THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs

roles/svc-db-postgres/schema/main.yml

@@ -1,5 +1,5 @@
 credentials:
-  postgres_password:
+  POSTGRES_PASSWORD:
     description: "Password for the PostgreSQL superuser 'postgres'"
     algorithm: "bcrypt"
     validation: "^\\$2[aby]\\$.{56}$"

roles/svc-db-postgres/tasks/01_core.yml

@@ -1,26 +1,21 @@
 
-- name: Include dependency 'docker-core'
+- name: Include dependency 'sys-svc-docker'
   include_role:
-    name: docker-core
-  when: run_once_docker_core is not defined
+    name: sys-svc-docker
+  when: run_once_sys_svc_docker is not defined
 
 - name: Create Docker network for PostgreSQL
   community.docker.docker_network:
-    name: "{{ postgres_network_name }}"
+    name: "{{ POSTGRES_NETWORK_NAME }}"
     state: present
     ipam_config:
-    - subnet: "{{ postgres_subnet }}"
+    - subnet: "{{ POSTGRES_SUBNET }}"
 
 - name: "include docker-compose role"
   include_role:
     name: docker-compose
-
-- name: Wait for Postgres inside the container
-  shell: "docker exec {{ postgres_name }} pg_isready -U postgres"
-  register: pg_ready
-  until: pg_ready.rc == 0
-  retries: 30
-  delay: 5
+  vars:
+    docker_compose_flush_handlers: true
 
 - name: install python-psycopg2
   community.general.pacman:

roles/svc-db-postgres/tasks/02_init.yml

@@ -1,11 +1,10 @@
 ---
-- name: "Wait until Postgres is listening on port {{ postgres_port }}"
-  wait_for:
-    host: "{{ postgres_local_host }}"
-    port: "{{ postgres_port }}"
-    delay: 5
-    timeout: 300
-    state: started
+- name: Wait for Postgres inside the container
+  shell: "docker exec {{ POSTGRES_CONTAINER }} pg_isready -U postgres"
+  register: pg_ready
+  until: pg_ready.rc == 0
+  retries: 30
+  delay: 5
 
 # 1) Create the database
 - name: "Create database: {{ database_name }}"
@@ -13,13 +12,13 @@
     name: "{{ database_name }}"
     state: present
     login_user: postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host: "{{ postgres_local_host }}"
-    login_port: "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host: "{{ POSTGRES_LOCAL_HOST }}"
+    login_port: "{{ POSTGRES_PORT }}"
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 2) Create the database user (with password)
 - name: "Create database user: {{ database_username }}"
@@ -29,29 +28,29 @@
     db:             "{{ database_name }}"
     state:          present
     login_user:     postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host:     "{{ postgres_local_host }}"
-    login_port:     "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host:     "{{ POSTGRES_LOCAL_HOST }}"
+    login_port:     "{{ POSTGRES_PORT }}"
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 3) Enable LOGIN for the role (removes NOLOGIN)
 - name: "Enable login for role {{ database_username }}"
   community.postgresql.postgresql_query:
     db: postgres
     login_user: postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host: "{{ postgres_local_host }}"
-    login_port: "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host: "{{ POSTGRES_LOCAL_HOST }}"
+    login_port: "{{ POSTGRES_PORT }}"
     query: |
       ALTER ROLE "{{ database_username }}"
         WITH LOGIN;
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 4) Grant ALL privileges on all tables in the public schema
 - name: "Grant ALL privileges on tables in public schema to {{ database_username }}"
@@ -64,13 +63,13 @@
     schema: public
     state:  present
     login_user:     postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host:     "{{ postgres_local_host }}"
-    login_port:     "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host:     "{{ POSTGRES_LOCAL_HOST }}"
+    login_port:     "{{ POSTGRES_PORT }}"
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 5) Grant ALL privileges at the database level
 - name: "Grant all privileges on database {{ database_name }} to {{ database_username }}"
@@ -81,22 +80,22 @@
     privs: ALL
     state: present
     login_user:     postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host:     "{{ postgres_local_host }}"
-    login_port:     "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host:     "{{ POSTGRES_LOCAL_HOST }}"
+    login_port:     "{{ POSTGRES_PORT }}"
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 6) Grant USAGE/CREATE on schema and set default privileges
 - name: "Set comprehensive schema privileges for {{ database_username }}"
   community.postgresql.postgresql_query:
     db: "{{ database_name }}"
     login_user: postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host: "{{ postgres_local_host }}"
-    login_port: "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host: "{{ POSTGRES_LOCAL_HOST }}"
+    login_port: "{{ POSTGRES_PORT }}"
     query: |
       GRANT USAGE ON SCHEMA public TO "{{ database_username }}";
       GRANT CREATE ON SCHEMA public TO "{{ database_username }}";
@@ -104,8 +103,8 @@
         GRANT ALL PRIVILEGES ON TABLES TO "{{ database_username }}";
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 7) Ensure PostGIS and related extensions are installed (if enabled)
 - name: "Ensure PostGIS-related extensions are installed"
@@ -114,9 +113,9 @@
     ext:        "{{ item }}"
     state:      present
     login_user:     postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host:     "{{ postgres_local_host }}"
-    login_port:     "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host:     "{{ POSTGRES_LOCAL_HOST }}"
+    login_port:     "{{ POSTGRES_PORT }}"
   loop:
     - postgis
     - pg_trgm
@@ -124,8 +123,8 @@
   when: postgres_gis_enabled | bool
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"
 
 # 8) Ensure pgvector (vector) extension is installed (for Discourse‑AI, pgvector, …)
 - name: "Ensure pgvector (vector) extension is installed"
@@ -134,10 +133,10 @@
     ext:          vector
     state:        present
     login_user:   postgres
-    login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-    login_host:   "{{ postgres_local_host }}"
-    login_port:   "{{ postgres_port }}"
+    login_password: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+    login_host:   "{{ POSTGRES_LOCAL_HOST }}"
+    login_port:   "{{ POSTGRES_PORT }}"
   register: postgresql_result
   until: postgresql_result is succeeded
-  retries: "{{ postgres_retry_retries }}"
-  delay: "{{ postgres_retry_delay }}"
+  retries: "{{ POSTGRES_RETRIES }}"
+  delay: "{{ POSTGRES_DELAY }}"

roles/svc-db-postgres/tasks/main.yml

@@ -1,6 +1,9 @@
 - block:
   - include_tasks: 01_core.yml
   - include_tasks: utils/run_once.yml
+    vars:
+      # Force the flush of the pg handler on the first run
+      flush_handlers: true
   when: run_once_svc_db_postgres is not defined
 
 - include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml"
@@ -10,4 +13,4 @@
 
 - name: "Initialize database for '{{ database_name }}'"
   include_tasks: 02_init.yml
-  when: postgres_init | bool
+  when: POSTGRES_INIT | bool

roles/svc-db-postgres/templates/Dockerfile.j2

@@ -1,6 +1,6 @@
-FROM {{ postgres_image }}:{{ postgres_version }}
+FROM {{ POSTGRES_IMAGE }}:{{ POSTGRES_VERSION }}
 
-{% if postgres_pg_vector_enabled %}
+{% if POSTGRES_VECTOR_ENABLED %}
 RUN apt-get update \
  && apt-get install -y --no-install-recommends \
       build-essential \

roles/svc-db-postgres/templates/docker-compose.yml.j2

@@ -1,15 +1,15 @@
 {% include 'roles/docker-compose/templates/base.yml.j2' %}
 
   postgres:
-    container_name:   "{{ postgres_name }}"
-    image:            "{{ postgres_custom_image_name }}"
+    container_name:   "{{ POSTGRES_CONTAINER }}"
+    image:            "{{ POSTGRES_CUSTOM_IMAGE_NAME }}"
     build:
       context: .
       dockerfile: Dockerfile
 {% include 'roles/docker-container/templates/base.yml.j2' %}
-{% if postgres_expose_local %}
+{% if POSTGRES_EXPOSE_LOCAL %}
     ports: 
-      - "{{ postgres_local_host }}:{{ postgres_port }}:5432"
+      - "{{ POSTGRES_LOCAL_HOST }}:{{ POSTGRES_PORT }}:5432"
 {% endif %}
     volumes:
       - "data:/var/lib/postgresql/data"
@@ -17,6 +17,6 @@
 
 {% include 'roles/docker-compose/templates/volumes.yml.j2' %}
   data:
-    name: "{{ postgres_volume }}"
+    name: "{{ POSTGRES_VOLUME }}"
 
 {% include 'roles/docker-compose/templates/networks.yml.j2' %}

roles/svc-db-postgres/templates/env.j2

@@ -1,3 +1,3 @@
-POSTGRES_PASSWORD="{{ postgres_password }}"
+POSTGRES_PASSWORD="{{ POSTGRES_PASSWORD }}"
 # Necessary for web-app-matrix
 POSTGRES_INITDB_ARGS="--encoding=UTF8 --locale=C"

roles/svc-db-postgres/vars/main.yml

@@ -8,18 +8,18 @@ docker_compose_flush_handlers:  true
 database_type:                  "{{ application_id | get_entity_name }}"
 
 ## Postgres
-postgres_volume:                "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
-postgres_name:                  "{{ applications | get_app_conf(application_id, 'docker.services.postgres.name', True) }}"
-postgres_image:                 "{{ applications | get_app_conf(application_id, 'docker.services.postgres.image', True) }}"
-postgres_subnet:                "{{ networks.local['svc-db-postgres'].subnet }}"
-postgres_network_name:          "{{ applications | get_app_conf(application_id, 'docker.network', True) }}"
-postgres_version:               "{{ applications | get_app_conf(application_id, 'docker.services.postgres.version', True) }}"
-postgres_password:              "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}"
-postgres_port:                  "{{ database_port | default(ports.localhost.database[ application_id ]) }}"
-postgres_init:                  "{{ database_username is defined and database_password is defined and database_name is defined }}"
-postgres_expose_local:          True # Exposes the db to localhost, almost everytime neccessary
-postgres_custom_image_name:     "postgres_custom"
-postgres_local_host:            "127.0.0.1"
-postgres_pg_vector_enabled:     True # Required by discourse, propably in a later step it makes sense to define this as a configuration option in config/main.yml
-postgres_retry_retries:         5
-postgres_retry_delay:           2
+POSTGRES_VOLUME:                "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
+POSTGRES_CONTAINER:             "{{ applications | get_app_conf(application_id, 'docker.services.postgres.name', True) }}"
+POSTGRES_IMAGE:                 "{{ applications | get_app_conf(application_id, 'docker.services.postgres.image', True) }}"
+POSTGRES_SUBNET:                "{{ networks.local['svc-db-postgres'].subnet }}"
+POSTGRES_NETWORK_NAME:          "{{ applications | get_app_conf(application_id, 'docker.network', True) }}"
+POSTGRES_VERSION:               "{{ applications | get_app_conf(application_id, 'docker.services.postgres.version', True) }}"
+POSTGRES_PASSWORD:              "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD', True) }}"
+POSTGRES_PORT:                  "{{ database_port | default(ports.localhost.database[ application_id ]) }}"
+POSTGRES_INIT:                  "{{ database_username is defined and database_password is defined and database_name is defined }}"
+POSTGRES_EXPOSE_LOCAL:          True # Exposes the db to localhost, almost everytime neccessary
+POSTGRES_CUSTOM_IMAGE_NAME:     "postgres_custom"
+POSTGRES_LOCAL_HOST:            "127.0.0.1"
+POSTGRES_VECTOR_ENABLED:        True # Required by discourse, propably in a later step it makes sense to define this as a configuration option in config/main.yml
+POSTGRES_RETRIES:               5
+POSTGRES_DELAY:                 2