Initial commit

roles/postgres_users/tasks/main.yml

@@ -0,0 +1,26 @@
+---
+- name: Set username and password
+  ansible.builtin.set_fact:
+    database: "{{ postgres_users_database }}"
+    username: "{{ postgres_users_username }}"
+    password: "{{ postgres_users_password }}"
+- name: Create DB, role, and privs
+  become: true
+  become_user: postgres
+  block:
+    - name: Create database
+      community.postgresql.postgresql_db:
+        name: "{{ database }}"
+    - name: Create user
+      community.postgresql.postgresql_user:
+        db: "{{ database }}"
+        name: "{{ username }}"
+        password: "{{ password }}"
+      environment:
+        PGOPTIONS: "-c password_encryption=scram-sha-256"
+    - name: Configure privileges
+      community.postgresql.postgresql_privs:
+        db: "{{ database }}"
+        role: "{{ username }}"
+        privs: ALL
+        objs: ALL_IN_SCHEMA