@ -58,6 +58,22 @@
register : pg_hba_change
register : pg_hba_change
with_items : "{{pg_hba_test_ips}}"
with_items : "{{pg_hba_test_ips}}"
- name : Retain options even if they contain spaces
postgresql_pg_hba:
dest : "/tmp/pg_hba.conf"
users : "+some"
order : "sud"
state : "present"
contype : "{{ item.contype }}"
method : "{{ item.method }}"
options : "{{ item.options }}"
address : "{{ item.address }}"
with_items:
- { address : "" , contype : "local" , method : "ldap" , options : "ldapserver=example.com ldapport=389 ldapprefix=\"cn=\"" }
- { address : "red" , contype : "hostssl" , method : "cert" , options : "clientcert=1 map=mymap" }
- { address : "blue" , contype : "hostssl" , method : "cert" , options : "clientcert=1 map=mymap" }
register : pg_hba_options
- name : read pg_hba rules
- name : read pg_hba rules
postgresql_pg_hba:
postgresql_pg_hba:
dest : /tmp/pg_hba.conf
dest : /tmp/pg_hba.conf
@ -128,7 +144,10 @@
that:
that:
- 'pg_hba.pg_hba == [
- 'pg_hba.pg_hba == [
{ "db": "all", "method": "md5", "type": "local", "usr": "postgres" },
{ "db": "all", "method": "md5", "type": "local", "usr": "postgres" },
{ "db": "all", "method": "ldap", "type": "local", "usr": "+some", "options": "ldapserver=example.com ldapport=389 ldapprefix=\"cn=\"" },
{ "db": "all", "method": "md5", "type": "local", "usr": "all" },
{ "db": "all", "method": "md5", "type": "local", "usr": "all" },
{ "db": "all", "method": "cert", "src": "blue", "type": "hostssl", "usr": "+some", "options": "clientcert=1 map=mymap" },
{ "db": "all", "method": "cert", "src": "red", "type": "hostssl", "usr": "+some", "options": "clientcert=1 map=mymap" },
{ "db": "all", "method": "md5", "src": "127.0.0.1/32", "type": "host", "usr": "all" },
{ "db": "all", "method": "md5", "src": "127.0.0.1/32", "type": "host", "usr": "all" },
{ "db": "all", "method": "md5", "src": "::1/128", "type": "host", "usr": "all" },
{ "db": "all", "method": "md5", "src": "::1/128", "type": "host", "usr": "all" },
{ "db": "all", "method": "scram-sha-256", "src": "0:ff00::/120", "type": "host", "usr": "all" },
{ "db": "all", "method": "scram-sha-256", "src": "0:ff00::/120", "type": "host", "usr": "all" },
@ -146,3 +165,4 @@
- 'prebackupstat.stat.checksum == postbackupstat.stat.checksum'
- 'prebackupstat.stat.checksum == postbackupstat.stat.checksum'
- 'pg_hba_fail_src_all_with_netmask is failed'
- 'pg_hba_fail_src_all_with_netmask is failed'
- 'not netmask_sameas_prefix_check is changed'
- 'not netmask_sameas_prefix_check is changed'
- 'pg_hba_options is changed'