feat(postgresql): add postgresql role

.gitmodules

@@ -4,3 +4,6 @@
 [submodule "roles/pip"]
 	path = roles/pip
 	url = ssh://git@github.com:22/geerlingguy/ansible-role-pip.git
+[submodule "roles/postgresql"]
+	path = roles/postgresql
+	url = ssh://git@github.com:22/geerlingguy/ansible-role-postgresql.git

playbooks/postgres.yml

@@ -0,0 +1,63 @@
+---
+- hosts: [ postgres_servers ]
+  become: yes
+  pre_tasks:
+    - name: set basic postgres variables
+      set_fact:
+        postgresql_databases: []
+        postgresql_users: []
+        postgresql_global_config_options:
+          - option: "listen_addresses"
+            value: "localhost,172.17.0.1"
+        postgresql_hba_entries:
+          - { type: local, database: all, user: all, auth_method: trust }
+
+    - name: add matrix postgres variables
+      set_fact:
+        postgresql_databases: "{{ postgresql_databases + matrix_postgresql_databases }}"
+        postgresql_users: "{{ postgresql_users + matrix_postgresql_users }}"
+        postgresql_hba_entries: "{{ postgresql_hba_entries + matrix_postgresql_hba_entries }}"
+      when: '"matrix_server" in group_names'
+
+    - name: add directory postgres variables
+      set_fact:
+        postgresql_databases: "{{ postgresql_databases + directory_postgresql_databases }}"
+        postgresql_users: "{{ postgresql_users + directory_postgresql_users }}"
+        postgresql_hba_entries: "{{ postgresql_hba_entries + directory_postgresql_hba_entries }}"
+      when: "'directory_server' in group_names"
+
+    - name: add sygnal postgres variables
+      set_fact:
+        postgresql_databases: "{{ postgresql_databases + sygnal_postgresql_databases }}"
+        postgresql_users: "{{ postgresql_users + sygnal_postgresql_users }}"
+        postgresql_hba_entries: "{{ postgresql_hba_entries + sygnal_postgresql_hba_entries }}"
+      when: "'sygnal_server' in group_names"
+
+  roles:
+    - role: postgresql
+    - role: postgis
+
+  vars:
+    matrix_postgresql_databases:
+      - name: synapse
+    matrix_postgresql_users:
+      - name: "synapse"
+        password: "{{ vault_matrix_synapse_pg_pass }}"
+    matrix_postgresql_hba_entries:
+      - { type: host, database: "synapse", user: "synapse", address: "172.17.0.1/16", auth_method: md5 }
+
+    directory_postgresql_databases:
+      - name: directory
+    directory_postgresql_users:
+      - name: "directory"
+        password: "{{ vault_famedly_directory_pg_pass }}"
+    directory_postgresql_hba_entries:
+      - { type: host, database: "directory", user: "directory", address: "172.17.0.1/16", auth_method: md5 }
+
+    sygnal_postgresql_databases:
+      - name: sygnal
+    sygnal_postgresql_users:
+      - name: "sygnal"
+        password: "{{ vault_sygnal_postgresql_password }}"
+    sygnal_postgresql_hba_entries:
+      - { type: host, database: "sygnal", user: "sygnal", address: "172.17.0.1/16", auth_method: md5 }

roles/postgresql

@@ -0,0 +1 @@
+Subproject commit 180fac804842610e6bdac05730ed4506dc596629