options ### Fixed - [Apt] Handle repository types properly diff --git a/extensions/molecule/mysql.8.0/converge.yml b/extensions/molecule/mysql.8.0/converge.yml index 423e4b57a..8686bb6c9 100644 --- a/extensions/molecule/mysql.8.0/converge.yml +++ b/extensions/molecule/mysql.8.0/converge.yml @@ -21,15 +21,14 @@ config: mysqld: default-authentication-plugin: mysql_native_password + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.8.4/converge.yml b/extensions/molecule/mysql.8.4/converge.yml index 57acaff03..0338cdd76 100644 --- a/extensions/molecule/mysql.8.4/converge.yml +++ b/extensions/molecule/mysql.8.4/converge.yml @@ -22,15 +22,14 @@ config: mysqld: mysql_native_password: 'ON' + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: @@ -288,16 +287,15 @@ config: mysqld: mysql_native_password: 'ON' + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: # Privileges and password - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Create users to absent/ignore later community.mysql.mysql_user: name: "{{ item }}" @@ -317,38 +315,31 @@ config: mysqld: mysql_native_password: 'ON' + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: # Privileges and password - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock # States - name: state_present_implicit - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_present state: present - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent_existing state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignored state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignore_existing state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: @@ -378,10 +369,10 @@ config: mysqld: mysql_native_password: 'ON' + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: bar state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Create databases to absent/ignore later community.mysql.mysql_db: name: "{{ item }}" @@ -401,29 +392,23 @@ config: mysqld: mysql_native_password: 'ON' + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: # States - name: state_present_implicit - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_present state: present - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent_existing state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignored state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignore_existing state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.galera.4.10.mysql_wsrep.8.0.26/converge.yml b/extensions/molecule/mysql.galera.4.10.mysql_wsrep.8.0.26/converge.yml index 7d9b59a7e..11fc10b77 100644 --- a/extensions/molecule/mysql.galera.4.10.mysql_wsrep.8.0.26/converge.yml +++ b/extensions/molecule/mysql.galera.4.10.mysql_wsrep.8.0.26/converge.yml @@ -19,12 +19,12 @@ - galera-arbitrator-4 - mysql-wsrep-server - mysql-wsrep-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore # Flatten @@ -33,17 +33,13 @@ password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.galera.4.23.mysql_wsrep.8.4.5/converge.yml b/extensions/molecule/mysql.galera.4.23.mysql_wsrep.8.4.5/converge.yml index af3732e97..6ed0fda70 100644 --- a/extensions/molecule/mysql.galera.4.23.mysql_wsrep.8.4.5/converge.yml +++ b/extensions/molecule/mysql.galera.4.23.mysql_wsrep.8.4.5/converge.yml @@ -26,32 +26,27 @@ - galera-arbitrator-4 - mysql-wsrep-server - mysql-wsrep-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.mariadb.10.11/converge.yml b/extensions/molecule/mysql.mariadb.10.11/converge.yml index e97aea4e9..d2c115316 100644 --- a/extensions/molecule/mysql.mariadb.10.11/converge.yml +++ b/extensions/molecule/mysql.mariadb.10.11/converge.yml @@ -18,32 +18,27 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Goss ansible.builtin.command: cmd: goss --gossfile - validate diff --git a/extensions/molecule/mysql.mariadb.10.5/converge.yml b/extensions/molecule/mysql.mariadb.10.5/converge.yml index 78cd85bbf..65b68cc0c 100644 --- a/extensions/molecule/mysql.mariadb.10.5/converge.yml +++ b/extensions/molecule/mysql.mariadb.10.5/converge.yml @@ -17,12 +17,12 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore # Flatten @@ -31,16 +31,13 @@ password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.mariadb.10.6/converge.yml b/extensions/molecule/mysql.mariadb.10.6/converge.yml index 78cd85bbf..65b68cc0c 100644 --- a/extensions/molecule/mysql.mariadb.10.6/converge.yml +++ b/extensions/molecule/mysql.mariadb.10.6/converge.yml @@ -17,12 +17,12 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore # Flatten @@ -31,16 +31,13 @@ password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.mariadb.11.4/converge.yml b/extensions/molecule/mysql.mariadb.11.4/converge.yml index 1d2c7b82e..42168c7f9 100644 --- a/extensions/molecule/mysql.mariadb.11.4/converge.yml +++ b/extensions/molecule/mysql.mariadb.11.4/converge.yml @@ -18,32 +18,27 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/mysql.mariadb.11.8/converge.yml b/extensions/molecule/mysql.mariadb.11.8/converge.yml index 703f4431f..8bec4a970 100644 --- a/extensions/molecule/mysql.mariadb.11.8/converge.yml +++ b/extensions/molecule/mysql.mariadb.11.8/converge.yml @@ -16,32 +16,27 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: bar state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Goss ansible.builtin.command: cmd: goss --gossfile - validate @@ -71,14 +66,13 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: foo password: foo priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: foo - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Goss ansible.builtin.command: cmd: goss --gossfile - validate @@ -331,9 +325,9 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: - name: bar - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Create users to absent/ignore later community.mysql.mysql_user: name: "{{ item }}" @@ -348,38 +342,31 @@ name: manala.roles.mysql tasks_from: users vars: + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_users: # Privileges and password - name: foo password: foo host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock # States - name: state_present_implicit - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_present state: present - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent_existing state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignored state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignore_existing state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz password: baz host: localhost priv: "*.*:ALL,GRANT" - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: @@ -403,10 +390,10 @@ manala_mysql_install_packages: - mariadb-server - mariadb-client + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: - name: bar state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: Create databases to absent/ignore later community.mysql.mysql_db: name: "{{ item }}" @@ -421,29 +408,23 @@ name: manala.roles.mysql tasks_from: databases vars: + manala_mysql_login_unix_socket: /var/run/mysqld/mysqld.sock manala_mysql_databases: # States - name: state_present_implicit - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_present state: present - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_absent_existing state: absent - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignored state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock - name: state_ignore_existing state: ignore - login_unix_socket: /var/run/mysqld/mysqld.sock # Flatten - - name: baz - login_unix_socket: /var/run/mysqld/mysqld.sock always: - name: Goss ansible.builtin.command: diff --git a/extensions/molecule/postgresql.17/converge.yml b/extensions/molecule/postgresql.17/converge.yml index 41f9518a6..d0a46871f 100644 --- a/extensions/molecule/postgresql.17/converge.yml +++ b/extensions/molecule/postgresql.17/converge.yml @@ -20,6 +20,7 @@ # Trust all IPv4 local connections host all all 127.0.0.1/32 trust host all all ::1/128 trust + manala_postgresql_login_user: postgres manala_postgresql_roles: - role: foo password: ~ @@ -28,7 +29,6 @@ - database: bar manala_postgresql_privileges: - role: foo - login_user: postgres database: bar type: table objects: diff --git a/roles/mysql/defaults/main.yaml b/roles/mysql/defaults/main.yaml index fc578a8e8..5b5ff22da 100644 --- a/roles/mysql/defaults/main.yaml +++ b/roles/mysql/defaults/main.yaml @@ -39,6 +39,13 @@ manala_mysql_data_dir_group: mysql manala_mysql_data_dir_mode: "0750" manala_mysql_data_dir_initialize: false +# Login +manala_mysql_login_host: ~ +manala_mysql_login_port: ~ +manala_mysql_login_unix_socket: ~ +manala_mysql_login_user: ~ +manala_mysql_login_password: ~ + # Users manala_mysql_users: [] diff --git a/roles/mysql/tasks/databases.yaml b/roles/mysql/tasks/databases.yaml index 28416c2cf..d1c55edb8 100644 --- a/roles/mysql/tasks/databases.yaml +++ b/roles/mysql/tasks/databases.yaml @@ -5,13 +5,14 @@ name: "{{ item.name }}" encoding: "{{ item.encoding | default('utf8') }}" collation: "{{ item.collation | default('utf8_general_ci') }}" - login_host: "{{ item.login_host | default(omit) }}" - login_port: "{{ item.login_port | default(omit) }}" - login_unix_socket: "{{ item.login_unix_socket | default(omit) }}" - login_user: "{{ item.login_user | default(omit) }}" - login_password: "{{ item.login_password | default(omit) }}" sql_log_bin: "{{ item.sql_log_bin | default(omit) }}" state: "{{ item.state | default(omit) }}" + # Login + login_host: "{{ item.login_host | default(manala_mysql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_mysql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_mysql_login_unix_socket | default(omit, True), True) }}" + login_user: "{{ item.login_user | default(manala_mysql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_mysql_login_password | default(omit, True), True) }}" loop: "{{ manala_mysql_databases | flatten diff --git a/roles/mysql/tasks/replications.yaml b/roles/mysql/tasks/replications.yaml index fe53fa0a7..4a23e9ada 100644 --- a/roles/mysql/tasks/replications.yaml +++ b/roles/mysql/tasks/replications.yaml @@ -18,5 +18,11 @@ master_ssl_cipher: "{{ item.master_ssl_cipher | default(omit) }}" master_ssl_key: "{{ item.master_ssl_key | default(omit) }}" master_user: "{{ item.master_user | default(omit) }}" + # Login + login_host: "{{ item.login_host | default(manala_mysql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_mysql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_mysql_login_unix_socket | default(omit, True), True) }}" + login_user: "{{ item.login_user | default(manala_mysql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_mysql_login_password | default(omit, True), True) }}" loop: "{{ manala_mysql_replications }}" when: manala_mysql_server diff --git a/roles/mysql/tasks/users.yaml b/roles/mysql/tasks/users.yaml index 659619711..22042cc2c 100644 --- a/roles/mysql/tasks/users.yaml +++ b/roles/mysql/tasks/users.yaml @@ -8,13 +8,14 @@ priv: "{{ item.priv | default(omit) }}" append_privs: "{{ item.append_privs | default(omit) }}" sql_log_bin: "{{ item.sql_log_bin | default(omit) }}" - login_host: "{{ item.login_host | default(omit) }}" - login_port: "{{ item.login_port | default(omit) }}" - login_unix_socket: "{{ item.login_unix_socket | default(omit) }}" - login_user: "{{ item.login_user | default(omit) }}" - login_password: "{{ item.login_password | default(omit) }}" tls_requires: "{{ item.tls_requires | default(omit) }}" state: "{{ item.state | default(omit) }}" + # Login + login_host: "{{ item.login_host | default(manala_mysql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_mysql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_mysql_login_unix_socket | default(omit, True), True) }}" + login_user: "{{ item.login_user | default(manala_mysql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_mysql_login_password | default(omit, True), True) }}" loop: "{{ manala_mysql_users | flatten diff --git a/roles/postgresql/defaults/main.yaml b/roles/postgresql/defaults/main.yaml index ce4d3cb52..c2309bbbe 100644 --- a/roles/postgresql/defaults/main.yaml +++ b/roles/postgresql/defaults/main.yaml @@ -19,6 +19,10 @@ manala_postgresql_config_hba: ~ # Login manala_postgresql_login_host: localhost +manala_postgresql_login_port: ~ +manala_postgresql_login_unix_socket: ~ +manala_postgresql_login_user: ~ +manala_postgresql_login_password: ~ # Roles manala_postgresql_roles: [] diff --git a/roles/postgresql/tasks/databases.yaml b/roles/postgresql/tasks/databases.yaml index 02184889c..b41ec0ee5 100644 --- a/roles/postgresql/tasks/databases.yaml +++ b/roles/postgresql/tasks/databases.yaml @@ -3,7 +3,12 @@ - name: Databases > Create postgresql databases community.postgresql.postgresql_db: name: "{{ (item) if (item is string) else (item.database) }}" - state: "{{ item.state | default('present') }}" owner: "{{ item.role | default(omit) }}" - login_host: "{{ manala_postgresql_login_host }}" + state: "{{ item.state | default('present') }}" + # Login + login_host: "{{ item.login_host | default(manala_postgresql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_postgresql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_postgresql_login_unix_socket | default(omit, True), True) }}" + login_user: "{{ item.login_user | default(manala_postgresql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_postgresql_login_password | default(omit, True), True) }}" loop: "{{ manala_postgresql_databases }}" diff --git a/roles/postgresql/tasks/privileges.yaml b/roles/postgresql/tasks/privileges.yaml index 3affabb56..61fc84484 100644 --- a/roles/postgresql/tasks/privileges.yaml +++ b/roles/postgresql/tasks/privileges.yaml @@ -4,20 +4,29 @@ community.postgresql.postgresql_user: name: "{{ item.role }}" state: "{{ item.state | default('present') }}" + # Login + login_host: "{{ item.login_host | default(manala_postgresql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_postgresql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_postgresql_login_unix_socket | default(omit, True), True) }}" login_db: "{{ item.database }}" - login_host: "{{ manala_postgresql_login_host }}" + login_user: "{{ item.login_user | default(manala_postgresql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_postgresql_login_password | default(omit, True), True) }}" loop: "{{ manala_postgresql_privileges }}" - name: Privileges > Handle community.postgresql.postgresql_privs: roles: "{{ item.role }}" - state: "{{ item.state | default('present') }}" - login_db: "{{ item.database }}" - login_user: "{{ item.login_user | default(omit) }}" - login_password: "{{ item.login_password | default(omit) }}" type: "{{ item.type | default(omit) }}" privs: |- {{ item.privileges | join(',') }} objs: |- {{ item.objects | default(omit) | join(',') }} + state: "{{ item.state | default('present') }}" + # Login + login_host: "{{ item.login_host | default(manala_postgresql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_postgresql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_postgresql_login_unix_socket | default(omit, True), True) }}" + login_db: "{{ item.database }}" + login_user: "{{ item.login_user | default(manala_postgresql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_postgresql_login_password | default(omit, True), True) }}" loop: "{{ manala_postgresql_privileges }}" diff --git a/roles/postgresql/tasks/roles.yaml b/roles/postgresql/tasks/roles.yaml index d44b18a8f..b4e694417 100644 --- a/roles/postgresql/tasks/roles.yaml +++ b/roles/postgresql/tasks/roles.yaml @@ -3,8 +3,13 @@ - name: Roles > Handle community.postgresql.postgresql_user: name: "{{ item.role }}" - state: "{{ item.state | default('present') }}" password: "{{ item.password | default(omit) }}" role_attr_flags: "{{ (omit) if (item.attributes is not defined) else item.attributes | join(',') }}" - login_host: "{{ manala_postgresql_login_host }}" + state: "{{ item.state | default('present') }}" + # Login + login_host: "{{ item.login_host | default(manala_postgresql_login_host | default(omit, True), True) }}" + login_port: "{{ item.login_port | default(manala_postgresql_login_port | default(omit, True), True) }}" + login_unix_socket: "{{ item.login_unix_socket | default(manala_postgresql_login_unix_socket | default(omit, True), True) }}" + login_user: "{{ item.login_user | default(manala_postgresql_login_user | default(omit, True), True) }}" + login_password: "{{ item.login_password | default(manala_postgresql_login_password | default(omit, True), True) }}" loop: "{{ manala_postgresql_roles }}"