diff --git a/roles/netbox/tasks/main.yml b/roles/netbox/tasks/main.yml index cc8e41a..5475b0c 100644 --- a/roles/netbox/tasks/main.yml +++ b/roles/netbox/tasks/main.yml @@ -65,6 +65,8 @@ line: "ALLOWED_HOSTS = ['{{ dns_name }}']" - key: 'USER.*PostgreSQL username' line: " 'USER': '{{ user }}', # PostgreSQL username" + - key: 'PASSWORD.*PostgreSQL password' + line: " 'PASSWORD': '{{ password.db_pass }}', # PostgreSQL password" # XXX unnecessary? #- key: '(OPTIONS|PASSWORD).*PostgreSQL password' # line: " 'OPTIONS': { 'passfile': '{{ user_info.home }}/.pgpass' }, # PostgreSQL password" diff --git a/roles/postgres/tasks/main.yml b/roles/postgres/tasks/main.yml index ced677a..a746103 100644 --- a/roles/postgres/tasks/main.yml +++ b/roles/postgres/tasks/main.yml @@ -10,32 +10,6 @@ enabled: true state: started -- name: Check for existing database password - become: yes - become_user: '{{ user }}' - slurp: - path: '~/.pgpass' - register: pgpass - failed_when: false - -- name: Get database password - when: '"content" in pgpass' - set_fact: db_password='{{ pgpass.content | b64decode | split(":") | last }}' - -- name: Create database password - when: '"content" not in pgpass' - set_fact: db_password='{{ lookup("password", "/dev/null", chars=["ascii_letters", "digits"]) }}' - -- name: Create .pgpass - become: yes - become_user: '{{ user }}' - copy: - dest: '~/.pgpass' - content: | - localhost:5432:{{ user }}:{{ user }}:{{ db_password }} - force: no - mode: 0600 - - become: yes become_user: postgres block: @@ -47,8 +21,7 @@ postgresql_user: db: '{{ database | default(user) }}' name: '{{ user }}' - password: '{{ db_password }}' - no_password_changes: '{{ "content" in pgpass }}' + password: '{{ password.db_pass }}' - name: Set schema owner postgresql_owner: