Improve group vars vault usage for postgres

Signed-off-by: Florian Pritz <bluewind@xinu.at>

Improve group vars vault usage for postgres
Signed-off-by: Florian Pritz <bluewind@xinu.at>
9e1623af · Florian Pritz · 95494a89 · 9e1623af · 9e1623af · 9e1623af
Commit 9e1623af authored Jun 07, 2018 by Florian Pritz
--- a/group_vars/all/vault_postgres.yml
+++ b/group_vars/all/vault_postgres.yml
 $ANSIBLE_VAULT;1.1;AES256
-31663532356262356534386231636233643236356664396232643832643835663861366530653463
-3030313737336263303837373061656631316436346638380a346163313831313835623063643734
-61313134663965653930633134616263653233323739323438323466616666613737386262636664
-6164326438353137390a643837386264333733303235666436363663353635376363626363323831
-31383334666634646564646330646338393933346663656130616433316531633738376463393062
-39316262646235373263663361343864356633346232623338356163326232373864383234383732
-34383533346237616632363833333238336163303161306630613535333333653563653261313932
-36626436633333646530336533636630346639386238323932363039323164653237343062393965
-30353137346361653135626563653862616439626262326538323364363638393664666565626363
-36323537306465323761646633373738626535663632646365613033353531323132663963336131
-63356563353363653039343633653536336535313633346331313261356438333236316465313832
-61376636343933383232333062633331376335343561316463646236643962636463346462303139
-65633636373865333635326262633934653366323532626430323637663535313734356164386461
-3935373133363230313439656630623364306638643566343163
+64633437393662663932393531633364656234383561313231383866366232356337616531623766
+3230333133303336343135323335316635633935303631380a653134313430393430653161613566
+66656366336330343639393362616661303363636437643938343938323231363532613631323038
+3266373761636663370a366336353963313532643035633935626663373166313432346164653332
+61633235643734646539323066366561663638626131653933363164666632666131386132383737
+37323331343330633639623035313463356134323464333164626562383935616366366332323065
+39383766373064616461303930663262353161653030306363363263303430333732323936353236
+62626634336331333530386130323533366639353065353462346435373634666665326137636461
+33343339646138656337336132323263613233363130316261636632643332383766643235613366
+62323339383439353866326237616330626438343236333639313538636339663732353866656336
+62636430616464393831356663316130393233316535663062343532366237633666613335343739
+65633562373565626333366539376266333764326265643038306235366636663461666535656437
+38333536653433306530626634336234306264613061336639326666326366343530363634656434
+65313364636133346136626538363033343833653464666161303036663664623339313036373331
+363932363664663935313430323561353365
--- a/roles/archweb/tasks/main.yml
+++ b/roles/archweb/tasks/main.yml
@@ -59,7 +59,7 @@
  no_log: true

 - name: create archweb db users
-  postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ archweb_db_host }}" login_password="{{ postgres_users.postgres }}" encrypted=yes
+  postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ archweb_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
  no_log: true
  when: archweb_site or archweb_services
  with_items:
@@ -69,7 +69,7 @@
    - { user: "{{ archweb_db_backup_user }}", password: "{{ vault_archweb_db_backup_password }}" }

 - name: create archweb db
-  postgresql_db: name="{{ archweb_db }}" login_host="{{ archweb_db_host }}" login_password="{{ postgres_users.postgres }}" owner="{{ archweb_db_site_user }}"
+  postgresql_db: name="{{ archweb_db }}" login_host="{{ archweb_db_host }}" login_password="{{ vault_postgres_users.postgres }}" owner="{{ archweb_db_site_user }}"
  when: archweb_site or archweb_services
  register: db_created


--- a/roles/matrix/tasks/main.yml
+++ b/roles/matrix/tasks/main.yml
@@ -74,7 +74,7 @@
  become_method: su

 - name: add synapse postgres user
-  postgresql_user: db=synapse name=synapse password={{ postgres_users.synapse }} encrypted=true
+  postgresql_user: db=synapse name=synapse password={{ vault_postgres_users.synapse }} encrypted=true
  become: yes
  become_user: postgres
  become_method: su

--- a/roles/matrix/templates/homeserver.yaml.j2
+++ b/roles/matrix/templates/homeserver.yaml.j2
@@ -136,7 +136,7 @@ database:
  args:
    dbname: synapse
    user: synapse
-    password: {{ postgres_users.synapse }}
+    password: {{ vault_postgres_users.synapse }}
    cp_min: 5
    cp_max: 10


--- a/roles/patchwork/tasks/main.yml
+++ b/roles/patchwork/tasks/main.yml
@@ -43,14 +43,14 @@
  no_log: true

 - name: create patchwork db users
-  postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ patchwork_db_host }}" login_password="{{ postgres_users.postgres }}" encrypted=yes
+  postgresql_user: name={{ item.user }} password={{ item.password }} login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" encrypted=yes
  no_log: true
  with_items:
    - { user: "{{ patchwork_db_user }}", password: "{{ patchwork_db_password }}" }
    - { user: "{{ patchwork_db_backup_user }}", password: "{{ patchwork_db_backup_password }}" }

 - name: create patchwork db
-  postgresql_db: name="{{ patchwork_db }}" login_host="{{ patchwork_db_host }}" login_password="{{ postgres_users.postgres }}" owner="{{ patchwork_db_user }}"
+  postgresql_db: name="{{ patchwork_db }}" login_host="{{ patchwork_db_host }}" login_password="{{ vault_postgres_users.postgres }}" owner="{{ patchwork_db_user }}"
  register: db_created

 - name: django migrate

--- a/roles/postgres/tasks/main.yml
+++ b/roles/postgres/tasks/main.yml
@@ -29,7 +29,7 @@
  command: systemctl set-property postgresql CPUAccounting=yes MemoryAccounting=yes

 - name: set postgres user password
-  postgresql_user: name=postgres password={{ postgres_users.postgres }} encrypted=yes
+  postgresql_user: name=postgres password={{ vault_postgres_users.postgres }} encrypted=yes
  become: yes
  become_user: postgres
  become_method: su

--- a/roles/quassel/tasks/main.yml
+++ b/roles/quassel/tasks/main.yml
@@ -10,7 +10,7 @@
  become_method: su

 - name: add quassel postgres user
-  postgresql_user: db=quassel name=quassel password={{ postgres_users.quassel }} encrypted=true
+  postgresql_user: db=quassel name=quassel password={{ vault_postgres_users.quassel }} encrypted=true
  become: yes
  become_user: postgres
  become_method: su
@@ -24,7 +24,7 @@
    responses:
      Username: ''
      Password:
-        - '{{ postgres_users.quassel }}'
+        - '{{ vault_postgres_users.quassel }}'
        - ''
        - ''
        - ''