From da24aaf5ff4278a0e48148c8c97a5054b16a6b5b Mon Sep 17 00:00:00 2001
From: "Joshua M. Boniface" <joshua@boniface.me>
Date: Fri, 1 Sep 2023 15:42:22 -0400
Subject: [PATCH] Install Provisioner schema to database

---
 .../pvc/files/patroni/provisioner-schema.sql  |  7 +--
 roles/pvc/tasks/patroni/bootstrap.yml         | 44 ++++++++++++++++---
 roles/pvc/tasks/patroni/main.yml              |  1 +
 3 files changed, 41 insertions(+), 11 deletions(-)

diff --git a/roles/pvc/files/patroni/provisioner-schema.sql b/roles/pvc/files/patroni/provisioner-schema.sql
index 7ca7c6e..65913b9 100644
--- a/roles/pvc/files/patroni/provisioner-schema.sql
+++ b/roles/pvc/files/patroni/provisioner-schema.sql
@@ -1,6 +1,4 @@
-CREATE DATABASE pvcprov WITH owner = pvcprov CONNECTION LIMIT = -1;
-\c pvcprov
-CREATE TABLE system_template (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE, vcpu_count INT NOT NULL, vram_mb INT NOT NULL, serial BOOL NOT NULL, vnc BOOL NOT NULL, vnc_bind TEXT, node_limit TEXT, node_selector TEXT, start_with_node BOOL NOT NULL);
+CREATE TABLE system_template (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE, vcpu_count INT NOT NULL, vram_mb INT NOT NULL, serial BOOL NOT NULL, vnc BOOL NOT NULL, vnc_bind TEXT, node_limit TEXT, node_selector TEXT, node_autostart BOOL NOT NULL);
 CREATE TABLE network_template (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE, mac_template TEXT);
 CREATE TABLE network (id SERIAL PRIMARY KEY, network_template INT REFERENCES network_template(id), vni INT NOT NULL);
 CREATE TABLE storage_template (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE);
@@ -8,8 +6,5 @@ CREATE TABLE storage (id SERIAL PRIMARY KEY, storage_template INT REFERENCES sto
 CREATE TABLE userdata_template (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE, userdata TEXT NOT NULL);
 CREATE TABLE script (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE, script TEXT NOT NULL);
 CREATE TABLE profile (id SERIAL PRIMARY KEY, name TEXT NOT NULL UNIQUE, system_template INT REFERENCES system_template(id), network_template INT REFERENCES network_template(id), storage_template INT REFERENCES storage_template(id), userdata_template INT REFERENCES userdata_template(id), script INT REFERENCES script(id), arguments text);
-GRANT ALL PRIVILEGES ON DATABASE pvcprov TO pvcprov;
-GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO pvcprov;
-GRANT ALL PRIVILEGES ON ALL SQQUENCES IN SCHEMA public TO pvcprov;
 
 INSERT INTO userdata_template(name, userdata) VALUES ('empty', '');
diff --git a/roles/pvc/tasks/patroni/bootstrap.yml b/roles/pvc/tasks/patroni/bootstrap.yml
index 9d7edb5..8617cc5 100644
--- a/roles/pvc/tasks/patroni/bootstrap.yml
+++ b/roles/pvc/tasks/patroni/bootstrap.yml
@@ -12,7 +12,7 @@
     seconds: 15
 
 - block:
-    - name: create user for role
+    - name: create user for DNS role
       postgresql_user:
         name: "{{ pvc_dns_database_user }}"
         password: "{{ pvc_dns_database_password }}"
@@ -20,7 +20,7 @@
         state: present
         login_host: /run/postgresql
   
-    - name: create database for role
+    - name: create database for DNS role
       postgresql_db:
         name: "{{ pvc_dns_database_name }}"
         owner: "{{ pvc_dns_database_user }}"
@@ -28,14 +28,37 @@
         state: present
         login_host: /run/postgresql
   
-    - name: set user privs for role
+    - name: set user privs for DNS role
       postgresql_user:
         name: "{{ pvc_dns_database_user }}"
         db: "{{ pvc_dns_database_name }}"
         priv: ALL
         login_host: /run/postgresql
   
-    - name: create extensions
+    - name: create user for Provisioner role
+      postgresql_user:
+        name: "{{ pvc_prov_database_user }}"
+        password: "{{ pvc_prov_database_password }}"
+        encrypted: yes
+        state: present
+        login_host: /run/postgresql
+  
+    - name: create database for Provisioner role
+      postgresql_db:
+        name: "{{ pvc_prov_database_name }}"
+        owner: "{{ pvc_prov_database_user }}"
+        encoding: utf8
+        state: present
+        login_host: /run/postgresql
+  
+    - name: set user privs for Provisioner role
+      postgresql_user:
+        name: "{{ pvc_prov_database_user }}"
+        db: "{{ pvc_prov_database_name }}"
+        priv: ALL
+        login_host: /run/postgresql
+  
+    - name: create extensions for DNS database
       postgresql_ext:
         name: "{{ item }}"
         db: "{{ pvc_dns_database_name }}"
@@ -43,8 +66,19 @@
       with_items: "{{ extensions }}"
       when: extensions is defined
 
-    - name: import dns database schema
+    - name: create extensions for Provisioner database
+      postgresql_ext:
+        name: "{{ item }}"
+        db: "{{ pvc_prov_database_name }}"
+        login_host: /run/postgresql
+      with_items: "{{ extensions }}"
+      when: extensions is defined
+
+    - name: import DNS database schema
       command: "psql -U {{ pvc_dns_database_user }} -f /etc/postgresql/powerdns-schema.sql {{ pvc_dns_database_name }}"
 
+    - name: import Provisioner database schema
+      command: "psql -U {{ pvc_prov_database_user }} -f /etc/postgresql/provisioner-schema.sql {{ pvc_prov_database_name }}"
+
   become: yes
   become_user: postgres
diff --git a/roles/pvc/tasks/patroni/main.yml b/roles/pvc/tasks/patroni/main.yml
index dfa4bac..4fc2b71 100644
--- a/roles/pvc/tasks/patroni/main.yml
+++ b/roles/pvc/tasks/patroni/main.yml
@@ -69,6 +69,7 @@
     mode: 0640
   with_items:
     - { src: "patroni/powerdns-schema.sql", dest: "/etc/postgresql/powerdns-schema.sql" }
+    - { src: "patroni/provisioner-schema.sql", dest: "/etc/postgresql/provisioner-schema.sql" }
 
 - include: patroni/bootstrap.yml
   run_once: yes