---
# tasks file for postgres-install-config
- name: Set PostgreSQL listen address (only local + host_ip)
  lineinfile:
    path: "/etc/postgresql/{{ db_version }}/main/postgresql.conf"
    regexp: '^#?listen_addresses\s*='
    line: >
      "listen_addresses = 'localhost,
      {{ host_ip }},{{  docker_networks.monitoring_net.gateway }},
      {{  docker_networks.prod_net.gateway }}'"
    create: yes


- name: Ensure external IPs
  lineinfile:
    path: "rm"
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    insertafter: EOF
  loop:
    - regexp: '^host\s+all\s+all\s+{{ allowed_ip | regex_escape() }}\s+.*$'
      line: "host    all     all    {{ allowed_ip }}/32    scram-sha-256"
    - regexp: '^host\s+all\s+all\s+{{ postgres_exporter_ip | regex_escape() }}\s+.*$'
      line: "host    all     all    {{ docker_networks.monitoring_net.gateway }}/16   scram-sha-256"
    - regexp: '^host\s+all\s+all\s+{{ docker_networks.prod_net.gateway | regex_escape() }}\s+.*$'
      line: "host    all     all    {{ docker_networks.prod_net.gateway }}/16    scram-sha-256"


- name: Set custom PostgreSQL port
  lineinfile:
    path: "/etc/postgresql/{{ db_version }}/main/postgresql.conf"
    regexp: '^#?port\s*='
    line: "port = {{ ports.db_port.port }}"
    create: yes


- name: Reload postgres-install to apply changes
  service:
    name: postgresql
    state: reloaded
    enabled: true