add new gateway to postgres config

2025-08-22 22:52:02 +03:00
parent c06a7b1a31
commit ea467ff55b
3 changed files with 18 additions and 65 deletions
--- a/playbooks/roles/base-tools/README.md
+++ b/playbooks/roles/base-tools/README.md
@@ -1,33 +1,11 @@
-Install base tools for work
+Install tools for work
 =========

-
-Requirements
------------
-
-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the
-role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
-
-Role Variables
--------------
-
-No variables.
-
-Dependencies
------------
-
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set
-for other roles, or variables that are used from other roles.
-
-Example Playbook
----------------
-
-License
-------
-
-BSD
-
-Author Information
------------------
-
-An optional section for the role authors to include contact information, or a website (HTML is not allowed).
+Istall tools for work:
+  
+  - sudo
+  - fail2ban
+  - nano
+  - tree
+  - python3
+  - python3-pip
--- a/playbooks/roles/docker-install/README.md
+++ b/playbooks/roles/docker-install/README.md
@@ -1,35 +1,5 @@
 Install Docker
 =========

-Install Dicker and dependencies
-Requirements
------------
+Install Docker and dependencies

-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
-
-Role Variables
--------------
-
-Dependencies
------------
-
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
-
-Example Playbook
----------------
-
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
-
-    - hosts: servers
-      roles:
-         - { role: username.rolename, x: 42 }
-
-License
-------
-
-BSD
-
-Author Information
------------------
-
-An optional section for the role authors to include contact information, or a website (HTML is not allowed).
--- a/playbooks/roles/postgres-config/tasks/main.yml
+++ b/playbooks/roles/postgres-config/tasks/main.yml
@@ -4,13 +4,16 @@
  lineinfile:
    path: "/etc/postgresql/{{ db_version }}/main/postgresql.conf"
    regexp: '^#?listen_addresses\s*='
-    line: "listen_addresses = 'localhost,{{ host_ip }},{{  docker_networks.monitoring_net.gateway }}'"
+    line: >
+      "listen_addresses = 'localhost,
+      {{ host_ip }},{{  docker_networks.monitoring_net.gateway }},
+      {{  docker_networks.prod_net.gateway }}'"
    create: yes


 - name: Ensure external IPs
  lineinfile:
-    path: "/etc/postgresql/{{ db_version }}/main/pg_hba.conf"
+    path: "rm"
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    insertafter: EOF
@@ -18,7 +21,9 @@
    - regexp: '^host\s+all\s+all\s+{{ allowed_ip | regex_escape() }}\s+.*$'
      line: "host    all     all    {{ allowed_ip }}/32    scram-sha-256"
    - regexp: '^host\s+all\s+all\s+{{ postgres_exporter_ip | regex_escape() }}\s+.*$'
-      line: "host    all     all    {{ postgres_exporter_ip }}/32    scram-sha-256"
+      line: "host    all     all    {{ docker_networks.monitoring_net.gateway }}/16   scram-sha-256"
+    - regexp: '^host\s+all\s+all\s+{{ docker_networks.prod_net.gateway | regex_escape() }}\s+.*$'
+      line: "host    all     all    {{ docker_networks.prod_net.gateway }}/16    scram-sha-256"


 - name: Set custom PostgreSQL port