From 91d35698d86299c95573d35aacbf2fb4e635bcd2 Mon Sep 17 00:00:00 2001
From: Joe Banks <joe@jb3.dev>
Date: Sun, 2 Jun 2024 19:50:21 +0100
Subject: Add pg_ident.conf file

---
 ansible/roles/postgres/tasks/main.yml | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'ansible/roles/postgres/tasks')

diff --git a/ansible/roles/postgres/tasks/main.yml b/ansible/roles/postgres/tasks/main.yml
index 989c459..1fb54e3 100644
--- a/ansible/roles/postgres/tasks/main.yml
+++ b/ansible/roles/postgres/tasks/main.yml
@@ -24,6 +24,7 @@
   community.postgresql.postgresql_user:
     name: "{{ item.name }}"
     password: "{{ item.password }}"
+    role_attr_flags: "{{ item['role_attr_flags'] | default('') }}"
     state: present
   loop_control:
     label: "{{ item.name }}"
@@ -51,7 +52,7 @@
     marker: "# {mark} ANSIBLE MANAGED HBA CONF BLOCK"
     block: |
       {% for rule in postgres_hba_rules %}
-      {{ rule.conn_type }}    {{ rule.database }}    {{ rule.user }}    {{ rule.address }}    {{ rule.method }}
+      {{ rule.conn_type }}    {{ rule.database }}    {{ rule.user }}    {{ rule.address }}    {{ rule.method }}   {{ rule['options'] | default('') }}
       {% endfor %}
   loop: "{{ postgres_hba_rules }}"
   notify:
@@ -102,3 +103,15 @@
     - role::postgres
   notify:
     - Restart the postgres service
+
+- name: Import PostgreSQL identity map (pg_ident.conf)
+  copy:
+    src: ident.conf
+    dest: /etc/postgresql/{{ postgres_version }}/main/pg_ident.conf
+    owner: postgres
+    group: postgres
+    mode: "0644"
+  tags:
+    - role::postgres
+  notify:
+    - Restart the postgres service
-- 
cgit v1.2.3