From f06fb47fe47b43ccc9adec2db81b23d1b89b2231 Mon Sep 17 00:00:00 2001 From: Dmitriy Kuts Date: Sun, 7 Sep 2025 12:44:14 +0200 Subject: [PATCH 1/2] Support Debian 13 And migrate to deb822 --- .github/workflows/ci.yml | 2 ++ README.md | 21 ++++++++------ molecule/README.md | 4 +++ tasks/install_apt.yml | 62 +++++++++++++++++++++------------------- tasks/main.yml | 4 +++ tests/vars.Debian.13.yml | 1 + vars/Debian_22.yml | 2 +- vars/trixie.yml | 6 ++++ 8 files changed, 62 insertions(+), 40 deletions(-) create mode 100644 tests/vars.Debian.13.yml create mode 100644 vars/trixie.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7738c2871..8dfd62fb9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,6 +49,8 @@ jobs: # - distro: rockylinux9 - distro: debian11 - distro: debian12 + - distro: debian13 + - distro: ubuntu2004 - distro: ubuntu2204 - distro: ubuntu2404 diff --git a/README.md b/README.md index fe3bba188..6ad724106 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ Ansible role which installs and configures PostgreSQL, extensions, databases and #### Installation -This has been tested on Ansible 2.4.0 and higher. +This has been tested on Ansible 2.5.0 and higher. To install: @@ -54,14 +54,17 @@ An example how to include this role as a task: #### Compatibility matrix -| Distribution / PostgreSQL | 11 | 12 | 13 | 14 | 15 | 16 | 17 | -| ------------------------- | :--------: | :--------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | -| Debian 11.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Debian 12.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Rockylinux 8.x | :no_entry: | :no_entry: | :warning: | :warning: | :warning: | :warning: | :warning: | -| Rockylinux 9.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :warning: | -| Ubuntu 22.04.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Ubuntu 24.04.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | + +| Distribution / PostgreSQL | 11 | 12 | 13 | 14 | 15 | 16 | 17 | +| ------------------------ | :--------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | +| Debian 11.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Debian 12.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Debian 13.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Rockylinux 8.x | :no_entry: | :warning: | :warning: | :warning: | :warning: | :warning: | :warning: | +| Rockylinux 9.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :warning: | +| Ubuntu 20.04.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Ubuntu 22.04.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Ubuntu 24.04.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | - :white_check_mark: - works fine diff --git a/molecule/README.md b/molecule/README.md index 27becf062..2ffbf0914 100644 --- a/molecule/README.md +++ b/molecule/README.md @@ -14,6 +14,9 @@ The default distribution is ubuntu2204. You can override th with setting the env * fedora40 * debian11 * debian12 +======= +* debian13 +* ubuntu2004 * ubuntu2204 * ubuntu2404 @@ -45,6 +48,7 @@ The playbooks read variables from two files. One common vars file, and one with $ ls -1 tests/ | grep vars vars.Debian.11.yml vars.Debian.12.yml +vars.Debian.13.yml vars.Fedora.40.yml vars.Ubuntu.22.yml vars.Ubuntu.24.yml diff --git a/tasks/install_apt.yml b/tasks/install_apt.yml index 0c6e52b97..cb43ad496 100644 --- a/tasks/install_apt.yml +++ b/tasks/install_apt.yml @@ -19,41 +19,43 @@ update_cache: true when: ansible_facts['pkg_mgr'] == 'apt' -# --- Derive the PGDG suite from the host codename --- -# Examples: bookworm -> bookworm-pgdg, bullseye -> bullseye-pgdg, jammy -> jammy-pgdg, noble -> noble-pgdg -- name: Compute PGDG suite from distribution codename - ansible.builtin.set_fact: - postgresql_apt_suite: "{{ ansible_facts['distribution_release'] }}-pgdg" - when: ansible_facts['pkg_mgr'] == 'apt' +- name: PostgreSQL | Add PostgreSQL repository (deb822) + ansible.builtin.deb822_repository: + name: postgresql + types: ["deb"] + uris: ["{{ postgresql_apt_repository_url }}"] + suites: ["{{ ansible_distribution_release }}-pgdg"] + components: ["main", "{{ postgresql_version }}"] + signed_by: "{{ postgresql_apt_key_url }}" + state: present + when: + - postgresql_install_repository + - ansible_facts.packages.apt is defined + - ansible_facts.packages.apt[0].version is version('2.4', '>=') -# --- Install the PGDG key into a keyring file --- -# This avoids deprecated apt_key usage and works with newer apt-secure expectations. -- name: Install PGDG keyring (dearmor GPG key into a file) - ansible.builtin.shell: | - install -d -m 0755 /usr/share/postgresql-common/pgdg - curl -fsSL {{ postgresql_apt_key_url }} \ - | gpg --dearmor -o /usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg - args: - creates: /usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg - when: ansible_facts['pkg_mgr'] == 'apt' +- name: PostgreSQL | Add PostgreSQL repository apt-key | apt + apt_key: + id: "{{ postgresql_apt_key_id }}" + url: "{{ postgresql_apt_key_url }}" + state: present + keyring: /etc/apt/trusted.gpg.d/postgresql.gpg + when: + - postgresql_apt_key_url is defined and postgresql_apt_key_url | length > 0 + - postgresql_apt_key_id is defined and postgresql_apt_key_id | length > 0 + - postgresql_install_repository + - ansible_facts.packages.apt[0].version is version('2.4', '<') -# --- Add the PGDG APT repository (HTTPS + signed-by) --- -# We explicitly build the repo line to ensure the correct suite and signed-by usage. -- name: Add PGDG APT repository - ansible.builtin.apt_repository: - repo: >- - deb [signed-by=/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg] - {{ postgresql_apt_repo_base }} - {{ postgresql_apt_suite }} main - filename: pgdg +- name: PostgreSQL | Add PostgreSQL repository | apt + apt_repository: + repo: "{{ postgresql_apt_repository }}" state: present when: - - ansible_facts['pkg_mgr'] == 'apt' - - (postgresql_install_repository | default(true)) | bool + - postgresql_apt_repository | default('') != '' + - postgresql_install_repository + - ansible_facts.packages.apt[0].version is version('2.4', '<') -# --- Optional pinning (preferences) --- -- name: Add APT preferences for PGDG (pinning) - ansible.builtin.template: +- name: PostgreSQL | Add PostgreSQL repository preferences | apt + template: src: etc_apt_preferences.d_apt_postgresql_org_pub_repos_apt.pref.j2 dest: /etc/apt/preferences.d/apt_postgresql_org_pub_repos_apt.pref when: diff --git a/tasks/main.yml b/tasks/main.yml index a9ce1524a..4a0d264e7 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -30,6 +30,10 @@ - "{{ role_path }}/vars" tags: [always] +- name: Gather package facts + ansible.builtin.package_facts: + manager: apt + # --- Installers par famille/distro --- - name: Install on APT-based systems ansible.builtin.import_tasks: install_apt.yml diff --git a/tests/vars.Debian.13.yml b/tests/vars.Debian.13.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/tests/vars.Debian.13.yml @@ -0,0 +1 @@ +--- diff --git a/vars/Debian_22.yml b/vars/Debian_22.yml index 273f70e25..ca1d39422 100644 --- a/vars/Debian_22.yml +++ b/vars/Debian_22.yml @@ -3,4 +3,4 @@ postgresql_service_name: "postgresql" -postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}" +postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] {{ postgresql_apt_repository_url }}/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}" diff --git a/vars/trixie.yml b/vars/trixie.yml new file mode 100644 index 000000000..3f8da58b8 --- /dev/null +++ b/vars/trixie.yml @@ -0,0 +1,6 @@ +--- +# PostgreSQL vars for Debian Trixie (13) + +postgresql_ext_postgis_deps: + - "postgresql-{{postgresql_version}}-postgis-3" + - "postgresql-{{postgresql_version}}-postgis-3-scripts" \ No newline at end of file From 349975158bc4a9fbe488f8929d5224791d1874d1 Mon Sep 17 00:00:00 2001 From: Dmitriy Kuts Date: Sun, 7 Sep 2025 12:44:14 +0200 Subject: [PATCH 2/2] Support Debian 13 And migrate to deb822 --- .github/workflows/ci.yml | 2 ++ README.md | 21 +++++++------ defaults/main.yml | 1 + molecule/README.md | 4 +++ tasks/install_apt.yml | 67 ++++++++++++++++++++-------------------- tasks/main.yml | 4 +++ tests/vars.Debian.13.yml | 1 + vars/Debian_22.yml | 2 +- vars/trixie.yml | 6 ++++ 9 files changed, 64 insertions(+), 44 deletions(-) create mode 100644 tests/vars.Debian.13.yml create mode 100644 vars/trixie.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7738c2871..8dfd62fb9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,6 +49,8 @@ jobs: # - distro: rockylinux9 - distro: debian11 - distro: debian12 + - distro: debian13 + - distro: ubuntu2004 - distro: ubuntu2204 - distro: ubuntu2404 diff --git a/README.md b/README.md index fe3bba188..6ad724106 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ Ansible role which installs and configures PostgreSQL, extensions, databases and #### Installation -This has been tested on Ansible 2.4.0 and higher. +This has been tested on Ansible 2.5.0 and higher. To install: @@ -54,14 +54,17 @@ An example how to include this role as a task: #### Compatibility matrix -| Distribution / PostgreSQL | 11 | 12 | 13 | 14 | 15 | 16 | 17 | -| ------------------------- | :--------: | :--------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | -| Debian 11.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Debian 12.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Rockylinux 8.x | :no_entry: | :no_entry: | :warning: | :warning: | :warning: | :warning: | :warning: | -| Rockylinux 9.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :warning: | -| Ubuntu 22.04.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | -| Ubuntu 24.04.x | :no_entry: | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | + +| Distribution / PostgreSQL | 11 | 12 | 13 | 14 | 15 | 16 | 17 | +| ------------------------ | :--------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | :----------------: | +| Debian 11.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Debian 12.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Debian 13.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Rockylinux 8.x | :no_entry: | :warning: | :warning: | :warning: | :warning: | :warning: | :warning: | +| Rockylinux 9.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :warning: | +| Ubuntu 20.04.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Ubuntu 22.04.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | +| Ubuntu 24.04.x | :no_entry: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | :white_check_mark: | - :white_check_mark: - works fine diff --git a/defaults/main.yml b/defaults/main.yml index 689f285a6..64d71a090 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -838,6 +838,7 @@ postgresql_install_repository: true # APT settings postgresql_apt_key_id: "ACCC4CF8" postgresql_apt_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc" +postgresql_apt_repository_url: "https://apt.postgresql.org/pub/repos/apt" # postgresql_apt_keyring: "/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg" # repsoitory base diff --git a/molecule/README.md b/molecule/README.md index 27becf062..2ffbf0914 100644 --- a/molecule/README.md +++ b/molecule/README.md @@ -14,6 +14,9 @@ The default distribution is ubuntu2204. You can override th with setting the env * fedora40 * debian11 * debian12 +======= +* debian13 +* ubuntu2004 * ubuntu2204 * ubuntu2404 @@ -45,6 +48,7 @@ The playbooks read variables from two files. One common vars file, and one with $ ls -1 tests/ | grep vars vars.Debian.11.yml vars.Debian.12.yml +vars.Debian.13.yml vars.Fedora.40.yml vars.Ubuntu.22.yml vars.Ubuntu.24.yml diff --git a/tasks/install_apt.yml b/tasks/install_apt.yml index 0c6e52b97..7b717cba4 100644 --- a/tasks/install_apt.yml +++ b/tasks/install_apt.yml @@ -15,45 +15,48 @@ - curl - gnupg - lsb-release + - python3-debian state: present update_cache: true when: ansible_facts['pkg_mgr'] == 'apt' -# --- Derive the PGDG suite from the host codename --- -# Examples: bookworm -> bookworm-pgdg, bullseye -> bullseye-pgdg, jammy -> jammy-pgdg, noble -> noble-pgdg -- name: Compute PGDG suite from distribution codename - ansible.builtin.set_fact: - postgresql_apt_suite: "{{ ansible_facts['distribution_release'] }}-pgdg" - when: ansible_facts['pkg_mgr'] == 'apt' +- name: PostgreSQL | Add PostgreSQL repository (deb822) + ansible.builtin.deb822_repository: + name: postgresql + types: ["deb"] + uris: ["{{ postgresql_apt_repository_url }}"] + suites: ["{{ ansible_distribution_release }}-pgdg"] + components: ["main", "{{ postgresql_version }}"] + signed_by: "{{ postgresql_apt_key_url }}" + state: present + when: + - postgresql_install_repository + - ansible_facts.packages.apt is defined + - ansible_facts.packages.apt[0].version is version('2.4', '>=') -# --- Install the PGDG key into a keyring file --- -# This avoids deprecated apt_key usage and works with newer apt-secure expectations. -- name: Install PGDG keyring (dearmor GPG key into a file) - ansible.builtin.shell: | - install -d -m 0755 /usr/share/postgresql-common/pgdg - curl -fsSL {{ postgresql_apt_key_url }} \ - | gpg --dearmor -o /usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg - args: - creates: /usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg - when: ansible_facts['pkg_mgr'] == 'apt' +- name: PostgreSQL | Add PostgreSQL repository apt-key | apt + apt_key: + id: "{{ postgresql_apt_key_id }}" + url: "{{ postgresql_apt_key_url }}" + state: present + keyring: /etc/apt/trusted.gpg.d/postgresql.gpg + when: + - postgresql_apt_key_url is defined and postgresql_apt_key_url | length > 0 + - postgresql_apt_key_id is defined and postgresql_apt_key_id | length > 0 + - postgresql_install_repository + - ansible_facts.packages.apt[0].version is version('2.4', '<') -# --- Add the PGDG APT repository (HTTPS + signed-by) --- -# We explicitly build the repo line to ensure the correct suite and signed-by usage. -- name: Add PGDG APT repository - ansible.builtin.apt_repository: - repo: >- - deb [signed-by=/usr/share/postgresql-common/pgdg/apt.postgresql.org.gpg] - {{ postgresql_apt_repo_base }} - {{ postgresql_apt_suite }} main - filename: pgdg +- name: PostgreSQL | Add PostgreSQL repository | apt + apt_repository: + repo: "{{ postgresql_apt_repository }}" state: present when: - - ansible_facts['pkg_mgr'] == 'apt' - - (postgresql_install_repository | default(true)) | bool + - postgresql_apt_repository | default('') != '' + - postgresql_install_repository + - ansible_facts.packages.apt[0].version is version('2.4', '<') -# --- Optional pinning (preferences) --- -- name: Add APT preferences for PGDG (pinning) - ansible.builtin.template: +- name: PostgreSQL | Add PostgreSQL repository preferences | apt + template: src: etc_apt_preferences.d_apt_postgresql_org_pub_repos_apt.pref.j2 dest: /etc/apt/preferences.d/apt_postgresql_org_pub_repos_apt.pref when: @@ -74,7 +77,6 @@ - (postgresql_apt_dependencies | default([])) | length > 0 # --- Install PostgreSQL packages from PGDG --- -# Use default_release only if we know the suite; this avoids "invalid APT::Default-Release" errors. - name: Install PostgreSQL server/client/contrib ansible.builtin.apt: name: @@ -84,9 +86,6 @@ state: present update_cache: true cache_valid_time: "{{ apt_cache_valid_time | default(3600) }}" - default_release: >- - {{ postgresql_default_release - | default(postgresql_apt_suite | default(omit)) }} environment: "{{ postgresql_env | default({}) }}" when: ansible_facts['pkg_mgr'] == 'apt' diff --git a/tasks/main.yml b/tasks/main.yml index a9ce1524a..4a0d264e7 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -30,6 +30,10 @@ - "{{ role_path }}/vars" tags: [always] +- name: Gather package facts + ansible.builtin.package_facts: + manager: apt + # --- Installers par famille/distro --- - name: Install on APT-based systems ansible.builtin.import_tasks: install_apt.yml diff --git a/tests/vars.Debian.13.yml b/tests/vars.Debian.13.yml new file mode 100644 index 000000000..ed97d539c --- /dev/null +++ b/tests/vars.Debian.13.yml @@ -0,0 +1 @@ +--- diff --git a/vars/Debian_22.yml b/vars/Debian_22.yml index 273f70e25..ca1d39422 100644 --- a/vars/Debian_22.yml +++ b/vars/Debian_22.yml @@ -3,4 +3,4 @@ postgresql_service_name: "postgresql" -postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}" +postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] {{ postgresql_apt_repository_url }}/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}" diff --git a/vars/trixie.yml b/vars/trixie.yml new file mode 100644 index 000000000..2be91a931 --- /dev/null +++ b/vars/trixie.yml @@ -0,0 +1,6 @@ +--- +# PostgreSQL vars for Debian Trixie (13) + +postgresql_ext_postgis_deps: + - "postgresql-{{postgresql_version}}-postgis-3" + - "postgresql-{{postgresql_version}}-postgis-3-scripts"