Merge branch 'master' into patch-1

.ansible-lint

@@ -0,0 +1,3 @@
+skip_list:
+  - '405'
+  - '503'

.gitignore

@@ -1,2 +1,3 @@
 *.retry
-tests/test.sh
+*/__pycache__
+*.pyc

.travis.yml

@@ -1,45 +1,30 @@
 ---
+language: python
 services: docker
 
 env:
-  - distro: centos7
-    postgresql_bin_dir: /usr/bin
-    postgresql_data_dir: /var/lib/pgsql/data
-  - distro: centos6
-    postgresql_bin_dir: /usr/bin
-    postgresql_data_dir: /var/lib/pgsql/data
-  - distro: ubuntu1604
-    postgresql_bin_dir: /usr/lib/postgresql/9.5/bin
-    postgresql_data_dir: /var/lib/postgresql/9.5/main
-  - distro: ubuntu1404
-    postgresql_bin_dir: /usr/lib/postgresql/9.3/bin
-    postgresql_data_dir: /var/lib/postgresql/9.3/main
-  - distro: debian8
-    postgresql_bin_dir: /usr/lib/postgresql/9.4/bin
-    postgresql_data_dir: /var/lib/postgresql/9.4/main
-  - distro: debian9
-    postgresql_bin_dir: /usr/lib/postgresql/9.6/bin
-    postgresql_data_dir: /var/lib/postgresql/9.6/main
+  global:
+    - ROLE_NAME: postgresql
+  matrix:
+    - MOLECULE_DISTRO: centos7
+    - MOLECULE_DISTRO: ubuntu1804
+    - MOLECULE_DISTRO: ubuntu1604
+    - MOLECULE_DISTRO: debian9
+    - MOLECULE_DISTRO: debian8
+
+install:
+  # Install test dependencies.
+  - pip install molecule docker
+
+before_script:
+  # Use actual Ansible Galaxy role name for the project directory.
+  - cd ../
+  - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME
+  - cd geerlingguy.$ROLE_NAME
 
 script:
-  # Configure test script so we can run extra tests after playbook is run.
-  - export container_id=$(date +%s)
-  - export cleanup=false
-
-  # Download test shim.
-  - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
-  - chmod +x ${PWD}/tests/test.sh
-
   # Run tests.
-  - ${PWD}/tests/test.sh
-
-  # Check PostgreSQL status.
-  - 'docker exec -u postgres ${container_id} ${postgresql_bin_dir}/pg_ctl -D ${postgresql_data_dir} status'
-
-after_failure:
-  # Check what happened on systemd systems.
-  - 'docker exec --tty ${container_id} env TERM=xterm systemctl -l status postgresql.service'
-  - 'docker exec --tty ${container_id} env TERM=xterm journalctl -xe --no-pager'
+  - molecule test
 
 notifications:
   webhooks: https://galaxy.ansible.com/api/v1/notifications/

README.md

@@ -21,6 +21,10 @@ Available variables are listed below, along with default values (see `defaults/m
 
 (RHEL/CentOS only) You can set a repo to use for the PostgreSQL installation by passing it in here.
 
+    postgresql_restarted_state: "restarted"
+
+Set the state of the service when configuration changes are made. Recommended values are `restarted` or `reloaded`.
+
     postgresql_python_library: python-psycopg2
 
 Library used by Ansible to communicate with PostgreSQL. If you are using Python 3 (e.g. set via `ansible_python_interpreter`), you should change this to `python3-psycopg2`.
@@ -35,6 +39,11 @@ The user and group under which PostgreSQL will run.
 
 The directories (usually one, but can be multiple) where PostgreSQL's socket will be created.
 
+    postgresql_service_state: started
+    postgresql_service_enabled: true
+
+Control the state of the postgresql service and whether it should start at boot time.
+
     postgresql_global_config_options:
       - option: unix_socket_directories
         value: '{{ postgresql_unix_socket_directories | join(",") }}'
@@ -76,6 +85,7 @@ If overriding, make sure you copy all of the existing entries from `defaults/mai
         login_user: # defaults to 'postgresql_user'
         login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories
         port: # defaults to not set
+        owner: # defaults to postgresql_user
         state: # defaults to 'present'
 
 A list of databases to ensure exist on the server. Only the `name` is required; all other properties are optional.
@@ -83,6 +93,7 @@ A list of databases to ensure exist on the server. Only the `name` is required;
     postgresql_users:
       - name: jdoe #required; the rest are optional
         password: # defaults to not set
+        encrypted: # defaults to not set
         priv: # defaults to not set
         role_attr_flags: # defaults to not set
         db: # defaults to not set
@@ -102,7 +113,7 @@ A list of users to ensure exist on the server. Only the `name` is required; all
     postgresql_daemon: [OS-specific]
     postgresql_packages: [OS-specific]
 
-OS-specific variables that are set by include files in this role's `vars` directory. These shouldn't be overridden unless you're using a verison of PostgreSQL that wasn't installed using system packages.
+OS-specific variables that are set by include files in this role's `vars` directory. These shouldn't be overridden unless you're using a version of PostgreSQL that wasn't installed using system packages.
 
 ## Dependencies
 

defaults/main.yml

@@ -2,6 +2,10 @@
 # RHEL/CentOS only. Set a repository to use for PostgreSQL installation.
 postgresql_enablerepo: ""
 
+# Set postgresql state when configuration changes are made. Recommended values:
+# `restarted` or `reloaded`
+postgresql_restarted_state: "restarted"
+
 postgresql_python_library: python-psycopg2
 postgresql_user: postgres
 postgresql_group: postgres
@@ -9,6 +13,9 @@ postgresql_group: postgres
 postgresql_unix_socket_directories:
   - /var/run/postgresql
 
+postgresql_service_state: started
+postgresql_service_enabled: true
+
 # Global configuration options that will be set in postgresql.conf.
 postgresql_global_config_options:
   - option: unix_socket_directories
@@ -17,10 +24,10 @@ postgresql_global_config_options:
 # Host based authentication (hba) entries to be added to the pg_hba.conf. This
 # variable's defaults reflect the defaults that come with a fresh installation.
 postgresql_hba_entries:
-  - { type: local, database: all, user: postgres, auth_method: peer }
-  - { type: local, database: all, user: all, auth_method: peer }
-  - { type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5 }
-  - { type: host, database: all, user: all, address: '::1/128', auth_method: md5 }
+  - {type: local, database: all, user: postgres, auth_method: peer}
+  - {type: local, database: all, user: all, auth_method: peer}
+  - {type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5}
+  - {type: host, database: all, user: all, address: '::1/128', auth_method: md5}
 
 # Debian only. Used to generate the locales used by PostgreSQL databases.
 postgresql_locales:
@@ -28,28 +35,30 @@ postgresql_locales:
 
 # Databases to ensure exist.
 postgresql_databases: []
-  # - name: exampledb # required; the rest are optional
-  #   lc_collate: # defaults to 'en_US.UTF-8'
-  #   lc_ctype: # defaults to 'en_US.UTF-8'
-  #   encoding: # defaults to 'UTF-8'
-  #   template: # defaults to 'template0'
-  #   login_host: # defaults to 'localhost'
-  #   login_password: # defaults to not set
-  #   login_user: # defaults to '{{ postgresql_user }}'
-  #   login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories
-  #   port: # defaults to not set
-  #   state: # defaults to 'present'
+# - name: exampledb # required; the rest are optional
+#   lc_collate: # defaults to 'en_US.UTF-8'
+#   lc_ctype: # defaults to 'en_US.UTF-8'
+#   encoding: # defaults to 'UTF-8'
+#   template: # defaults to 'template0'
+#   login_host: # defaults to 'localhost'
+#   login_password: # defaults to not set
+#   login_user: # defaults to '{{ postgresql_user }}'
+#   login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories
+#   port: # defaults to not set
+#   owner: # defaults to postgresql_user
+#   state: # defaults to 'present'
 
 # Users to ensure exist.
 postgresql_users: []
-  # - name: jdoe #required; the rest are optional
-  #   password: # defaults to not set
-  #   priv: # defaults to not set
-  #   role_attr_flags: # defaults to not set
-  #   db: # defaults to not set
-  #   login_host: # defaults to 'localhost'
-  #   login_password: # defaults to not set
-  #   login_user: # defaults to '{{ postgresql_user }}'
-  #   login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories
-  #   port: # defaults to not set
-  #   state: # defaults to 'present'
+# - name: jdoe #required; the rest are optional
+#   password: # defaults to not set
+#   encrypted: # defaults to not set
+#   priv: # defaults to not set
+#   role_attr_flags: # defaults to not set
+#   db: # defaults to not set
+#   login_host: # defaults to 'localhost'
+#   login_password: # defaults to not set
+#   login_user: # defaults to '{{ postgresql_user }}'
+#   login_unix_socket: # defaults to 1st of postgresql_unix_socket_directories
+#   port: # defaults to not set
+#   state: # defaults to 'present'

handlers/main.yml

@@ -1,3 +1,6 @@
 ---
 - name: restart postgresql
-  service: "name={{ postgresql_daemon }} state=restarted sleep=5"
+  service:
+    name: "{{ postgresql_daemon }}"
+    state: "{{ postgresql_restarted_state }}"
+    sleep: 5

meta/main.yml

@@ -6,18 +6,18 @@ galaxy_info:
   description: PostgreSQL server for Linux.
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
-  min_ansible_version: 2.0
+  min_ansible_version: 2.4
   platforms:
     - name: EL
       versions:
-      - 6
-      - 7
+        - 6
+        - 7
     - name: Ubuntu
       versions:
-      - all
+        - all
     - name: Debian
       versions:
-      - all
+        - all
   galaxy_tags:
     - database
     - postgresql

molecule/default/molecule.yml

@@ -0,0 +1,29 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  options:
+    config-file: molecule/default/yaml-lint.yml
+platforms:
+  - name: instance
+    image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  lint:
+    name: ansible-lint
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
+scenario:
+  name: default
+verifier:
+  name: testinfra
+  lint:
+    name: flake8

molecule/default/playbook.yml

@@ -1,5 +1,7 @@
 ---
-- hosts: all
+- name: Converge
+  hosts: all
+  become: true
 
   vars:
     postgresql_databases:
@@ -9,7 +11,7 @@
 
   pre_tasks:
     - name: Update apt cache.
-      apt: update_cache=yes cache_valid_time=600
+      apt: update_cache=true cache_valid_time=600
       when: ansible_os_family == 'Debian'
 
     - name: Set custom variables for old CentOS 6 PostgreSQL install.
@@ -18,7 +20,16 @@
         postgresql_global_config_options:
           - option: unix_socket_directory
             value: '{{ postgresql_unix_socket_directories[0] }}'
-      when: ansible_os_family == 'RedHat' and ansible_distribution_version.split('.')[0] == '6'
+      when:
+        - ansible_os_family == 'RedHat'
+        - ansible_distribution_version.split('.')[0] == '6'
 
   roles:
-    - role_under_test
+    - role: geerlingguy.postgresql
+
+  post_tasks:
+    - name: Verify postgres is running.
+      command: "{{ postgresql_bin_path }}/pg_ctl -D {{ postgresql_data_dir }} status"
+      changed_when: false
+      become: true
+      become_user: postgres

molecule/default/tests/test_default.py

@@ -0,0 +1,14 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_hosts_file(host):
+    f = host.file('/etc/hosts')
+
+    assert f.exists
+    assert f.user == 'root'
+    assert f.group == 'root'

molecule/default/yaml-lint.yml

@@ -0,0 +1,6 @@
+---
+extends: default
+rules:
+  line-length:
+    max: 120
+    level: warning

tasks/configure.yml

@@ -10,7 +10,7 @@
 
 - name: Configure host based authentication (if entries are configured).
   template:
-    src: "templates/pg_hba.conf.j2"
+    src: "pg_hba.conf.j2"
     dest: "{{ postgresql_config_path }}/pg_hba.conf"
     owner: "{{ postgresql_user }}"
     group: "{{ postgresql_group }}"

tasks/databases.yml

@@ -14,7 +14,7 @@
     owner: "{{ item.owner | default(postgresql_user) }}"
     state: "{{ item.state | default('present') }}"
   with_items: "{{ postgresql_databases }}"
-  become: yes
+  become: true
   become_user: "{{ postgresql_user }}"
   # See: https://github.com/ansible/ansible/issues/16048#issuecomment-229012509
   vars:

tasks/initialize.yml

@@ -22,7 +22,7 @@
 - name: Ensure PostgreSQL database is initialized.
   command: "{{ postgresql_bin_path }}/initdb -D {{ postgresql_data_dir }}"
   when: not pgdata_dir_version.stat.exists
-  become: yes
+  become: true
   become_user: "{{ postgresql_user }}"
   # See: https://github.com/ansible/ansible/issues/16048#issuecomment-229012509
   vars:

tasks/main.yml

@@ -1,26 +1,23 @@
 ---
 # Variable configuration.
-- include: variables.yml
-  static: no
+- include_tasks: variables.yml
 
 # Setup/install tasks.
-- include: setup-RedHat.yml
+- include_tasks: setup-RedHat.yml
   when: ansible_os_family == 'RedHat'
-  static: no
 
-- include: setup-Debian.yml
+- include_tasks: setup-Debian.yml
   when: ansible_os_family == 'Debian'
-  static: no
 
-- include: initialize.yml
-- include: configure.yml
+- include_tasks: initialize.yml
+- include_tasks: configure.yml
 
 - name: Ensure PostgreSQL is started and enabled on boot.
   service:
     name: "{{ postgresql_daemon }}"
-    state: started
-    enabled: yes
+    state: "{{ postgresql_service_state }}"
+    enabled: "{{ postgresql_service_enabled }}"
 
 # Configure PostgreSQL.
-- include: users.yml
-- include: databases.yml
+- import_tasks: users.yml
+- import_tasks: databases.yml

tasks/setup-Debian.yml

@@ -2,13 +2,12 @@
 - name: Ensure PostgreSQL Python libraries are installed.
   apt:
     name: "{{ postgresql_python_library }}"
-    state: installed
+    state: present
 
 - name: Ensure PostgreSQL packages are installed.
   apt:
-    name: "{{ item }}"
-    state: installed
-  with_items: "{{ postgresql_packages }}"
+    name: "{{ postgresql_packages }}"
+    state: present
 
 - name: Ensure all configured locales are present.
   locale_gen: "name={{ item }} state=present"

tasks/setup-RedHat.yml

@@ -1,13 +1,12 @@
 ---
 - name: Ensure PostgreSQL packages are installed.
   package:
-    name: "{{ item }}"
-    state: installed
-    enablerepo: "{{ postgresql_enablerepo }}"
-  with_items: "{{ postgresql_packages }}"
+    name: "{{ postgresql_packages }}"
+    state: present
+    enablerepo: "{{ postgresql_enablerepo | default(omit, true) }}"
 
 - name: Ensure PostgreSQL Python libraries are installed.
   package:
     name: "{{ postgresql_python_library }}"
-    state: installed
-    enablerepo: "{{ postgresql_enablerepo }}"
+    state: present
+    enablerepo: "{{ postgresql_enablerepo | default(omit, true) }}"

tasks/users.yml

@@ -3,6 +3,7 @@
   postgresql_user:
     name: "{{ item.name }}"
     password: "{{ item.password | default(omit) }}"
+    encrypted: "{{ item.encrypted | default(omit) }}"
     priv: "{{ item.priv | default(omit) }}"
     role_attr_flags: "{{ item.role_attr_flags | default(omit) }}"
     db: "{{ item.db | default(omit) }}"
@@ -14,7 +15,7 @@
     state: "{{ item.state | default('present') }}"
   with_items: "{{ postgresql_users }}"
   no_log: true
-  become: yes
+  become: true
   become_user: "{{ postgresql_user }}"
   # See: https://github.com/ansible/ansible/issues/16048#issuecomment-229012509
   vars:

tasks/variables.yml

@@ -13,16 +13,16 @@
     postgresql_packages: "{{ __postgresql_packages | list }}"
   when: postgresql_packages is not defined
 
-- name: Define postgresql_daemon.
-  set_fact:
-    postgresql_daemon: "{{ __postgresql_daemon }}"
-  when: postgresql_daemon is not defined
-
 - name: Define postgresql_version.
   set_fact:
     postgresql_version: "{{ __postgresql_version }}"
   when: postgresql_version is not defined
 
+- name: Define postgresql_daemon.
+  set_fact:
+    postgresql_daemon: "{{ __postgresql_daemon }}"
+  when: postgresql_daemon is not defined
+
 - name: Define postgresql_data_dir.
   set_fact:
     postgresql_data_dir: "{{ __postgresql_data_dir }}"

tests/README.md

@@ -1,11 +0,0 @@
-# Ansible Role tests
-
-To run the test playbook(s) in this directory:
-
-  1. Install and start Docker.
-  1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`:
-    - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/`
-  1. Make the test shim executable: `chmod +x tests/test.sh`.
-  1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh`
-
-If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`

vars/Debian-7.yml

@@ -7,4 +7,4 @@ __postgresql_daemon: postgresql
 __postgresql_packages:
   - postgresql
   - postgresql-contrib
-  - libpq-dev
+  - libpq-dev

vars/Debian-8.yml

@@ -3,7 +3,7 @@ __postgresql_version: "9.4"
 __postgresql_data_dir: "/var/lib/postgresql/{{ __postgresql_version }}/main"
 __postgresql_bin_path: "/usr/lib/postgresql/{{ __postgresql_version }}/bin"
 __postgresql_config_path: "/etc/postgresql/{{ __postgresql_version }}/main"
-__postgresql_daemon: postgresql
+__postgresql_daemon: "postgresql@{{ postgresql_version }}-main"
 __postgresql_packages:
   - postgresql
   - postgresql-contrib

vars/Debian-9.yml

@@ -3,7 +3,7 @@ __postgresql_version: "9.6"
 __postgresql_data_dir: "/var/lib/postgresql/{{ __postgresql_version }}/main"
 __postgresql_bin_path: "/usr/lib/postgresql/{{ __postgresql_version }}/bin"
 __postgresql_config_path: "/etc/postgresql/{{ __postgresql_version }}/main"
-__postgresql_daemon: postgresql
+__postgresql_daemon: "postgresql@{{ postgresql_version }}-main"
 __postgresql_packages:
   - postgresql
   - postgresql-contrib

vars/Ubuntu-18.yml

@@ -0,0 +1,10 @@
+---
+__postgresql_version: "10"
+__postgresql_data_dir: "/var/lib/postgresql/{{ __postgresql_version }}/main"
+__postgresql_bin_path: "/usr/lib/postgresql/{{ __postgresql_version }}/bin"
+__postgresql_config_path: "/etc/postgresql/{{ __postgresql_version }}/main"
+__postgresql_daemon: postgresql
+__postgresql_packages:
+  - postgresql
+  - postgresql-contrib
+  - libpq-dev