r/ouranos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
042df52bca551469960a57b5842a80d3a287da8b
ouranos/ansible/postgresql/deploy.yml
Robert Helewka 042df52bca Refactor user management in Ansible playbooks to standardize on keeper_user 
- Updated user addition tasks across multiple playbooks (mcp_switchboard, mcpo, neo4j, neo4j_mcp, openwebui, postgresql, rabbitmq, searxng, smtp4dev) to replace references to ansible_user and remote_user with keeper_user.
- Modified PostgreSQL deployment to create directories and manage files under keeper_user's home.
- Enhanced documentation to clarify account taxonomy and usage of keeper_user in playbooks.
- Introduced new deployment for Agent S, including environment setup, desktop environment installation, XRDP configuration, and accessibility support.
- Added staging playbook for preparing release tarballs from local repositories.
- Created templates for XRDP configuration and environment activation scripts.
- Removed obsolete sunwait documentation.
2026-03-05 10:37:41 +00:00

245 lines
7.6 KiB
YAML
Raw Blame History

---
- name: Deploy PostgreSQL
hosts: ubuntu
become: true
tasks:
- name: Check if host has postgresql service
ansible.builtin.set_fact:
has_postgresql_service: "{{ 'postgresql' in services | default([]) }}"
- name: Skip hosts without postgresql service
ansible.builtin.meta: end_host
when: not has_postgresql_service
- name: Install build dependencies
become: true
ansible.builtin.apt:
name: [curl, git, build-essential, vim, python3-psycopg2]
state: present
update_cache: true
- name: Install PostgreSQL Common
become: true
ansible.builtin.apt:
name: postgresql-common
state: present
- name: Install the public key for the PostgreSQL repository
become: true
ansible.builtin.shell: /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y
register: pg_repo_output
- name: Install PostgreSQL packages
become: true
ansible.builtin.apt:
name:
- postgresql-client-17
- postgresql-doc-17
- postgresql-17
- libpq-dev
- postgresql-server-dev-17
state: present
update_cache: true
- name: Show PostgreSQL repository output
ansible.builtin.debug:
var: pg_repo_output
- name: Create gh directory
become: true
ansible.builtin.file:
path: "{{ keeper_home }}/gh"
state: directory
owner: "{{ keeper_user }}"
group: "{{ keeper_group }}"
mode: '755'
- name: Clone pgvector repository
become: true
become_user: "{{ keeper_user }}"
ansible.builtin.git:
repo: https://github.com/pgvector/pgvector.git
dest: "{{ keeper_home }}/gh/pgvector"
version: v0.8.0
force: true
- name: Build pgvector
become: true
become_user: "{{ keeper_user }}"
ansible.builtin.make:
chdir: "{{ keeper_home }}/gh/pgvector"
- name: Install pgvector
become: true
ansible.builtin.make:
chdir: "{{ keeper_home }}/gh/pgvector"
target: install
- name: Ensure PostgreSQL is running
ansible.builtin.systemd:
name: postgresql
state: started
enabled: true
- name: Restart PostgreSQL after pgvector installation
ansible.builtin.systemd:
name: postgresql
state: restarted
- name: Check actual PostgreSQL version
ansible.builtin.shell: |
sudo -u postgres psql -c "SELECT version();"
become: true
register: pg_version_check
- name: Display PostgreSQL version
ansible.builtin.debug:
var: pg_version_check.stdout
- name: Check PostgreSQL config directory
ansible.builtin.shell: |
sudo -u postgres psql -c "SHOW config_file;"
become: true
register: pg_config_check
- name: Display PostgreSQL config location
ansible.builtin.debug:
var: pg_config_check.stdout
- name: Check available pg_config versions
ansible.builtin.shell: |
ls -la /usr/bin/pg_config*
which pg_config
pg_config --version
become: true
register: pg_config_versions
- name: Display pg_config information
ansible.builtin.debug:
var: pg_config_versions.stdout
- name: Build pgvector with correct pg_config
become: true
ansible.builtin.shell: |
cd {{ keeper_home }}/gh/pgvector
make clean
# Use the specific pg_config for the installed version
PG_CONFIG_PATH=$(ls /usr/bin/pg_config-* | head -1)
if [ -z "$PG_CONFIG_PATH" ]; then
PG_CONFIG_PATH=$(which pg_config)
fi
echo "Using pg_config: $PG_CONFIG_PATH"
$PG_CONFIG_PATH --version
make PG_CONFIG=$PG_CONFIG_PATH
make install PG_CONFIG=$PG_CONFIG_PATH
register: pgvector_build_output
- name: Display pgvector build output
ansible.builtin.debug:
var: pgvector_build_output.stdout
- name: Restart PostgreSQL after proper pgvector installation
ansible.builtin.systemd:
name: postgresql
state: restarted
- name: Verify pgvector extension is available
ansible.builtin.shell: |
sudo -u postgres psql -c "SELECT * FROM pg_available_extensions WHERE name = 'vector';"
become: true
register: pgvector_check
- name: Display pgvector availability check
ansible.builtin.debug:
var: pgvector_check.stdout
- name: Set PostgreSQL data directory permissions
ansible.builtin.file:
path: "{{ postgresql_data_dir }}"
owner: "{{ postgres_user }}"
group: "{{ postgres_group }}"
mode: '700'
recurse: true
- name: Configure PostgreSQL to listen on all addresses
ansible.builtin.lineinfile:
path: /etc/postgresql/17/main/postgresql.conf
regexp: "^#?listen_addresses"
line: "listen_addresses = '*'"
backup: true
notify: restart postgresql
- name: Configure PostgreSQL client authentication
ansible.builtin.lineinfile:
path: /etc/postgresql/17/main/pg_hba.conf
line: "host all all 0.0.0.0/0 md5"
backup: true
notify: restart postgresql
- name: Set postgres user password
ansible.builtin.shell: |
sudo -u postgres psql -c "ALTER USER postgres PASSWORD '{{ postgres_password }}'"
become: true
- name: Create application database users
community.postgresql.postgresql_user:
name: "{{ item.user }}"
password: "{{ item.password }}"
state: present
login_user: postgres
login_password: "{{ postgres_password }}"
login_host: localhost
loop:
- { user: "{{ arke_db_user }}", password: "{{ arke_db_password }}" }
- { user: "{{ openwebui_db_user }}", password: "{{ openwebui_db_password }}" }
- { user: "{{ spelunker_db_user }}", password: "{{ spelunker_db_password }}" }
# Note: Casdoor uses dedicated PostgreSQL on Titania
- { user: "{{ gitea_db_user }}", password: "{{ gitea_db_password }}" }
- { user: "{{ lobechat_db_user }}", password: "{{ lobechat_db_password }}" }
- { user: "{{ nextcloud_db_user }}", password: "{{ nextcloud_db_password }}" }
- { user: "{{ anythingllm_db_user }}", password: "{{ anythingllm_db_password }}" }
- { user: "{{ hass_db_user }}", password: "{{ hass_db_password }}" }
- { user: "{{ nike_db_user }}", password: "{{ nike_db_password }}" }
no_log: true
- name: Create application databases with owners
community.postgresql.postgresql_db:
name: "{{ item.name }}"
owner: "{{ item.owner }}"
state: present
login_user: postgres
login_password: "{{ postgres_password }}"
login_host: localhost
loop:
- { name: "{{ arke_db_name }}", owner: "{{ arke_db_user }}" }
- { name: "{{ openwebui_db_name }}", owner: "{{ openwebui_db_user }}" }
- { name: "{{ spelunker_db_name }}", owner: "{{ spelunker_db_user }}" }
# Note: Casdoor uses dedicated PostgreSQL on Titania
- { name: "{{ gitea_db_name }}", owner: "{{ gitea_db_user }}" }
- { name: "{{ lobechat_db_name }}", owner: "{{ lobechat_db_user }}" }
- { name: "{{ nextcloud_db_name }}", owner: "{{ nextcloud_db_user }}" }
- { name: "{{ anythingllm_db_name }}", owner: "{{ anythingllm_db_user }}" }
- { name: "{{ hass_db_name }}", owner: "{{ hass_db_user }}" }
- { name: "{{ nike_db_name }}", owner: "{{ nike_db_user }}" }
- name: Enable pgvector extension in databases
community.postgresql.postgresql_ext:
name: vector
login_db: "{{ item }}"
state: present
login_user: postgres
login_password: "{{ postgres_password }}"
login_host: localhost
loop:
- "{{ arke_db_name }}"
- "{{ lobechat_db_name }}"
- "{{ openwebui_db_name }}"
- "{{ spelunker_db_name }}"
- "{{ anythingllm_db_name }}"
handlers:
- name: restart postgresql
ansible.builtin.systemd:
name: postgresql
state: restarted
Reference in New Issue View Git Blame Copy Permalink