diff --git a/inventory/host_vars/upstreamfirst.fedorainfracloud.org b/inventory/host_vars/upstreamfirst.fedorainfracloud.org index 5e164da4fb..2c8aae52d5 100644 --- a/inventory/host_vars/upstreamfirst.fedorainfracloud.org +++ b/inventory/host_vars/upstreamfirst.fedorainfracloud.org @@ -55,7 +55,14 @@ new_pagure_db_admin_user: "{{ upstreamfirst_pagure_db_admin_user }}" new_pagure_db_admin_pass: "{{ upstreamfirst_pagure_db_admin_pass }}" new_pagure_db_user: "{{ upstreamfirst_pagure_db_user }}" new_pagure_db_pass: "{{ upstreamfirst_pagure_db_pass }}" -new_pagure_db_host: "{{ inventory_hostname }}" + +# there are two db hosts here to work around the pg_hba that's in postgres_server +# we need to delegate postgres admin commands to a host that is remote from where +# this playbook is run but have to use localhost for the application to run in the +# case where we're using a local postgres instance +new_pagure_db_host: "127.0.0.1" +new_pagure_db_command_host: "{{ inventory_hostname }}" + new_pagure_db_name: "{{ upstreamfirst_pagure_db_name }}" new_pagure_secret_key: "{{ upstreamfirst_pagure_db_admin_user }}" new_pagure_secret_salt_email: "{{ upstreamfirst_pagure_secret_salt_email }}" diff --git a/roles/pagure/upstreamfirst-frontend/tasks/main.yml b/roles/pagure/upstreamfirst-frontend/tasks/main.yml index db5597c109..ba1441dfcc 100644 --- a/roles/pagure/upstreamfirst-frontend/tasks/main.yml +++ b/roles/pagure/upstreamfirst-frontend/tasks/main.yml @@ -209,7 +209,7 @@ - restart apache - name: create pagure database - delegate_to: "{{ new_pagure_db_host }}" + delegate_to: "{{ new_pagure_db_command_host }}" become: true become_user: postgres postgresql_db: db={{ new_pagure_db_name }} @@ -218,7 +218,7 @@ - pagure - name: ensure pagure db user has access to database - delegate_to: "{{ new_pagure_db_host }}" + delegate_to: "{{ new_pagure_db_command_host }}" become: true become_user: postgres postgresql_user: db={{ new_pagure_db_name }} user={{ new_pagure_db_user }} password={{ new_pagure_db_pass }} role_attr_flags=NOSUPERUSER