Fix the pgdg repository of the deb packages.
This commit is contained in:
parent
e54345a927
commit
1fc4a4527d
|
@ -1,26 +1,31 @@
|
|||
---
|
||||
psql_enabled: True
|
||||
psql_enabled: true
|
||||
# I prefer to use the postgresql.org repositories
|
||||
#
|
||||
# See the features matrix here: http://www.postgresql.org/about/featurematrix/
|
||||
#
|
||||
pg_use_postgresql_org_repo: True
|
||||
psql_postgresql_install: True
|
||||
pg_use_postgresql_org_repo: true
|
||||
postgresql_deb_repo_key_url: "https://www.postgresql.org/media/keys/ACCC4CF8.asc"
|
||||
postgresql_deb_repo_key: /etc/apt/keyrings/postgresql.asc
|
||||
postgresql_deb_repository_url: "http://apt.postgresql.org/pub/repos/apt/"
|
||||
postgresql_deb_repository_rel: "{{ ansible_lsb.codename }}-pgdg"
|
||||
psql_postgresql_install: true
|
||||
psql_pkg_state: present
|
||||
postgresql_enabled: True
|
||||
postgresql_enabled: true
|
||||
psql_version: 16
|
||||
psql_db_host: localhost
|
||||
psql_db_port: 5432
|
||||
psql_db_size_w: 150000000
|
||||
psql_db_size_c: 170000000
|
||||
psql_max_connections: 1024
|
||||
psql_listen_on_ext_int: False
|
||||
psql_use_alternate_data_dir: False
|
||||
psql_listen_on_ext_int: false
|
||||
psql_use_alternate_data_dir: false
|
||||
# Deb/Ubuntu
|
||||
psql_data_root_dir: '/var/lib/postgresql/{{ psql_version }}'
|
||||
psql_data_dir: '{{ psql_data_root_dir }}/main'
|
||||
psql_conf_dir: '/etc/postgresql/{{ psql_version }}/main'
|
||||
psql_log_dir: /var/log/postgresql
|
||||
postgresql_install_client_only: false
|
||||
|
||||
# Debian/Ubuntu
|
||||
postgresql_pkgs:
|
||||
|
@ -30,8 +35,8 @@ postgresql_pkgs:
|
|||
- pgtop
|
||||
- "{% if ansible_distribution_version is version_compare('20.04', '>=') %}python3-psycopg2{% else %}python-psycopg2{% endif %}"
|
||||
|
||||
psql_el_install_scl_version: False
|
||||
psql_el_install_from_pgdg_repo: True
|
||||
psql_el_install_scl_version: false
|
||||
psql_el_install_from_pgdg_repo: true
|
||||
psql_el_pgdg_repo_url: "https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm"
|
||||
psql_scl_base_dir: '/var/opt/rh/rh-postgresql{{ psql_version }}/lib/pgsql'
|
||||
psql_el_base_dir: '/var/lib/pgsql/{{ psql_version }}'
|
||||
|
@ -53,68 +58,68 @@ psql_el_scl_packages:
|
|||
- python-psycopg2
|
||||
|
||||
psql_conf_parameters:
|
||||
- { name: 'max_connections', value: '{{ psql_max_connections }}', set: 'True' }
|
||||
- { name: 'shared_buffers', value: '{{ (ansible_memtotal_mb / 4) | int }}MB', set: 'True' }
|
||||
- { name: 'work_mem', value: '{{ ((ansible_memtotal_mb * 1024) / (400 * ansible_processor_vcpus)) | int }}kB', set: 'True' }
|
||||
- { name: 'maintenance_work_mem', value: '{{ (ansible_memtotal_mb / 8) | int }}MB', set: 'True' }
|
||||
- { name: 'temp_buffers', value: '{{ ansible_memtotal_mb }}kB', set: 'True' }
|
||||
- { name: 'wal_buffers', value: '{{ (ansible_memtotal_mb / 1024 * 2) | int }}MB', set: 'True' }
|
||||
- { name: 'min_wal_size', value: '{{ (ansible_memtotal_mb / 16) | int }}MB', set: 'True' }
|
||||
- { name: 'max_wal_size', value: '{{ (ansible_memtotal_mb / 8) | int }}MB', set: 'True' }
|
||||
- { name: 'effective_cache_size', value: '{{ (ansible_memtotal_mb / 1.3) | int }}MB', set: 'True' }
|
||||
- { name: 'max_stack_depth', value: '2MB', set: 'False' }
|
||||
- { name: 'max_files_per_process', value: '8192', set: 'False' }
|
||||
- { name: 'max_connections', value: '{{ psql_max_connections }}', set: 'true' }
|
||||
- { name: 'shared_buffers', value: '{{ (ansible_memtotal_mb / 4) | int }}MB', set: 'true' }
|
||||
- { name: 'work_mem', value: '{{ ((ansible_memtotal_mb * 1024) / (400 * ansible_processor_vcpus)) | int }}kB', set: 'true' }
|
||||
- { name: 'maintenance_work_mem', value: '{{ (ansible_memtotal_mb / 8) | int }}MB', set: 'true' }
|
||||
- { name: 'temp_buffers', value: '{{ ansible_memtotal_mb }}kB', set: 'true' }
|
||||
- { name: 'wal_buffers', value: '{{ (ansible_memtotal_mb / 1024 * 2) | int }}MB', set: 'true' }
|
||||
- { name: 'min_wal_size', value: '{{ (ansible_memtotal_mb / 16) | int }}MB', set: 'true' }
|
||||
- { name: 'max_wal_size', value: '{{ (ansible_memtotal_mb / 8) | int }}MB', set: 'true' }
|
||||
- { name: 'effective_cache_size', value: '{{ (ansible_memtotal_mb / 1.3) | int }}MB', set: 'true' }
|
||||
- { name: 'max_stack_depth', value: '2MB', set: 'false' }
|
||||
- { name: 'max_files_per_process', value: '8192', set: 'false' }
|
||||
|
||||
# logging configuration. Important: the parameters that need a restart must be listed in psql_conf_parameters
|
||||
psql_log_configuration:
|
||||
- { name: 'log_destination', value: 'stderr', set: 'True' }
|
||||
- { name: 'logging_collector', value: 'off', set: 'False' }
|
||||
- { name: 'log_directory', value: '{{ psql_log_dir }}', set: 'True' }
|
||||
- { name: 'log_rotation_age', value: '1d', set: 'True' }
|
||||
- { name: 'log_rotation_size', value: '10MB', set: 'True' }
|
||||
- { name: 'client_min_messages', value: 'notice', set: 'True' }
|
||||
- { name: 'log_min_messages', value: 'warning', set: 'True' }
|
||||
- { name: 'log_min_error_statement', value: 'error', set: 'True' }
|
||||
- { name: 'log_min_duration_statement', value: '-1', set: 'True' }
|
||||
- { name: 'log_checkpoints', value: 'off', set: 'True' }
|
||||
- { name: 'log_duration', value: 'off', set: 'True' }
|
||||
- { name: 'log_error_verbosity', value: 'default', set: 'True' }
|
||||
- { name: 'log_destination', value: 'stderr', set: 'true' }
|
||||
- { name: 'logging_collector', value: 'off', set: 'false' }
|
||||
- { name: 'log_directory', value: '{{ psql_log_dir }}', set: 'true' }
|
||||
- { name: 'log_rotation_age', value: '1d', set: 'true' }
|
||||
- { name: 'log_rotation_size', value: '10MB', set: 'true' }
|
||||
- { name: 'client_min_messages', value: 'notice', set: 'true' }
|
||||
- { name: 'log_min_messages', value: 'warning', set: 'true' }
|
||||
- { name: 'log_min_error_statement', value: 'error', set: 'true' }
|
||||
- { name: 'log_min_duration_statement', value: '-1', set: 'true' }
|
||||
- { name: 'log_checkpoints', value: 'off', set: 'true' }
|
||||
- { name: 'log_duration', value: 'off', set: 'true' }
|
||||
- { name: 'log_error_verbosity', value: 'default', set: 'true' }
|
||||
|
||||
# Treat vacuum separately. Important: the parameters that need a restart must be listed in psql_conf_parameters
|
||||
psql_autovacuum_configuration:
|
||||
- { name: 'track_counts', value: 'on', set: 'True' }
|
||||
- { name: 'autovacuum', value: 'on', set: 'True' }
|
||||
- { name: 'log_autovacuum_min_duration', value: '-1', set: 'True' }
|
||||
- { name: 'autovacuum_vacuum_threshold', value: '50', set: 'True' }
|
||||
- { name: 'autovacuum_analyze_threshold', value: '50', set: 'True' }
|
||||
- { name: 'autovacuum_vacuum_scale_factor', value: '0.2', set: 'True' }
|
||||
- { name: 'autovacuum_vacuum_cost_limit', value: '1000', set: 'True' }
|
||||
- { name: 'autovacuum_max_workers', value: '10', set: 'True' }
|
||||
- { name: 'autovacuum_naptime', value: '10', set: 'True' }
|
||||
- { name: 'track_counts', value: 'on', set: 'true' }
|
||||
- { name: 'autovacuum', value: 'on', set: 'true' }
|
||||
- { name: 'log_autovacuum_min_duration', value: '-1', set: 'true' }
|
||||
- { name: 'autovacuum_vacuum_threshold', value: '50', set: 'true' }
|
||||
- { name: 'autovacuum_analyze_threshold', value: '50', set: 'true' }
|
||||
- { name: 'autovacuum_vacuum_scale_factor', value: '0.2', set: 'true' }
|
||||
- { name: 'autovacuum_vacuum_cost_limit', value: '1000', set: 'true' }
|
||||
- { name: 'autovacuum_max_workers', value: '10', set: 'true' }
|
||||
- { name: 'autovacuum_naptime', value: '10', set: 'true' }
|
||||
|
||||
# Streaming replication settings
|
||||
postgresql_streaming_replication: False
|
||||
postgresql_streaming_replication: false
|
||||
postgresql_streaming_replication_primary_node: 'localhost'
|
||||
psql_streaming_replication_hosts:
|
||||
- 'localhost'
|
||||
psql_streaming_replication_user: psql_replica
|
||||
#psql_streaming_replication_pwd: 'use a vault'
|
||||
psql_streaming_replication_config:
|
||||
- { name: 'wal_level', value: 'replica', set: 'True' }
|
||||
- { name: 'max_wal_senders', value: '10', set: 'True' }
|
||||
- { name: 'wal_keep_size', value: '0', set: 'True' }
|
||||
- { name: 'max_slot_wal_keep_size', value: '50MB', set: 'True' }
|
||||
- { name: 'wal_compression', value: 'on', set: 'True' }
|
||||
- { name: 'wal_log_hints', value: 'on', set: 'True' }
|
||||
- { name: 'hot_standby', value: 'on', set: 'True' }
|
||||
- { name: 'archive_mode', value: 'always', set: 'True' }
|
||||
- { name: 'archive_command', value: "cp %p {{ psql_wal_archiving_log_dir }}/%f", set: 'True' }
|
||||
- { name: 'restore_command', value: "cp {{ psql_wal_archiving_log_dir }}/%f %p", set: 'True' }
|
||||
- { name: 'archive_cleanup_command', value: "pg_archivecleanup {{ psql_wal_archiving_log_dir }} %r", set: 'True' }
|
||||
- { name: 'wal_level', value: 'replica', set: 'true' }
|
||||
- { name: 'max_wal_senders', value: '10', set: 'true' }
|
||||
- { name: 'wal_keep_size', value: '0', set: 'true' }
|
||||
- { name: 'max_slot_wal_keep_size', value: '50MB', set: 'true' }
|
||||
- { name: 'wal_compression', value: 'on', set: 'true' }
|
||||
- { name: 'wal_log_hints', value: 'on', set: 'true' }
|
||||
- { name: 'hot_standby', value: 'on', set: 'true' }
|
||||
- { name: 'archive_mode', value: 'always', set: 'true' }
|
||||
- { name: 'archive_command', value: "cp %p {{ psql_wal_archiving_log_dir }}/%f", set: 'true' }
|
||||
- { name: 'restore_command', value: "cp {{ psql_wal_archiving_log_dir }}/%f %p", set: 'true' }
|
||||
- { name: 'archive_cleanup_command', value: "pg_archivecleanup {{ psql_wal_archiving_log_dir }} %r", set: 'true' }
|
||||
|
||||
# SSL as a special case
|
||||
psql_enable_ssl: False
|
||||
psql_force_ssl_client_connection: False
|
||||
psql_enable_ssl: false
|
||||
psql_force_ssl_client_connection: false
|
||||
postgresql_letsencrypt_managed: '{% if letsencrypt_acme_install is defined and letsencrypt_acme_install %}true{% else %}false{% endif %}'
|
||||
psql_ssl_privkey_global_file: '{% if postgresql_letsencrypt_managed %}/var/lib/acme/live/{{ ansible_fqdn }}/privkey{% else %}{{ pki_dir }}/keys/{{ ansible_fqdn}}-key.pem{% endif %}'
|
||||
psql_ssl_privkey_file: /etc/pki/postgresql/postgresql.key
|
||||
|
@ -122,15 +127,15 @@ psql_ssl_cert_file: '{% if postgresql_letsencrypt_managed %}/var/lib/acme/live/{
|
|||
# In CentOS/RHEL is /etc/pki/tls/cert.pem
|
||||
psql_ssl_ca_file: '/etc/ssl/certs/ca-certificates.crt'
|
||||
psql_conf_ssl_parameters:
|
||||
- { name: 'ssl', value: 'true', set: 'True' }
|
||||
- { name: 'ssl_cert_file', value: '{{ psql_ssl_cert_file }}', set: 'True' }
|
||||
- { name: 'ssl_key_file', value: '{{ psql_ssl_privkey_file }}', set: 'True' }
|
||||
- { name: 'ssl_ca_file', value: '{{ psql_ssl_ca_file }}', set: 'True' }
|
||||
- { name: 'ssl', value: 'true', set: 'true' }
|
||||
- { name: 'ssl_cert_file', value: '{{ psql_ssl_cert_file }}', set: 'true' }
|
||||
- { name: 'ssl_key_file', value: '{{ psql_ssl_privkey_file }}', set: 'true' }
|
||||
- { name: 'ssl_ca_file', value: '{{ psql_ssl_ca_file }}', set: 'true' }
|
||||
|
||||
psql_conf_disable_ssl_parameters:
|
||||
- { name: 'ssl', value: 'false', set: 'True' }
|
||||
- { name: 'ssl', value: 'false', set: 'true' }
|
||||
|
||||
psql_set_shared_memory: False
|
||||
psql_set_shared_memory: false
|
||||
psql_sysctl_file: 30-postgresql-shm.conf
|
||||
psql_sysctl_kernel_sharedmem_parameters:
|
||||
- { name: 'kernel.shmmax', value: '33554432' }
|
||||
|
@ -142,14 +147,14 @@ psql_db_pwd: "We cannot save the password into the repository. Use another varia
|
|||
|
||||
#psql_db_data:
|
||||
# Example of line needed to create a db, create the user that owns the db, manage the db accesses (used by iptables too). All the fields are mandatory.
|
||||
#- { name: '{{ psql_db_name }}', encoding: 'UTF8', user: '{{ psql_db_user }}', pwd: '{{ psql_db_pwd }}', roles: 'NOCREATEDB,NOSUPERUSER', extensions: [ 'postgis', 'pgpool_regclass', 'pgpool_recovery' ], allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], managedb: True }
|
||||
#- { name: '{{ psql_db_name }}', encoding: 'UTF8', user: '{{ psql_db_user }}', pwd: '{{ psql_db_pwd }}', roles: 'NOCREATEDB,NOSUPERUSER', extensions: [ 'postgis', 'pgpool_regclass', 'pgpool_recovery' ], allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], managedb: true }
|
||||
# Example of line needed to manage the db accesses (used by iptables too), without creating the db and the user. Useful, for example, to give someone access to the postgresql db
|
||||
#- { name: '{{ psql_db_name }}', user: '{{ psql_db_user }}', allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], managedb: False }
|
||||
#- { name: '{{ psql_db_name }}', user: '{{ psql_db_user }}', allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], managedb: false }
|
||||
# Example of line needed to remove a db, create the user that owns the db, manage the db accesses (used by iptables too). All the fields are mandatory.
|
||||
#- { name: '{{ psql_db_name }}', encoding: 'UTF8', user: '{{ psql_db_user }}', pwd: '{{ psql_db_pwd }}', managedb: True, roles: 'NOCREATEDB,NOSUPERUSER', extensions: [ 'postgis', 'pgpool_regclass', 'pgpool_recovery' ], allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], state=absent }
|
||||
#- { name: '{{ psql_db_name }}', encoding: 'UTF8', user: '{{ psql_db_user }}', pwd: '{{ psql_db_pwd }}', managedb: true, roles: 'NOCREATEDB,NOSUPERUSER', extensions: [ 'postgis', 'pgpool_regclass', 'pgpool_recovery' ], allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], state=absent }
|
||||
|
||||
# postgis
|
||||
postgres_install_gis_extensions: False
|
||||
postgres_install_gis_extensions: false
|
||||
postgres_gis_version: 3
|
||||
postgres_gis_shortver: 3
|
||||
postgres_gis_pkgs:
|
||||
|
@ -160,14 +165,14 @@ postgres_el_gis_pkgs:
|
|||
- 'postgis{{ postgres_gis_shortver }}-{{ psql_version }}-client'
|
||||
|
||||
# Local backup
|
||||
pg_backup_enabled: True
|
||||
pg_backup_enabled: true
|
||||
pg_el_backup_conf_dir: /etc/sysconfig
|
||||
pg_backup_conf_dir: /etc/default
|
||||
pg_backup_bin: /usr/local/sbin/postgresql-backup
|
||||
pg_backup_pgdump_bin: /usr/bin/pg_dump
|
||||
pg_backup_retain_copies: 2
|
||||
pg_backup_build_db_list: "yes"
|
||||
psql_wal_files_archiving_enabled: False
|
||||
psql_wal_files_archiving_enabled: false
|
||||
psql_wal_archiving_log_dir: '{{ psql_data_dir }}/archive_log'
|
||||
psql_base_backup_dir: '{{ pg_backup_base_dir }}/base_backup'
|
||||
# Dynamically created from psql_db_data if pg_backup_db_list is not set
|
||||
|
|
|
@ -1,23 +1,43 @@
|
|||
---
|
||||
- name: Debian or Ubuntu
|
||||
block:
|
||||
- name: Get the signing key for the postgresql.org repository
|
||||
apt_key: url=https://www.postgresql.org/media/keys/ACCC4CF8.asc state=present
|
||||
|
||||
- name: Setup the postgresql.org repository
|
||||
apt_repository: repo='deb http://apt.postgresql.org/pub/repos/apt/ {{ ansible_lsb.codename }}-pgdg main' update_cache=yes
|
||||
|
||||
- name: postgresql_org_repo | Debian or Ubuntu
|
||||
when:
|
||||
- pg_use_postgresql_org_repo
|
||||
- ansible_distribution_file_variety == "Debian"
|
||||
tags: [ 'postgresql', 'postgresql_repo' ]
|
||||
|
||||
- name: EL
|
||||
tags: ['postgresql', 'postgresql_repo']
|
||||
block:
|
||||
- name: Install the pgsql pgdg repository
|
||||
yum: name={{ psql_el_pgdg_repo_url }} state={{ psql_pkg_state }}
|
||||
- name: postgresql_org_repo | Ensure that /etc/apt.d/keyrings exists
|
||||
ansible.builtin.file:
|
||||
dest: /etc/apt.d/keyrings
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0755"
|
||||
- name: postgresql_org_repo | Get the signing key for the postgresql.org repository
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ postgresql_deb_repo_key_url }}"
|
||||
dest: "{{ postgresql_deb_repo_key }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
- name: postgresql_org_repo | Install the repository for Ubuntu
|
||||
ansible.builtin.deb822_repository:
|
||||
name: postgresql-org
|
||||
types: [deb]
|
||||
uris: "{{ postgresql_deb_repository_url }}"
|
||||
components:
|
||||
- main
|
||||
suites: ["{{ postgresql_deb_repository_rel }}"]
|
||||
signed_by: "{{ postgresql_deb_repo_key }}"
|
||||
state: present
|
||||
enabled: true
|
||||
|
||||
- name: postgresql_org_repo | Manage the EL repository
|
||||
when:
|
||||
- pg_use_postgresql_org_repo
|
||||
- ansible_distribution_file_variety == "RedHat"
|
||||
tags: [ 'postgresql', 'postgresql_repo' ]
|
||||
tags: ['postgresql', 'postgresql_repo']
|
||||
block:
|
||||
- name: postgresql_org_repo | Install the pgsql pgdg repository
|
||||
ansible.builtin.yum:
|
||||
name: "{{ psql_el_pgdg_repo_url }}"
|
||||
state: present
|
||||
|
|
Loading…
Reference in New Issue