Skip to content
Snippets Groups Projects
Commit 4f5a8b95 authored by Jean's avatar Jean Committed by Eliot Berriot
Browse files

Add possibility to handle remote managed postgresql setup

parent 41e3bd9e
No related branches found
No related tags found
No related merge requests found
......@@ -8,10 +8,23 @@ funkwhale_config_path: /srv/funkwhale/config
funkwhale_external_storage_enabled: false
funkwhale_disable_django_admin: false
funkwhale_username: funkwhale
funkwhale_database_managed: true
funkwhale_frontend_managed: true
funkwhale_database_managed: true
funkwhale_database_local: true
funkwhale_database_name: funkwhale
funkwhale_database_user: funkwhale
# the DB host as per your ansible inventory
funkwhale_database_host_ansible: localhost
# the DB FQDN or IP for funkwhale connector configuration (ex: pg01.local)
funkwhale_database_host_app: localhost
funkwhale_database_port: 5432
# ↓ Only needed if 'funkwhale_database_managed' == false
# ↓ This is also assuming DB and user have already been set up, outside of the playbook.
# ↓ Considering the playbook handles both local and remote PostGreSQL server types, this should typically not be required.
#funkwhale_database_url: postgresql://{{ funkwhale_database_user }}[:{{ funkwhale_database_password }}]@[{{ funkwhale_database_host_app }}]:{{ funkwhale_database_port | default(5432) }}/{{ funkwhale_database_name }}
funkwhale_nginx_managed: true
funkwhale_nginx_max_body_size: 100M
funkwhale_redis_managed: true
......
---
- name: "Install postgresql"
become: true
when: funkwhale_database_managed
when: funkwhale_database_managed and funkwhale_database_local
package:
name:
- postgresql
- python3-psycopg2
- name: "Start Postgresql"
when: funkwhale_database_managed
when: funkwhale_database_managed and funkwhale_database_local
service:
name: postgresql
state: started
- name: "Create {{ funkwhale_database_name }} database"
- name: "Create {{ funkwhale_database_user }} database user on {{ funkwhale_database_host_ansible }} (local / passwordless)"
become: true
become_user: postgres
when: funkwhale_database_managed
postgresql_db:
name: "{{ funkwhale_database_name }}"
encoding: UTF-8
template: template0
when: funkwhale_database_managed and funkwhale_database_host_ansible == 'localhost'
postgresql_user:
name: "{{ funkwhale_database_user }}"
login_user: postgres
delegate_to: "{{ funkwhale_database_host_ansible }}"
- name: "Create {{ funkwhale_database_user }} database user"
- name: "Create {{ funkwhale_database_user }} database user on {{ funkwhale_database_host_ansible }} (remote / with password)"
become: true
become_user: postgres
when: funkwhale_database_managed
when: funkwhale_database_managed and funkwhale_database_host_ansible != 'localhost'
postgresql_user:
db: "{{ funkwhale_database_name }}"
name: "{{ funkwhale_database_user }}"
password: "{{ funkwhale_database_password }}"
login_user: postgres
delegate_to: "{{ funkwhale_database_host_ansible }}"
- name: "Grant privileges on database {{ funkwhale_database_name }} to {{ funkwhale_database_user }} user"
when: funkwhale_database_managed
- name: "Create {{ funkwhale_database_name }} database on {{ funkwhale_database_host_ansible }}"
become: true
become_user: postgres
command: psql -c "GRANT ALL PRIVILEGES ON DATABASE {{ funkwhale_database_name }} TO {{ funkwhale_database_user }}"
- name: "Create db extensions"
when: funkwhale_database_managed
become: true
postgresql_db:
name: "{{ funkwhale_database_name }}"
login_user: postgres
owner: "{{ funkwhale_database_user }}"
encoding: UTF-8
template: template0
delegate_to: "{{ funkwhale_database_host_ansible }}"
- name: set up pgsql extensions
become: yes
become_user: postgres
command: psql {{ funkwhale_database_name }} -c "CREATE EXTENSION IF NOT EXISTS {{ item }}"
with_items:
- unaccent
- citext
when: funkwhale_database_managed
postgresql_ext:
db: "{{ funkwhale_database_name }}"
name: "{{ myext }}"
login_user: postgres
loop: ['unaccent', 'citext']
loop_control:
loop_var: myext
delegate_to: "{{ funkwhale_database_host_ansible }}"
...
---
- name: set a password for postgresql DB (remote psql server only)
tags: [ db ]
set_fact:
# Look up for the key 'vault_funkwhale_database_password' (for you to create, ideally in a vault).
# If no key is found,it will search inside ./pgsql_funkwhale.credentials.txt.
# If ./pgsql_funkwhale.credentials.txt does not exist, it generates a random password and write it there.
funkwhale_database_password: "{{ vault_funkwhale_database_password | default(lookup('password', './%s.credentials.txt chars=ascii_letters,digits length=20' % 'pgsql_funkwhale')) }}"
# If 'funkwhale_database_local:' == true, funkwhale will connect via unix socket (no password needed).
when: not funkwhale_database_local
- name: "Set frontend path"
when: funkwhale_frontend_managed
tags: [funkwhale, nginx]
......
......@@ -10,7 +10,7 @@ FUNKWHALE_WEB_WORKERS={{ funkwhale_web_workers }}
REVERSE_PROXY_TYPE=nginx
{% if funkwhale_database_managed %}
DATABASE_URL=postgresql://{{ funkwhale_database_user }}@:5432/{{ funkwhale_database_name }}
DATABASE_URL=postgresql://{{ funkwhale_database_user }}{%- if funkwhale_database_password is defined -%}:{{ funkwhale_database_password }}{%- endif -%}@{%- if funkwhale_database_host_app != 'localhost' -%}{{ funkwhale_database_host_app }}{%- endif -%}:{{ funkwhale_database_port }}/{{ funkwhale_database_name }}
{% else %}
DATABASE_URL={{ funkwhale_database_url }}
{% endif %}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment