feat: Use PostgreSQL

Signed-off-by: Julien Riou <julien@riou.xyz>
2025-08-26 13:02:15 +02:00 · 2025-08-26 13:02:15 +02:00 · c6dd4c04f3
commit c6dd4c04f3
parent 71e97a1819
5 changed files with 49 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -19,6 +19,10 @@ See [Variable
 precedence](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#ansible-variable-precedence)
 to find where you should put your own variables.
 Then define at least `coller_db_password` with a strong and secure password,
 encrypted using
 [ansible-vault](https://docs.ansible.com/ansible/latest/cli/ansible-vault.html).
 See list of [default variables](defaults/main.yml).
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -3,3 +3,6 @@ coller_config_dir: /etc/coller
 coller_port: 8080
 coller_manage_iptables: false
 coller_allowed_sources: []
 coller_db_name: coller
 coller_db_user: coller
 #coller_db_password:
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,4 +1,9 @@
 ---
 - name: check password
  ansible.builtin.assert:
    that:
      - coller_db_password | mandatory
 - name: download source code
  ansible.builtin.git:
    repo: https://git.riou.xyz/jriou/coller.git
@ -14,22 +19,29 @@
  loop:
    - "{{ coller_config_dir }}"
- name: create docker-compose file
+- name: create docker-compose files
  ansible.builtin.template:
-    src: docker-compose.yml.j2
+    src: "{{ item.src }}.j2"
-    dest: "{{ coller_config_dir }}/docker-compose.yml"
+    dest: "{{ coller_config_dir }}/{{ item.src }}"
    owner: root
    group: root
-    mode: "0644"
+    mode: "{{ item.mode }}"
  loop:
    - src: docker-compose.yml
      mode: "0644"
    - src: db.env
      mode: "0600"
 - name: create configuration file
  ansible.builtin.copy:
    content:
-      listen_address: '0.0.0.0'
+      database_type: postgres
      database_dsn: "host=db dbname={{ coller_db_name }} user={{ coller_db_user }} password={{ coller_db_password }}"
    dest: "{{ coller_config_dir }}/collerd.json"
    owner: root
    group: root
    mode: "0640"
  no_log: true
 - name: start service
  community.docker.docker_compose_v2:
@ -37,7 +49,6 @@
    files:
      - docker-compose.yml
 - name: manage iptables
  when: coller_manage_iptables
  ansible.builtin.include_tasks: manage-iptables.yml
--- a/templates/db.env.j2
+++ b/templates/db.env.j2
@ -0,0 +1,6 @@
 {{ ansible_managed | comment }}
 POSTGRES_USER={{ coller_db_user }}
 POSTGRES_PASSWORD={{ coller_db_password }}
 POSTGRES_DB={{ coller_db_name }}
 POSTGRES_INITDB_ARGS="--data-checksums"
 POSTGRES_HOST_AUTH_METHOD=scram-sha-256
--- a/templates/docker-compose.yml.j2
+++ b/templates/docker-compose.yml.j2
@ -6,8 +6,27 @@ services:
    build: /opt/coller
    container_name: collerd
    restart: always
    networks:
        - coller
    ports:
      - "{{ coller_port }}:8080"
    volumes:
      - "{{ coller_config_dir }}/collerd.json:/etc/collerd.json:ro"
    command: collerd -config /etc/collerd.json
  db:
    image: postgres:17
    hostname: db
    container_name: collerd_db
    restart: always
    env_file: {{ coller_config_dir }}/db.env
    networks:
      - coller
    volumes:
      - coller:/var/lib/postgresql/data
 networks:
  coller:
 volumes:
  coller: