From 554effd9e591a12bd39bfafac3e90e0befcb3fa7 Mon Sep 17 00:00:00 2001
From: Prakasa <prakasa@devetek.com>
Date: Sat, 21 Sep 2024 19:53:43 +0700
Subject: [PATCH 1/6] fix: add variable postgresql_service_description to set
 service description

---
 defaults/main.yml                                             | 3 +++
 .../etc_systemd_system_postgresql.service.d_custom.conf.j2    | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 689f285a6..02a743aff 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -24,6 +24,9 @@ postgresql_admin_user: "postgres"
 postgresql_default_auth_method: "peer"
 postgresql_default_auth_method_hosts: "{{ 'scram-sha-256' if postgresql_version is version_compare('14', '>=') else 'md5' }}" # (>=14.0 scram-sha-256 is default value)
 
+# The description that will use to customize process or service description
+postgresql_service_description: "PostgreSQL RDBMS"
+
 # The user/group that will run postgresql process or service
 postgresql_service_user: "{{ postgresql_admin_user }}"
 postgresql_service_user_pgsql_profile: false
diff --git a/templates/etc_systemd_system_postgresql.service.d_custom.conf.j2 b/templates/etc_systemd_system_postgresql.service.d_custom.conf.j2
index be85ad6af..36d43c7b2 100644
--- a/templates/etc_systemd_system_postgresql.service.d_custom.conf.j2
+++ b/templates/etc_systemd_system_postgresql.service.d_custom.conf.j2
@@ -1,6 +1,10 @@
 # {{ ansible_managed }}
 # Systemd unit file override to specify user/group as well as separate config
 # and data directories.
+
+[Unit]
+Description={{ postgresql_service_description }}
+
 [Service]
 User={{ postgresql_service_user }}
 Group={{ postgresql_service_group }}

From 880cf91b488c04c1d7d2a839dee0a87700718b06 Mon Sep 17 00:00:00 2001
From: Prakasa <prakasa@devetek.com>
Date: Mon, 23 Sep 2024 05:03:20 +0700
Subject: [PATCH 2/6] fix: update variable postgresql_apt_repository for ubuntu
 22

---
 vars/Debian_22.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vars/Debian_22.yml b/vars/Debian_22.yml
index 273f70e25..217fb4ffd 100644
--- a/vars/Debian_22.yml
+++ b/vars/Debian_22.yml
@@ -3,4 +3,4 @@
 
 postgresql_service_name: "postgresql"
 
-postgresql_apt_repository: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/postgresql.gpg] http://apt.postgresql.org/pub/repos/apt/ {{ ansible_distribution_release }}-pgdg main {{ postgresql_version }}"
+postgresql_apt_repository: "deb http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main"

From 1db50ca4e65badbb728aefb4a1520f61ab68b7bf Mon Sep 17 00:00:00 2001
From: Prakasa <prakasa@devetek.com>
Date: Mon, 23 Sep 2024 06:22:59 +0700
Subject: [PATCH 3/6] fix: custom service config for Debian family

---
 tasks/configure.yml                               | 10 ++++++++++
 ...tem_postgresql.service.d_custom.conf_Debian.j2 | 15 +++++++++++++++
 2 files changed, 25 insertions(+)
 create mode 100644 templates/etc_systemd_system_postgresql.service.d_custom.conf_Debian.j2

diff --git a/tasks/configure.yml b/tasks/configure.yml
index e34b6a9a3..0d2897835 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -278,6 +278,16 @@
   register: postgresql_systemd_custom_conf
   notify: restart postgresql
 
+- name: PostgreSQL | Use the conf directory when starting the Postgres service | Debian
+  template:
+    src: etc_systemd_system_postgresql.service.d_custom.conf_Debian.j2
+    dest: "/lib/systemd/system/postgresql.service"
+  when: ansible_os_family == "Debian"
+  register: postgresql_systemd_custom_conf
+  notify:
+    - reload service daemon
+    - restart postgresql
+
 - name: PostgreSQL | Ensure the pid directory for PostgreSQL exists
   file:
     name: "{{ postgresql_pid_directory }}"
diff --git a/templates/etc_systemd_system_postgresql.service.d_custom.conf_Debian.j2 b/templates/etc_systemd_system_postgresql.service.d_custom.conf_Debian.j2
new file mode 100644
index 000000000..6a020e78f
--- /dev/null
+++ b/templates/etc_systemd_system_postgresql.service.d_custom.conf_Debian.j2
@@ -0,0 +1,15 @@
+# {{ ansible_managed }}
+# Systemd unit file override to specify user/group as well as separate config
+# and data directories.
+
+[Unit]
+Description={{ postgresql_service_description }}
+
+[Service]
+Type=oneshot
+ExecStart=/bin/true
+ExecReload=/bin/true
+RemainAfterExit=on
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file

From 50adf307fb7063da600ab498f9d93fdba9e38669 Mon Sep 17 00:00:00 2001
From: Prakasa <prakasa@devetek.com>
Date: Tue, 24 Sep 2024 15:02:15 +0700
Subject: [PATCH 4/6] fix: bug fixing ident auth for root user

---
 defaults/main.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 02a743aff..c26f3d155 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -20,6 +20,7 @@ postgresql_env:
   LC_ALL: "{{ postgresql_locale }}"
   LC_LCTYPE: "{{ postgresql_locale }}"
 
+postgresql_linux_admin_user: "root"
 postgresql_admin_user: "postgres"
 postgresql_default_auth_method: "peer"
 postgresql_default_auth_method_hosts: "{{ 'scram-sha-256' if postgresql_version is version_compare('14', '>=') else 'md5' }}" # (>=14.0 scram-sha-256 is default value)
@@ -82,10 +83,10 @@ postgresql_user_privileges: []
 
 # pg_hba.conf
 postgresql_pg_hba_default:
-  - { type: local, database: all, user: all, address: "",             method: "{{ postgresql_default_auth_method }}", comment: '"local" is for Unix domain socket connections only' }
   - { type: host,  database: all, user: all, address: "127.0.0.1/32", method: "{{ postgresql_default_auth_method_hosts }}", comment: "IPv4 local connections:" }
   - { type: host,  database: all, user: all, address: "::1/128",      method: "{{ postgresql_default_auth_method_hosts }}", comment: "IPv6 local connections:" }
-  - { type: local, database: all, user: "{{ postgresql_admin_user }}", address: "", method: "peer map=root_as_{{ postgresql_admin_user }}", comment: "Local root Unix user, passwordless access" }
+  - { type: local, database: all, user: "{{ postgresql_admin_user }}", address: "", method: "peer map={{ postgresql_linux_admin_user }}_as_{{ postgresql_admin_user }}", comment: "Local root Unix user, passwordless access" }
+  - { type: local, database: all, user: all, address: "",             method: "{{ postgresql_default_auth_method }}", comment: '"local" is for Unix domain socket connections only' }
 
 postgresql_pg_hba_md5_hosts: []
 postgresql_pg_hba_passwd_hosts: []
@@ -96,7 +97,7 @@ postgresql_pg_hba_custom: []
 postgresql_pg_ident:
   - comment: "root is allowed to login as {{ postgresql_admin_user }}"
     mapname: "root_as_{{ postgresql_admin_user }}"
-    system_username: "{{ postgresql_admin_user }}"
+    system_username: "{{ postgresql_linux_admin_user }}"
     pg_username: "{{ postgresql_admin_user }}"
 
 # postgresql.conf

From f8ccc21492f8be67bbeb2b0db1334a752f92475b Mon Sep 17 00:00:00 2001
From: Prakasa <prakasa@devetek.com>
Date: Tue, 24 Sep 2024 17:49:40 +0700
Subject: [PATCH 5/6] fix: regex list of linux users impersonate postgres

---
 defaults/main.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index c26f3d155..93dae5e03 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -20,7 +20,7 @@ postgresql_env:
   LC_ALL: "{{ postgresql_locale }}"
   LC_LCTYPE: "{{ postgresql_locale }}"
 
-postgresql_linux_admin_user: "root"
+postgresql_linux_admin_user: '"/^(root|postgres)$"'
 postgresql_admin_user: "postgres"
 postgresql_default_auth_method: "peer"
 postgresql_default_auth_method_hosts: "{{ 'scram-sha-256' if postgresql_version is version_compare('14', '>=') else 'md5' }}" # (>=14.0 scram-sha-256 is default value)
@@ -85,7 +85,7 @@ postgresql_user_privileges: []
 postgresql_pg_hba_default:
   - { type: host,  database: all, user: all, address: "127.0.0.1/32", method: "{{ postgresql_default_auth_method_hosts }}", comment: "IPv4 local connections:" }
   - { type: host,  database: all, user: all, address: "::1/128",      method: "{{ postgresql_default_auth_method_hosts }}", comment: "IPv6 local connections:" }
-  - { type: local, database: all, user: "{{ postgresql_admin_user }}", address: "", method: "peer map={{ postgresql_linux_admin_user }}_as_{{ postgresql_admin_user }}", comment: "Local root Unix user, passwordless access" }
+  - { type: local, database: all, user: "{{ postgresql_admin_user }}", address: "", method: "peer map=root_as_{{ postgresql_admin_user }}", comment: "Local root Unix user, passwordless access" }
   - { type: local, database: all, user: all, address: "",             method: "{{ postgresql_default_auth_method }}", comment: '"local" is for Unix domain socket connections only' }
 
 postgresql_pg_hba_md5_hosts: []

From ad3d371b5fe3762febb5f42ec01c104279195f2a Mon Sep 17 00:00:00 2001
From: prakasa1904 <prakasa@devetek.com>
Date: Mon, 25 May 2026 10:47:53 +0400
Subject: [PATCH 6/6] fix: fixing handler name

---
 handlers/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/handlers/main.yml b/handlers/main.yml
index bcfab34fc..df9094589 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -6,6 +6,6 @@
       state: restarted
       enabled: yes
 
-  - name: Reload systemd daemon
+  - name: reload service daemon
     ansible.builtin.command: systemctl daemon-reload
     become: true