ansible-msvsphere.ci/roles/gitea_db_server/tasks/main.yml

---
- name: Check if required variables are defined
  ansible.builtin.fail:
    msg: "{{ item }} is not defined or empty"
  when: |
    (vars[item] is undefined)
    or (vars[item] is none)
    or (vars[item] | trim | length == 0)    
  with_items:
    - gitea_db_name
    - gitea_db_user
    - gitea_db_password
    - gitea_server_ip
    - gitea_db_server_password_encryption

- name: Install dependencies
  dnf:
    name:
      - glibc-langpack-en
      - python3-psycopg2
    state: present

- name: Create Gitea database
  community.postgresql.postgresql_db:
    name: "{{ gitea_db_name }}"
    template: template0
    encoding: UTF8
    lc_collate: en_US.UTF-8
    lc_ctype: en_US.UTF-8
  become: true
  become_user: postgres

- name: Create Gitea database user
  community.postgresql.postgresql_user:
    db: "{{ gitea_db_name }}"
    name: "{{ gitea_db_user }}"
    password: "{{ gitea_db_password }}"
  environment:
    PGOPTIONS: "-c password_encryption=scram-sha-256"
  become: true
  become_user: postgres

- name: Get PostgreSQL server version
  community.postgresql.postgresql_info:
    filter: ver*
  become: true
  become_user: postgres
  register: postgres_version

- name: GRANT USAGE, CREATE PRIVILEGES ON SCHEMA public TO gitea_db_user
  community.postgresql.postgresql_privs:
    db: "{{ gitea_db_name }}"
    privs: USAGE,CREATE
    type: schema
    objs: public
    role: "{{ gitea_db_user }}"
  become: true
  become_user: postgres
  when: postgres_version.version.major >= 15

- name: Allow requests from Gitea server
  community.postgresql.postgresql_pg_hba:
    dest: /var/lib/pgsql/data/pg_hba.conf
    contype: host
    databases: "{{ gitea_db_name }}"
    users: "{{ gitea_db_user }}"
    address: "{{ gitea_server_ip }}/32"
    method: "{{ gitea_db_server_password_encryption }}"
  register: pg_hba_status

- name: Restart PostgreSQL
  ansible.builtin.service:
    name: postgresql
    state: restarted
  when: pg_hba_status.changed
Adds Gitea installation and Koji builders support 11 months ago			`---`
			`- name: Check if required variables are defined`
			`ansible.builtin.fail:`
			`msg: "{{ item }} is not defined or empty"`
			`when: \|`
			`(vars[item] is undefined)`
			`or (vars[item] is none)`
			`or (vars[item] \| trim \| length == 0)`
			`with_items:`
			`- gitea_db_name`
			`- gitea_db_user`
			`- gitea_db_password`
			`- gitea_server_ip`
			`- gitea_db_server_password_encryption`

			`- name: Install dependencies`
			`dnf:`
			`name:`
			`- glibc-langpack-en`
			`- python3-psycopg2`
			`state: present`

			`- name: Create Gitea database`
			`community.postgresql.postgresql_db:`
			`name: "{{ gitea_db_name }}"`
			`template: template0`
			`encoding: UTF8`
			`lc_collate: en_US.UTF-8`
			`lc_ctype: en_US.UTF-8`
			`become: true`
			`become_user: postgres`

			`- name: Create Gitea database user`
			`community.postgresql.postgresql_user:`
			`db: "{{ gitea_db_name }}"`
			`name: "{{ gitea_db_user }}"`
			`password: "{{ gitea_db_password }}"`
			`environment:`
			`PGOPTIONS: "-c password_encryption=scram-sha-256"`
			`become: true`
			`become_user: postgres`

			`- name: Get PostgreSQL server version`
			`community.postgresql.postgresql_info:`
			`filter: ver*`
			`become: true`
			`become_user: postgres`
			`register: postgres_version`

			`- name: GRANT USAGE, CREATE PRIVILEGES ON SCHEMA public TO gitea_db_user`
			`community.postgresql.postgresql_privs:`
			`db: "{{ gitea_db_name }}"`
			`privs: USAGE,CREATE`
			`type: schema`
			`objs: public`
			`role: "{{ gitea_db_user }}"`
			`become: true`
			`become_user: postgres`
			`when: postgres_version.version.major >= 15`

			`- name: Allow requests from Gitea server`
			`community.postgresql.postgresql_pg_hba:`
			`dest: /var/lib/pgsql/data/pg_hba.conf`
			`contype: host`
			`databases: "{{ gitea_db_name }}"`
			`users: "{{ gitea_db_user }}"`
			`address: "{{ gitea_server_ip }}/32"`
			`method: "{{ gitea_db_server_password_encryption }}"`
			`register: pg_hba_status`

			`- name: Restart PostgreSQL`
			`ansible.builtin.service:`
			`name: postgresql`
			`state: restarted`
			`when: pg_hba_status.changed`