[add] role:postgresql-for-gitlab

ansible/roles/postgresql-for-gitlab/defaults/main.json

@@ -0,0 +1,5 @@
+{
+	"var_postgresql_for_gitlab_username": "gitlab_user",
+	"var_postgresql_for_gitlab_password": "REPLACE_ME",
+	"var_postgresql_for_gitlab_schema": "gitlab"
+}

ansible/roles/postgresql-for-gitlab/info.md

@@ -0,0 +1,4 @@
+## Verweise
+
+- [GitLab | Dokumentation | Using a non-packaged PostgreSQL database management server](https://docs.gitlab.com/omnibus/settings/database.html#using-a-non-packaged-postgresql-database-management-server)
+

ansible/roles/postgresql-for-gitlab/tasks/main.json

@@ -0,0 +1,49 @@
+[
+	{
+		"name": "packages",
+		"become": true,
+		"ansible.builtin.apt": {
+			"update_cache": true,
+			"pkg": [
+				"acl",
+				"python3-psycopg2"
+			]
+		}
+	},
+	{
+		"name": "user",
+		"become": true,
+		"become_user": "postgres",
+		"community.postgresql.postgresql_user": {
+			"state": "present",
+			"name": "{{var_postgresql_for_gitlab_username}}",
+			"password": "{{var_postgresql_for_gitlab_password}}"
+		},
+		"environment": {
+			"PGOPTIONS": "-c password_encryption=scram-sha-256"
+		}
+	},
+	{
+		"name": "schema",
+		"become": true,
+		"become_user": "postgres",
+		"community.postgresql.postgresql_db": {
+			"state": "present",
+			"name": "{{var_postgresql_for_gitlab_schema}}",
+			"owner": "{{var_postgresql_for_gitlab_username}}"
+		}
+	},
+	{
+		"name": "rights",
+		"become": true,
+		"become_user": "postgres",
+		"community.postgresql.postgresql_privs": {
+			"state": "present",
+			"db": "{{var_postgresql_for_gitlab_schema}}",
+			"objs": "ALL_IN_SCHEMA",
+			"roles": "{{var_postgresql_for_gitlab_username}}",
+			"privs": "ALL",
+			"grant_option": true
+		}
+	}
+]