community.postgresql.postgresql_db – Add or remove PostgreSQL databases from a remote host

Note

This plugin is part of the community.postgresql collection (version 1.2.0).

To install it use: ansible-galaxy collection install community.postgresql.

To use it in a playbook, specify: community.postgresql.postgresql_db.

Synopsis

  • Add or remove PostgreSQL databases from a remote host.

Requirements

The below requirements are needed on the host that executes this module.

  • psycopg2

Parameters

Parameter Choices/Defaults Comments
ca_cert
string
Specifies the name of a file containing SSL certificate authority (CA) certificate(s).
If the file exists, the server's certificate will be verified to be signed by one of these authorities.

aliases: ssl_rootcert
conn_limit
string
Specifies the database connection limit.
dump_extra_args
string
added in 0.2.0 of community.postgresql
Provides additional arguments when state is dump.
Cannot be used with dump-file-format-related arguments like ``--format=d``.
encoding
string
Encoding of the database.
lc_collate
string
Collation order (LC_COLLATE) to use in the database must match collation order of template database unless template0 is used as template.
lc_ctype
string
Character classification (LC_CTYPE) to use in the database (e.g. lower, upper, ...).
Must match LC_CTYPE of template database unless template0 is used as template.
login_host
string
Host running the database.
login_password
string
The password used to authenticate with.
login_unix_socket
string
Path to a Unix domain socket for local connections.
login_user
string
Default:
"postgres"
The username used to authenticate with.
maintenance_db
string
Default:
"postgres"
The value specifies the initial database (which is also called as maintenance DB) that Ansible connects to.
name
string / required
Name of the database to add or remove.

aliases: db
owner
string
Name of the role to set as owner of the database.
port
integer
Default:
5432
Database port to connect (if needed).

aliases: login_port
session_role
string
Switch to session_role after connecting.
The specified session_role must be a role that the current login_user is a member of.
Permissions checking for SQL commands is carried out as though the session_role were the one that had logged in originally.
ssl_mode
string
    Choices:
  • allow
  • disable
  • prefer ←
  • require
  • verify-ca
  • verify-full
Determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the server.
Default of prefer matches libpq default.
state
string
    Choices:
  • absent
  • dump
  • present ←
  • restore
The database state.
present implies that the database should be created if necessary.
absent implies that the database should be removed if present.
dump requires a target definition to which the database will be backed up. (Added in Ansible 2.4) Note that in some PostgreSQL versions of pg_dump, which is an embedded PostgreSQL utility and is used by the module, returns rc 0 even when errors occurred (e.g. the connection is forbidden by pg_hba.conf, etc.), so the module returns changed=True but the dump has not actually been done. Please, be sure that your version of pg_dump returns rc 1 in this case.
restore also requires a target definition from which the database will be restored. (Added in Ansible 2.4).
The format of the backup will be detected based on the target name.
Supported compression formats for dump and restore include .pgc, .bz2, .gz and .xz.
Supported formats for dump and restore include .sql and .tar.
Restore program is selected by target file format: .tar and .pgc are handled by pg_restore, other with pgsql.
tablespace
path
If you want to move the database back to the default tablespace, explicitly set this to pg_default.
target
path
File to back up or restore from.
Used when state is dump or restore.
target_opts
string
Additional arguments for pg_dump or restore program (pg_restore or psql, depending on target's format).
Used when state is dump or restore.
template
string
Template used to create the database.
trust_input
boolean
added in 0.2.0 of community.postgresql
    Choices:
  • no
  • yes ←
If no, check whether values of parameters owner, conn_limit, encoding, db, template, tablespace, session_role are potentially dangerous.
It makes sense to use no only when SQL injections via the parameters are possible.

Notes

Note

  • State dump and restore don’t require psycopg2 since version 2.8.

  • Supports check_mode.

  • The default authentication assumes that you are either logging in as or sudo’ing to the postgres account on the host.

  • To avoid “Peer authentication failed for user postgres” error, use postgres user as a become_user.

  • This module uses psycopg2, a Python PostgreSQL database adapter. You must ensure that psycopg2 is installed on the host before using this module.

  • If the remote host is the PostgreSQL server (which is the default case), then PostgreSQL must also be installed on the remote host.

  • For Ubuntu-based systems, install the postgresql, libpq-dev, and python-psycopg2 packages on the remote host before using this module.

  • The ca_cert parameter requires at least Postgres version 8.4 and psycopg2 version 2.4.3.

See Also

See also

CREATE DATABASE reference

Complete reference of the CREATE DATABASE command documentation.

DROP DATABASE reference

Complete reference of the DROP DATABASE command documentation.

pg_dump reference

Complete reference of pg_dump documentation.

pg_restore reference

Complete reference of pg_restore documentation.

community.postgresql.postgresql_tablespace

The official documentation on the community.postgresql.postgresql_tablespace module.

community.postgresql.postgresql_info

The official documentation on the community.postgresql.postgresql_info module.

community.postgresql.postgresql_ping

The official documentation on the community.postgresql.postgresql_ping module.

Examples

- name: Create a new database with name "acme"
  community.postgresql.postgresql_db:
    name: acme

# Note: If a template different from "template0" is specified,
# encoding and locale settings must match those of the template.
- name: Create a new database with name "acme" and specific encoding and locale # settings
  community.postgresql.postgresql_db:
    name: acme
    encoding: UTF-8
    lc_collate: de_DE.UTF-8
    lc_ctype: de_DE.UTF-8
    template: template0

# Note: Default limit for the number of concurrent connections to
# a specific database is "-1", which means "unlimited"
- name: Create a new database with name "acme" which has a limit of 100 concurrent connections
  community.postgresql.postgresql_db:
    name: acme
    conn_limit: "100"

- name: Dump an existing database to a file
  community.postgresql.postgresql_db:
    name: acme
    state: dump
    target: /tmp/acme.sql

- name: Dump an existing database to a file excluding the test table
  community.postgresql.postgresql_db:
    name: acme
    state: dump
    target: /tmp/acme.sql
    dump_extra_args: --exclude-table=test

- name: Dump an existing database to a file (with compression)
  community.postgresql.postgresql_db:
    name: acme
    state: dump
    target: /tmp/acme.sql.gz

- name: Dump a single schema for an existing database
  community.postgresql.postgresql_db:
    name: acme
    state: dump
    target: /tmp/acme.sql
    target_opts: "-n public"

- name: Dump only table1 and table2 from the acme database
  community.postgresql.postgresql_db:
    name: acme
    state: dump
    target: /tmp/table1_table2.sql
    target_opts: "-t table1 -t table2"

# Note: In the example below, if database foo exists and has another tablespace
# the tablespace will be changed to foo. Access to the database will be locked
# until the copying of database files is finished.
- name: Create a new database called foo in tablespace bar
  community.postgresql.postgresql_db:
    name: foo
    tablespace: bar

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
executed_commands
list / elements=string
added in 0.2.0 of community.postgresql
always
List of commands which tried to run.

Sample:
['CREATE DATABASE acme']


Authors

  • Ansible Core Team