From 3581db27aa49f76a9256c093e0a0092fcea5e288 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Fri, 29 Dec 2023 23:58:57 +0100 Subject: [PATCH] Implemented docker postgres draft --- roles/docker-postgres/README.md | 28 +++++++++++++++++++++++++ roles/docker-postgres/handlers/main.yml | 22 +++++++++++++++++++ roles/docker-postgres/tasks/main.yml | 23 ++++++++++++++++++++ 3 files changed, 73 insertions(+) create mode 100644 roles/docker-postgres/README.md create mode 100644 roles/docker-postgres/handlers/main.yml create mode 100644 roles/docker-postgres/tasks/main.yml diff --git a/roles/docker-postgres/README.md b/roles/docker-postgres/README.md new file mode 100644 index 00000000..286d7e22 --- /dev/null +++ b/roles/docker-postgres/README.md @@ -0,0 +1,28 @@ +# Docker-Postgres Ansible Role + +## Overview +This Ansible role is designed to deploy a PostgreSQL database using Docker. It includes tasks for setting up a Docker network, installing PostgreSQL in a Docker container, and initializing the database with a specified user and database. + +## Role Variables +- `central_postgres_password`: The password for the PostgreSQL superuser (`postgres`). +- `database_databasename`: Name of the database to be created. +- `database_username`: Username for the database user. +- `database_password`: Password for the database user. + +## Role Tasks +1. **Create Docker network for PostgreSQL**: Sets up a Docker network for PostgreSQL communication. +2. **Install PostgreSQL**: Deploys PostgreSQL in a Docker container, attaching it to the created network and setting the superuser password. +3. **Run the docker_postgres tasks once**: Ensures that the tasks are only run once to avoid redundancy. + +## Handlers +- **Create database**: Creates a new database with the specified name. +- **Create database user**: Sets up a user with full privileges on the newly created database. + +## Usage +1. Set the required variables in your playbook or inventory file. +2. Include this role in your playbook. +3. Run the playbook against the target host. + +## Notes +- The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost. +- Ensure that the provided passwords are secure and stored securely, preferably using Ansible Vault or another encryption method. \ No newline at end of file diff --git a/roles/docker-postgres/handlers/main.yml b/roles/docker-postgres/handlers/main.yml new file mode 100644 index 00000000..4e07555e --- /dev/null +++ b/roles/docker-postgres/handlers/main.yml @@ -0,0 +1,22 @@ +- name: Create database + postgresql_db: + name: "{{ database_databasename }}" + state: present + login_user: postgres + login_password: "{{ central_postgres_password }}" + login_host: 127.0.0.1 + login_port: 5432 + listen: create database + +- name: Create database user + postgresql_user: + name: "{{ database_username }}" + password: "{{ database_password }}" + db: "{{ database_databasename }}" + priv: ALL + state: present + login_user: postgres + login_password: "{{ central_postgres_password }}" + login_host: 127.0.0.1 + login_port: 5432 + listen: create database diff --git a/roles/docker-postgres/tasks/main.yml b/roles/docker-postgres/tasks/main.yml new file mode 100644 index 00000000..9cdba2cf --- /dev/null +++ b/roles/docker-postgres/tasks/main.yml @@ -0,0 +1,23 @@ +- name: Create Docker network for PostgreSQL + docker_network: + name: postgres_network + state: present + when: run_once_docker_postgres is not defined + +- name: Install PostgreSQL + docker_container: + name: postgres + image: postgres:latest + detach: yes + env: + POSTGRES_PASSWORD: "{{ central_postgres_password }}" + networks: + - name: postgres_network + published_ports: + - "127.0.0.1:5432:5432" + when: run_once_docker_postgres is not defined + +- name: Run the docker_postgres tasks once + set_fact: + run_once_docker_postgres: true + when: run_once_docker_postgres is not defined \ No newline at end of file