36 lines
1.4 KiB
YAML
36 lines
1.4 KiB
YAML
---
|
|
- name: Include database variables
|
|
ansible.builtin.include_vars:
|
|
file: database.yaml
|
|
|
|
- name: Database container for {{ service_name }}
|
|
ansible.builtin.import_role:
|
|
name: container
|
|
vars:
|
|
container_name: "{{ service_name }}-{{ service_database_type }}" # This doesn't use _service_database_name to allow container role handlers to work
|
|
container_image: "docker.io/library/postgres:{{ service_postgres_tag }}"
|
|
container_mounts:
|
|
- type: volume
|
|
source: "{{ _service_database_name }}"
|
|
destination: /var/lib/postgresql/data
|
|
container_networks:
|
|
- "{{ service_name }}"
|
|
container_secrets:
|
|
- name: "{{ _service_database_name }}"
|
|
container_env:
|
|
POSTGRES_USER: "{{ service_name | replace('-', '_') }}"
|
|
POSTGRES_PASSWORD_FILE: "/run/secrets/{{ _service_database_name }}"
|
|
POSTGRES_INITDB_ARGS: "--encoding=UTF-8 --lc-collate=C --lc-ctype=C"
|
|
container_auto_update: "{{ service_auto_update }}"
|
|
|
|
- name: Get database secret info
|
|
containers.podman.podman_secret_info:
|
|
name: "{{ _service_database_name }}"
|
|
showsecret: true
|
|
register: _service_database_secret
|
|
|
|
- name: Set database-related variables
|
|
ansible.builtin.set_fact:
|
|
_service_database_password: "{{ _service_database_secret.secrets[0].SecretData }}"
|
|
_service_container_requires: "{{ _service_container_requires + [_service_database_name + '.service'] }}"
|