azavea / ansible-postgresql Goto Github PK

View Code? Open in Web Editor NEW

10.0 10.0 4.0 53 KB

An Ansible role for installing PostgreSQL.

License: Apache License 2.0

ansible-postgresql's People

Contributors

Stargazers

Watchers

Forkers

oschobel dcalde aruntheja-5 miao-bpl

ansible-postgresql's Issues

Fix ansible version comparison

Fix error running on ansible 2.9.0: AnsibleError: template error while templating string: no filter named 'version_compare'.

version_compare was renamed to version in 2.5.

TASK [azavea.postgresql : Configure PostgreSQL host-based authentication] ****** fatal: [database]: FAILED! => {"changed": false, "msg": "AnsibleError: template error while templating string: no filter named 'version_compare'. String: # PostgreSQL Client Authentication Configuration File\n# ===================================================\n#\n# Refer to the \"Client Authentication\" section in the PostgreSQL\n# documentation for a complete description of this file. A short\n# synopsis follows.\n#\n# This file controls: which hosts are allowed to connect, how clients\n# are authenticated, which PostgreSQL user names they can use, which\n# databases they can access. Records take one of these forms:\n#\n# local DATABASE USER METHOD [OPTIONS]\n# host DATABASE USER ADDRESS METHOD [OPTIONS]\n# hostssl DATABASE USER ADDRESS METHOD [OPTIONS]\n# hostnossl DATABASE USER ADDRESS METHOD [OPTIONS]\n#\n# (The uppercase items must be replaced by actual values.)\n#\n# The first field is the connection type: \"local\" is a Unix-domain\n# socket, \"host\" is either a plain or SSL-encrypted TCP/IP socket,\n# \"hostssl\" is an SSL-encrypted TCP/IP socket, and \"hostnossl\" is a\n# plain TCP/IP socket.\n#\n# DATABASE can be \"all\", \"sameuser\", \"samerole\", \"replication\", a\n# database name, or a comma-separated list thereof. The \"all\"\n# keyword does not match \"replication\". Access to replication\n# must be enabled in a separate record (see example below).\n#\n# USER can be \"all\", a user name, a group name prefixed with \"+\", or a\n# comma-separated list thereof. In both the DATABASE and USER fields\n# you can also write a file name prefixed with \"@\" to include names\n# from a separate file.\n#\n# ADDRESS specifies the set of hosts the record matches. It can be a\n# host name, or it is made up of an IP address and a CIDR mask that is\n# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that\n# specifies the number of significant bits in the mask. A host name\n# that starts with a dot (.) matches a suffix of the actual host name.\n# Alternatively, you can write an IP address and netmask in separate\n# columns to specify the set of hosts. Instead of a CIDR-address, you\n# can write \"samehost\" to match any of the server's own IP addresses,\n# or \"samenet\" to match any address in any subnet that the server is\n# directly connected to.\n#\n# METHOD can be \"trust\", \"reject\", \"md5\", \"password\", \"gss\", \"sspi\",\n# \"ident\", \"peer\", \"pam\", \"ldap\", \"radius\" or \"cert\". Note that\n# \"password\" sends passwords in clear text; \"md5\" is preferred since\n# it sends encrypted passwords.\n#\n# OPTIONS are a set of options for the authentication in the format\n# NAME=VALUE. The available options depend on the different\n# authentication methods -- refer to the \"Client Authentication\"\n# section in the documentation for a list of which options are\n# available for which authentication methods.\n#\n# Database and user names containing spaces, commas, quotes and other\n# special characters must be quoted. Quoting one of the keywords\n# \"all\", \"sameuser\", \"samerole\" or \"replication\" makes the name lose\n# its special character, and just match a database or username with\n# that name.\n#\n# This file is read on server startup and when the postmaster receives\n# a SIGHUP signal. If you edit the file on a running system, you have\n# to SIGHUP the postmaster for the changes to take effect. You can\n# use \"pg_ctl reload\" to do that.\n\n# Put your actual configuration here\n# ----------------------------------\n#\n# If you want to allow non-local connections, you need to add more\n# \"host\" records. In that case you will also need to make PostgreSQL\n# listen on a non-local interface via the listen_addresses\n# configuration parameter, or via the -i or -h command line switches.\n\n{% for rule in postgresql_hba_mapping %}\n{{ rule.type }} {{ rule.database }} {{ rule.user }} {{ rule.address }} {{ rule.method }}\n{% endfor %}\n\n# DO NOT DISABLE!\n# If you change this first entry you will need to make sure that the\n# database superuser can access the database using some other method.\n# Noninteractive access to all databases is required during automatic\n# maintenance (custom daily cronjobs, replication, and similar tasks).\n#\n# Database administrative login by Unix domain socket\nlocal all postgres peer\n\n{% if postgresql_version | version_compare('9.3', '<=') %}\n# Database administrative login from localhost\nhost all postgres 127.0.0.1/32 trust\n{% endif %}\n\n# TYPE DATABASE USER ADDRESS METHOD\n\n# \"local\" is for Unix domain socket connections only\nlocal all all peer\n# IPv4 local connections:\nhost all all 127.0.0.1/32 md5\n# IPv6 local connections:\nhost all all ::1/128 md5\n# Allow replication connections from localhost, by a user with the\n# replication privilege.\n#local replication postgres peer\n#host replication postgres 127.0.0.1/32 md5\n#host replication postgres ::1/128 md5\n"}

9.5 no longer available

PostgreSQL 9.5 (the default version) appears to no longer be available. It is now 9.6.

"postgresql_package_version not found"

version "9.4.-2.pgdg14.04+1" is not being found in postgresql apt repository, version "9.4.-1.pgdg14.04+1" is there.

OS Ubuntu Trusty.

Default version update needed

Provisioning failing with Version '9.6.*-1.pgdg14.04+1' for 'postgresql-server-dev-9.6' was not found.

Remove `default_text_search_config` from postgresql.conf template

The default value for the default_text_search_config setting is simple (see https://www.postgresql.org/docs/9.6/runtime-config-client.html#GUC-DEFAULT-TEXT-SEARCH-CONFIG).
It's not possible to change that on RDS. See e.g. this StackOverflow question, this unanswered AWS forum question, and this screenshot from the RDS Parameter Groups interface:

Having a default setting on this role that differs from the unchangeable setting on RDS seems to add minimal benefit that's outweighed by the risk of unexpected behavior differences between environments. I think it would make sense to just remove it from postgresql.conf.j2 and let the default prevail.

Address deprecation warnings

Fix the ansible usage deprecation warnings for Using tests as filters is deprecated and Invoking "apt" only once while using a loop via squash_actions is deprecated..

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.