ronis_0505/cicd
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

add new gateway to postgres config

Browse Source
This commit is contained in:
ronis_0505
2025-08-22 22:52:02 +03:00
parent c06a7b1a31
commit ea467ff55b
3 changed files with 18 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
playbooks/roles/base-tools/README.md
View File

@@ -1,33 +1,11 @@
Install base tools for work Install tools for work
========= =========
Istall tools for work:
Requirements
------------ - sudo
- fail2ban
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the - nano
role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - tree
- python3
Role Variables - python3-pip
--------------
No variables.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set
for other roles, or variables that are used from other roles.
Example Playbook
----------------
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

32
playbooks/roles/docker-install/README.md
View File

@@ -1,35 +1,5 @@
Install Docker Install Docker
========= =========
Install Dicker and dependencies Install Docker and dependencies
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

11
playbooks/roles/postgres-config/tasks/main.yml
View File

@@ -4,13 +4,16 @@
lineinfile: lineinfile:
path: "/etc/postgresql/{{ db_version }}/main/postgresql.conf" path: "/etc/postgresql/{{ db_version }}/main/postgresql.conf"
regexp: '^#?listen_addresses\s*=' regexp: '^#?listen_addresses\s*='
line: "listen_addresses = 'localhost,{{ host_ip }},{{ docker_networks.monitoring_net.gateway }}'" line: >
"listen_addresses = 'localhost,
{{ host_ip }},{{ docker_networks.monitoring_net.gateway }},
{{ docker_networks.prod_net.gateway }}'"
create: yes create: yes
- name: Ensure external IPs - name: Ensure external IPs
lineinfile: lineinfile:
path: "/etc/postgresql/{{ db_version }}/main/pg_hba.conf" path: "rm"
regexp: "{{ item.regexp }}" regexp: "{{ item.regexp }}"
line: "{{ item.line }}" line: "{{ item.line }}"
insertafter: EOF insertafter: EOF
@@ -18,7 +21,9 @@
- regexp: '^host\s+all\s+all\s+{{ allowed_ip | regex_escape() }}\s+.*$' - regexp: '^host\s+all\s+all\s+{{ allowed_ip | regex_escape() }}\s+.*$'
line: "host all all {{ allowed_ip }}/32 scram-sha-256" line: "host all all {{ allowed_ip }}/32 scram-sha-256"
- regexp: '^host\s+all\s+all\s+{{ postgres_exporter_ip | regex_escape() }}\s+.*$' - regexp: '^host\s+all\s+all\s+{{ postgres_exporter_ip | regex_escape() }}\s+.*$'
line: "host all all {{ postgres_exporter_ip }}/32 scram-sha-256" line: "host all all {{ docker_networks.monitoring_net.gateway }}/16 scram-sha-256"
- regexp: '^host\s+all\s+all\s+{{ docker_networks.prod_net.gateway | regex_escape() }}\s+.*$'
line: "host all all {{ docker_networks.prod_net.gateway }}/16 scram-sha-256"
- name: Set custom PostgreSQL port - name: Set custom PostgreSQL port