--- - name: Create application DB user postgresql_user: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" port: "{{ atl_db_port }}" name: "{{ atl_jdbc_user }}" password: "{{ atl_jdbc_password }}" expires: 'infinity' - name: Assert ownership of public schema postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" db: "{{ atl_db_root_db_name }}" query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};" - name: Grant privs to root user on public schema postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" db: "{{ atl_db_root_db_name }}" query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};" - name: Grant privs to application user on public schema postgresql_query: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" db: "{{ atl_db_root_db_name }}" query: "GRANT ALL ON SCHEMA public TO {{ atl_jdbc_user }};" - block: - name: Update root privs for new user postgresql_privs: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" database: postgres roles: "{{ atl_db_root_user }}" objs: "{{ atl_jdbc_user }}" type: group - name: Create new application database postgresql_db: login_host: "{{ atl_db_host }}" login_user: "{{ atl_db_root_user }}" login_password: "{{ atl_db_root_password }}" port: "{{ atl_db_port }}" name: "{{ atl_jdbc_db_name }}" owner: "{{ atl_jdbc_user }}" encoding: "{{ atl_jdbc_encoding }}" lc_collate: "{{ atl_jdbc_collation }}" lc_ctype: "{{ atl_jdbc_ctype }}" template: "{{ atl_jdbc_template }}" register: db_created tags: - new_only