Specify PostgreSQL passwords in Ansible Playbook

Question

New to Ansible, Running version 2.1.0. I've written an Ansible playbook that runs a PostgreSQL query against a group of hosts. When I specify the SQL DB password in the shell command it works, but I'm looking to run the playbook against a group of hosts and need a better way to input the passwords as they are all unique. Could anyone suggest a better way to do this?

---

- hosts: Test_Hosts    
  sudo: yes    
  sudo_user: root    
  gather_facts: yes
  tasks:    
  - name: Login to DB and run command    
    shell: export PGPASSWORD='Password'; psql -U 'user' -d 'db' -c 'select * FROM table'; 
    register: select_all_from_table

  - name: Display table contents    
    debug: msg="{{ select_all_from_table.stdout }}"

I saw another thread on the topic but was not sure how to implement the suggestion: Run a postgresql command with ansible playbook. Postgresql requires password

ydaetskcoR ydaetskcoR · Accepted Answer · 2016-06-20T21:02:48

Ansible allows you to set environment variables for a task using the environment parameter to any task.

So in your case you could just do this:

  - name: Login to DB and run command    
    shell: psql -U 'user' -d 'db' -c 'select * FROM table'; 
    register: select_all_from_table
    environment:
      PGPASSWORD: '{{ pgpassword }}'

And then set the pgpassword variable at the group or host level.

Specify PostgreSQL passwords in Ansible Playbook

2 Answers