From adb54312726742808e3aaf67b6f6706bd61b4ca9 Mon Sep 17 00:00:00 2001
From: Tim Flink <tflink@fedoraproject.org>
Date: Tue, 11 Nov 2014 22:31:11 +0000
Subject: [PATCH] reverting earlier removal of sudo commands in resultsdb
 database

---
 .../resultsdb-backend/tasks/main.yml          | 38 +++++++++++--------
 1 file changed, 22 insertions(+), 16 deletions(-)

diff --git a/roles/taskotron/resultsdb-backend/tasks/main.yml b/roles/taskotron/resultsdb-backend/tasks/main.yml
index d82ffb90ce..bae896c18d 100644
--- a/roles/taskotron/resultsdb-backend/tasks/main.yml
+++ b/roles/taskotron/resultsdb-backend/tasks/main.yml
@@ -6,26 +6,32 @@
     - python-psycopg2
     - libsemanage-python
 
-- name: prepare resultsdb database
-  hosts: "{{ resultsdb_db_host }}"
-  gather_facts: no
-  sudo: yes
+- name: ensure dev database is created
+  delegate_to: "{{ resultsdb_db_host }}"
   sudo_user: postgres
-  tasks:
-    - name: ensure dev database is created
-      action: postgresql_db db={{ resultsdb_db_name }}
+  sudo: true
+  action: postgresql_db db={{ resultsdb_db_name }}
 
-    - name: ensure dev resultsdb db user has access to dev database
-      when: deployment_type == 'dev'
-      action: postgresql_user db={{ resultsdb_db_name }} user={{ dev_resultsdb_db_user }} password={{ dev_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
+- name: ensure dev resultsdb db user has access to dev database
+  when: deployment_type == 'dev'
+  delegate_to: "{{ resultsdb_db_host }}"
+  sudo_user: postgres
+  sudo: true
+  action: postgresql_user db={{ resultsdb_db_name }} user={{ dev_resultsdb_db_user }} password={{ dev_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
 
-    - name: ensure stg resultsdb db user has access to stg database
-      when: deployment_type == 'stg'
-      action: postgresql_user db={{ resultsdb_db_name }} user={{ stg_resultsdb_db_user }} password={{ stg_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
+- name: ensure stg resultsdb db user has access to stg database
+  when: deployment_type == 'stg'
+  delegate_to: "{{ resultsdb_db_host }}"
+  sudo_user: postgres
+  sudo: true
+  action: postgresql_user db={{ resultsdb_db_name }} user={{ stg_resultsdb_db_user }} password={{ stg_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
 
-    - name: ensure prod resultsdb db user has access to prod database
-      when: deployment_type == 'prod'
-      action: postgresql_user db={{ resultsdb_db_name }} user={{ prod_resultsdb_db_user }} password={{ prod_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
+- name: ensure prod resultsdb db user has access to prod database
+  when: deployment_type == 'prod'
+  delegate_to: "{{ resultsdb_db_host }}"
+  sudo_user: postgres
+  sudo: true
+  action: postgresql_user db={{ resultsdb_db_name }} user={{ prod_resultsdb_db_user }} password={{ prod_resultsdb_db_password }} role_attr_flags=NOSUPERUSER
 
 - name: ensure selinux lets httpd talk to postgres
   seboolean: name=httpd_can_network_connect_db persistent=yes state=yes