--- - name: Deploy PostgreSQL hosts: ubuntu become: true tasks: - name: Check if host has postgresql service ansible.builtin.set_fact: has_postgresql_service: "{{ 'postgresql' in services | default([]) }}" - name: Skip hosts without postgresql service ansible.builtin.meta: end_host when: not has_postgresql_service - name: Install build dependencies become: true ansible.builtin.apt: name: [curl, git, build-essential, vim, python3-psycopg2] state: present update_cache: true - name: Install PostgreSQL Common become: true ansible.builtin.apt: name: postgresql-common state: present - name: Install the public key for the PostgreSQL repository become: true ansible.builtin.shell: /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y register: pg_repo_output - name: Install PostgreSQL packages become: true ansible.builtin.apt: name: - postgresql-client-17 - postgresql-doc-17 - postgresql-17 - libpq-dev - postgresql-server-dev-17 - postgresql-17-postgis-3 state: present update_cache: true - name: Show PostgreSQL repository output ansible.builtin.debug: var: pg_repo_output - name: Create gh directory become: true ansible.builtin.file: path: "{{ keeper_home }}/gh" state: directory owner: "{{ keeper_user }}" group: "{{ keeper_group }}" mode: '755' - name: Clone pgvector repository become: true become_user: "{{ keeper_user }}" ansible.builtin.git: repo: https://github.com/pgvector/pgvector.git dest: "{{ keeper_home }}/gh/pgvector" version: v0.8.0 force: true - name: Build pgvector become: true become_user: "{{ keeper_user }}" ansible.builtin.make: chdir: "{{ keeper_home }}/gh/pgvector" - name: Install pgvector become: true ansible.builtin.make: chdir: "{{ keeper_home }}/gh/pgvector" target: install - name: Ensure PostgreSQL is running ansible.builtin.systemd: name: postgresql state: started enabled: true - name: Restart PostgreSQL after pgvector installation ansible.builtin.systemd: name: postgresql state: restarted - name: Check actual PostgreSQL version ansible.builtin.shell: | sudo -u postgres psql -c "SELECT version();" become: true register: pg_version_check - name: Display PostgreSQL version ansible.builtin.debug: var: pg_version_check.stdout - name: Check PostgreSQL config directory ansible.builtin.shell: | sudo -u postgres psql -c "SHOW config_file;" become: true register: pg_config_check - name: Display PostgreSQL config location ansible.builtin.debug: var: pg_config_check.stdout - name: Check available pg_config versions ansible.builtin.shell: | ls -la /usr/bin/pg_config* which pg_config pg_config --version become: true register: pg_config_versions - name: Display pg_config information ansible.builtin.debug: var: pg_config_versions.stdout - name: Build pgvector with correct pg_config become: true ansible.builtin.shell: | cd {{ keeper_home }}/gh/pgvector make clean # Use the specific pg_config for the installed version PG_CONFIG_PATH=$(ls /usr/bin/pg_config-* | head -1) if [ -z "$PG_CONFIG_PATH" ]; then PG_CONFIG_PATH=$(which pg_config) fi echo "Using pg_config: $PG_CONFIG_PATH" $PG_CONFIG_PATH --version make PG_CONFIG=$PG_CONFIG_PATH make install PG_CONFIG=$PG_CONFIG_PATH register: pgvector_build_output - name: Display pgvector build output ansible.builtin.debug: var: pgvector_build_output.stdout - name: Restart PostgreSQL after proper pgvector installation ansible.builtin.systemd: name: postgresql state: restarted - name: Verify pgvector extension is available ansible.builtin.shell: | sudo -u postgres psql -c "SELECT * FROM pg_available_extensions WHERE name = 'vector';" become: true register: pgvector_check - name: Display pgvector availability check ansible.builtin.debug: var: pgvector_check.stdout - name: Set PostgreSQL data directory permissions ansible.builtin.file: path: "{{ postgresql_data_dir }}" owner: "{{ postgres_user }}" group: "{{ postgres_group }}" mode: '700' recurse: true - name: Configure PostgreSQL to listen on all addresses ansible.builtin.lineinfile: path: /etc/postgresql/17/main/postgresql.conf regexp: "^#?listen_addresses" line: "listen_addresses = '*'" backup: true notify: restart postgresql - name: Configure PostgreSQL client authentication ansible.builtin.lineinfile: path: /etc/postgresql/17/main/pg_hba.conf line: "host all all 0.0.0.0/0 md5" backup: true notify: restart postgresql - name: Set postgres user password ansible.builtin.shell: | sudo -u postgres psql -c "ALTER USER postgres PASSWORD '{{ postgres_password }}'" become: true - name: Create application database users community.postgresql.postgresql_user: name: "{{ item.user }}" password: "{{ item.password }}" state: present login_user: postgres login_password: "{{ postgres_password }}" login_host: localhost loop: - { user: "{{ arke_db_user }}", password: "{{ arke_db_password }}" } - { user: "{{ openwebui_db_user }}", password: "{{ openwebui_db_password }}" } - { user: "{{ spelunker_db_user }}", password: "{{ spelunker_db_password }}" } # Note: Casdoor uses dedicated PostgreSQL on Titania - { user: "{{ gitea_db_user }}", password: "{{ gitea_db_password }}" } - { user: "{{ lobechat_db_user }}", password: "{{ lobechat_db_password }}" } - { user: "{{ nextcloud_db_user }}", password: "{{ nextcloud_db_password }}" } - { user: "{{ anythingllm_db_user }}", password: "{{ anythingllm_db_password }}" } - { user: "{{ hass_db_user }}", password: "{{ hass_db_password }}" } - { user: "{{ nike_db_user }}", password: "{{ nike_db_password }}" } - { user: "{{ periplus_db_user }}", password: "{{ periplus_db_password }}" } no_log: true - name: Create application databases with owners community.postgresql.postgresql_db: name: "{{ item.name }}" owner: "{{ item.owner }}" state: present login_user: postgres login_password: "{{ postgres_password }}" login_host: localhost loop: - { name: "{{ arke_db_name }}", owner: "{{ arke_db_user }}" } - { name: "{{ openwebui_db_name }}", owner: "{{ openwebui_db_user }}" } - { name: "{{ spelunker_db_name }}", owner: "{{ spelunker_db_user }}" } # Note: Casdoor uses dedicated PostgreSQL on Titania - { name: "{{ gitea_db_name }}", owner: "{{ gitea_db_user }}" } - { name: "{{ lobechat_db_name }}", owner: "{{ lobechat_db_user }}" } - { name: "{{ nextcloud_db_name }}", owner: "{{ nextcloud_db_user }}" } - { name: "{{ anythingllm_db_name }}", owner: "{{ anythingllm_db_user }}" } - { name: "{{ hass_db_name }}", owner: "{{ hass_db_user }}" } - { name: "{{ nike_db_name }}", owner: "{{ nike_db_user }}" } - { name: "{{ periplus_db_name }}", owner: "{{ periplus_db_user }}" } - name: Enable postgis and pg_trgm extensions in periplus database community.postgresql.postgresql_ext: name: "{{ item }}" db: "{{ periplus_db_name }}" state: present login_user: postgres login_password: "{{ postgres_password }}" login_host: localhost loop: - postgis - pg_trgm - name: Enable pgvector extension in databases community.postgresql.postgresql_ext: name: vector login_db: "{{ item }}" state: present login_user: postgres login_password: "{{ postgres_password }}" login_host: localhost loop: - "{{ arke_db_name }}" - "{{ lobechat_db_name }}" - "{{ openwebui_db_name }}" - "{{ spelunker_db_name }}" - "{{ anythingllm_db_name }}" handlers: - name: restart postgresql ansible.builtin.systemd: name: postgresql state: restarted