---

- name: Set architecture alias
  set_fact:
    architecture_alias: "amd64"  # noqa: var-naming[no-role-prefix]
  when: ansible_architecture == "x86_64"

- name: Set architecture alias
  set_fact:
    architecture_alias: "arm64"  # noqa: var-naming[no-role-prefix]
  when: ansible_architecture == "aarch64"

- name: Add PostgreSQL GPG apt key
  apt_key:
    url: https://www.postgresql.org/media/keys/ACCC4CF8.asc
    keyring: /usr/share/keyrings/apt.postgresql.org.gpg
    state: present

- name: Add PostgreSQL Repository
  apt_repository:
    repo: "deb [arch={{ architecture_alias }} signed-by=/usr/share/keyrings/apt.postgresql.org.gpg] \
          http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main"
    state: present
    update_cache: true

- name: Install PostgreSQL
  apt:
    name: "postgresql-{{ pgsql_server_version }}"
    state: latest
    update_cache: true
    cache_valid_time: 3600

- name: Install required system packages
  apt:
    name: python3-psycopg2  # needed for postgresql ansible module
    state: latest
    update_cache: true
    cache_valid_time: 3600

- name: Set PostgreSQL parameters
  become: true
  become_user: postgres
  community.postgresql.postgresql_set:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
  register: postgresql_set
  loop: "{{ pgsql_config }}"
  notify: Restart postgresql

- name: Set PostgreSQL Client Authentication
  community.postgresql.postgresql_pg_hba:
    dest: "/etc/postgresql/{{ pgsql_server_version }}/main/pg_hba.conf"
    overwrite: false # remove preexisting rules
    backup: true
    backup_file: "/etc/postgresql/{{ pgsql_server_version }}/main/pg_hba.conf.backup"
    # custom defaults
    rules_behavior: combine
    contype: host
    # custom rules
    rules: "{{ pgsql_client_auth }}" # noqa: args
  notify: Reload postgresql