Feat: Add configration for postgres user/group

professormahi · professormahi · commit d20c2d9c66b3 · 2023-12-06T21:39:10.000+03:30
Signed-off-by: Mahdi Fooladgar (professormahi) &lt;professormahi_f@yahoo.com&gt;
diff --git a/roles/postgres_hardening/defaults/main.yml b/roles/postgres_hardening/defaults/main.yml
@@ -5,3 +5,7 @@ postgres_hardening_enabled: true
 postgres_daemon_enabled: true
 
 postgres_hardening_restart_postgres: true
+
+# Postgres user/group
+postgres_user: postgres
+postgres_group: postgres
diff --git a/roles/postgres_hardening/tasks/hardening.yml b/roles/postgres_hardening/tasks/hardening.yml
@@ -76,22 +76,22 @@
   ansible.builtin.file:
     path: /etc/postgresql/14/main
     state: directory
-    owner: postgres
-    group: postgres
+    owner: "{{ postgres_user }}"
+    group: "{{ postgres_group }}"
     mode: u=rwx,g=,o=
 
 - name: Manage permissions on /etc/postgresql/14/main/postgresql.conf
   ansible.builtin.file:
     path: /etc/postgresql/14/main/postgresql.conf
     state: file
-    owner: postgres
-    group: postgres
+    owner: "{{ postgres_user }}"
+    group: "{{ postgres_group }}"
     mode: u=rw,g=r,o=
 
 - name: Manage permissions on /etc/postgresql/14/main/pg_hba.conf
   ansible.builtin.file:
     path: /etc/postgresql/14/main/pg_hba.conf
     state: file
-    owner: postgres
-    group: postgres
+    owner: "{{ postgres_user }}"
+    group: "{{ postgres_group }}"
     mode: u=rw,g=,o=
diff --git a/roles/postgres_hardening/vars/main.yml b/roles/postgres_hardening/vars/main.yml
