Viyurz/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Change PostgreSQL superuser password handling.

Browse source
This commit is contained in:
Viyurz 2024-03-29 21:25:48 +01:00
parent 7918d3b6f7
commit edb616b612
Signed by: Viyurz
SSH key fingerprint: SHA256:IskOHTmhHSJIvAt04N6aaxd5SZCVWW1Guf9tEcxIMj8
3 changed files with 17 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
roles/postgres/tasks/update.yml
View file

@ -3,6 +3,21 @@
path: "{{ project_dir }}"
state: directory
- name: "Create (if not exists) directory {{ volumes['postgres_datadir'] }} & set permissions"
file:
path: "{{ volumes['postgres_datadir'] }}"
state: directory
owner: "{{ users['postgres'] + uid_shift }}"
group: "{{ users['postgres'] + uid_shift }}"
mode: '700'
become: true
- name: "Check if directory {{ volumes['postgres_datadir'] }} is empty"
find:
paths: "{{ volumes['postgres_datadir'] }}"
register: postgres_find_datadir_result
become: true
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
@ -14,15 +29,6 @@
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['postgres_datadir'] }} & set permissions"
file:
path: "{{ volumes['postgres_datadir'] }}"
state: directory
owner: "{{ users['postgres'] + uid_shift }}"
group: "{{ users['postgres'] + uid_shift }}"
mode: '700'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"

3
roles/postgres/templates/.env
View file

@ -1,4 +1,5 @@
POSTGRES_PASSWORD='{{ postgres_password | default("") }}'
# After initial setup, set to empty string to hide password
POSTGRES_PASSWORD='{{ (postgres_find_datadir_result.matched == 0) | ternary(lookup("community.general.random_string", special=false, length=64), "") }}'
# Required for Synapse
LANG=C
POSTGRES_INITDB_ARGS="--locale=C --encoding=UTF8"

3
secrets.yml.example
View file

@ -13,9 +13,6 @@ coturn_secrets:
hedgedoc_secrets:
mysql_root_password:
# Password of the 'postgres' superuser
postgres_password:
searxng_secrets:
searxng_secret: