# Copyright (C) The Arvados Authors. All rights reserved.
#
# SPDX-License-Identifier: Apache-2.0

- name: apt update if needed
  ansible.builtin.meta: flush_handlers

- name: Install PostgreSQL server package and psycopg2
  become: yes
  ansible.builtin.apt:
    name:
      - "{{ arvados_postgresql_package }}"
      - python3-psycopg2

- name: Find pg_hba.conf file
  when: arvados_postgresql_hba_file is falsy
  become: yes
  become_user: postgres
  community.postgresql.postgresql_query:
    login_db: postgres
    query: SHOW hba_file;
  register: pg_hba_query

- name: Create pg_hba.conf entries
  when: arvados_postgresql_hba_databases is truthy and arvados_postgresql_hba_users is truthy
  become: true
  loop: "{{ arvados_postgresql_hba_sources }}"
  community.postgresql.postgresql_pg_hba:
    dest: "{{ arvados_postgresql_hba_file or pg_hba_query.query_result.0.hba_file }}"
    contype: "{{ arvados_postgresql_hba_contype }}"
    databases: "{{ arvados_postgresql_hba_databases }}"
    method: "{{ arvados_postgresql_hba_method }}"
    users: "{{ arvados_postgresql_hba_users }}"
    source: "{{ item }}"
  register: pg_hba_entries

- name: Write PostgreSQL conf.d file
  when: arvados_postgresql_config is truthy
  become: true
  vars:
    conf_dir: "{{ (arvados_postgresql_hba_file or pg_hba_query.query_result.0.hba_file)|dirname }}"
  ansible.builtin.template:
    src: arvados-ansible.conf.j2
    dest: "{{ arvados_postgresql_config_path or (conf_dir, 'conf.d', 'arvados-ansible.conf')|path_join }}"
    owner: root
    group: root
    mode: 0644
  register: arvados_postgresql_config_update

- name: Set up PostgreSQL service
  become: yes
  ansible.builtin.systemd_service:
    name: "postgresql@{{ (arvados_postgresql_hba_file or pg_hba_query.query_result.0.hba_file)|dirname|relpath('/etc/postgresql')|replace('/', '-') }}.service"
    state: "{{ 'restarted' if arvados_postgresql_config_update.changed else 'reloaded' if pg_hba_entries.changed else 'started' }}"
    enabled: yes