From 3b0951a4a4ef218bb9274cd3d8814c8dcc8127b0 Mon Sep 17 00:00:00 2001
From: Markus Katharina Brechtel <markus.katharina.brechtel@thengo.net>
Date: Tue, 30 Jun 2020 05:33:08 +0200
Subject: [PATCH] postgresql fix database access

---
 tasks/postgresql.yaml | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/tasks/postgresql.yaml b/tasks/postgresql.yaml
index 24d739d..77aa037 100644
--- a/tasks/postgresql.yaml
+++ b/tasks/postgresql.yaml
@@ -5,6 +5,14 @@
     pkg: python-psycopg2
   delegate_to: "{{ (nextcloud_database_host != 'localhost') | ternary(nextcloud_database_host,inventory_hostname) }}"
 
+- name: postgresql user
+  postgresql_user:
+    name: "{{ nextcloud_database_user }}"
+    password: "{{ nextcloud_database_pass }}"
+  delegate_to: "{{ (nextcloud_database_host != 'localhost') | ternary(nextcloud_database_host,inventory_hostname) }}"
+  become: yes
+  become_user: postgres
+
 - name: postgresql database
   postgresql_db:
     name: "{{nextcloud_database_name}}"
@@ -12,15 +20,17 @@
     lc_collate: "{{nextcloud_postgresql_lc}}"
     lc_ctype: "{{nextcloud_postgresql_lc}}"
     template: template0
+    owner: "{{nextcloud_database_user}}"
   delegate_to: "{{ (nextcloud_database_host != 'localhost') | ternary(nextcloud_database_host,inventory_hostname) }}"
   become: yes
   become_user: postgres
 
-- name: postgresql user
-  postgresql_user:
-    name: "{{ nextcloud_database_user }}"
-    password: "{{ nextcloud_database_pass }}"
+- name: postgresql access
+  postgresql_privs:
     db: "{{nextcloud_database_name}}"
+    privs: ALL
+    type: database
+    role: "{{ nextcloud_database_user }}"
   delegate_to: "{{ (nextcloud_database_host != 'localhost') | ternary(nextcloud_database_host,inventory_hostname) }}"
   become: yes
   become_user: postgres