first create users without properties, then DBs with props, then configure the existing users

Signed-off-by: Konstantin Gizdov <kgizdov@gmail.com>
2020-06-12 14:42:19 +03:00 · 2020-06-12 14:42:19 +03:00 · 5223a02687
parent 90efe7c5c5
commit 5223a02687
3 changed files with 23 additions and 11 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -21,3 +21,4 @@
 # Configure PostgreSQL.
 - import_tasks: users.yml
 - import_tasks: databases.yml
+- import_tasks: users_props.yml
--- a/tasks/users.yml
+++ b/tasks/users.yml
@ -2,17 +2,6 @@
 - name: Ensure PostgreSQL users are present.
  postgresql_user:
    name: "{{ item.name }}"
-    password: "{{ item.password | default(omit) }}"
-    encrypted: "{{ item.encrypted | default(omit) }}"
-    priv: "{{ item.priv | default(omit) }}"
-    role_attr_flags: "{{ item.role_attr_flags | default(omit) }}"
-    db: "{{ item.db | default(omit) }}"
-    login_host: "{{ item.login_host | default('localhost') }}"
-    login_password: "{{ item.login_password | default(omit) }}"
-    login_user: "{{ item.login_user | default(postgresql_user) }}"
-    login_unix_socket: "{{ item.login_unix_socket | default(postgresql_unix_socket_directories[0]) }}"
-    port: "{{ item.port | default(omit) }}"
-    state: "{{ item.state | default('present') }}"
  with_items: "{{ postgresql_users }}"
  no_log: "{{ postgres_users_no_log }}"
  become: true
--- a/tasks/users_props.yml
+++ b/tasks/users_props.yml
@ -0,0 +1,22 @@
+---
+- name: Ensure PostgreSQL users are configured correctly.
+  postgresql_user:
+    name: "{{ item.name }}"
+    password: "{{ item.password | default(omit) }}"
+    encrypted: "{{ item.encrypted | default(omit) }}"
+    priv: "{{ item.priv | default(omit) }}"
+    role_attr_flags: "{{ item.role_attr_flags | default(omit) }}"
+    db: "{{ item.db | default(omit) }}"
+    login_host: "{{ item.login_host | default('localhost') }}"
+    login_password: "{{ item.login_password | default(omit) }}"
+    login_user: "{{ item.login_user | default(postgresql_user) }}"
+    login_unix_socket: "{{ item.login_unix_socket | default(postgresql_unix_socket_directories[0]) }}"
+    port: "{{ item.port | default(omit) }}"
+    state: "{{ item.state | default('present') }}"
+  with_items: "{{ postgresql_users }}"
+  no_log: "{{ postgres_users_no_log }}"
+  become: true
+  become_user: "{{ postgresql_user }}"
+  # See: https://github.com/ansible/ansible/issues/16048#issuecomment-229012509
+  vars:
+    ansible_ssh_pipelining: true