ansible-role-postgresql/tasks/postgres_pgpool.yml

---
- name: Install the packages needed by postgres when running behind a pgpool server
  apt: pkg={{ postgresql_pgpool_pkgs }} state={{ psql_pkg_state }} cache_valid_time=3600
  notify: Restart postgresql
  when:
    - psql_pgpool_install
    - ansible_distribution_file_variety == "Debian"
  tags: [ 'postgresql', 'postgres', 'pgpool' ]

- name: PgPool II configuration
  block:
  - name: Add the postgres user that will manage the recovery, if not postgres
    become: True
    become_user: postgres
    postgresql_user: user={{ pgpool_recovery_user }} password={{ pgpool_recovery_user_pwd }} role_attr_flags=REPLICATION port={{ psql_db_port }}
    when:
      - ('{{ pgpool_recovery_user }}' != 'postgres')
      - pgpool_recovery_user_pwd is defined

  - name: Give access to the pgpool recovery user, if it is not postgres
    lineinfile: name={{ psql_conf_dir }}/pg_hba.conf regexp="^host {{ item.0.name }} {{ pgpool_recovery_user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ pgpool_recovery_user }} {{ item.1 }} md5"
    with_subelements: 
      - '{{ psql_db_data | default([]) }}'
      - allowed_hosts
    when:
      - psql_db_data is defined
      - item.1 is defined
      - pgpool_recovery_user_pwd is defined
    notify: Reload postgresql

  - name: Add the system user that will manage the recovery, if not postgres
    user: user={{ pgpool_recovery_user }} password={{ pgpool_recovery_user_pwd | password_hash('sha512') }} groups=postgres shell=/bin/bash system=yes
    when:
      - ('{{ pgpool_recovery_user }}' != 'postgres')
      - pgpool_recovery_user_pwd is defined

  - name: Create the ssh keys for the recovery user
    user: user={{ pgpool_recovery_user }} generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa ssh_key_type=rsa

  - name: Remember to trust the ssh keys between the two nodes
    debug:
      msg: "Remember to trust the ssh keys between the two nodes. You have to setup the .ssh/authorized_keys manually for the user {{ pgpool_recovery_user }}"

  - name: Install the pgpool recovery and remote restart scripts. They assume that the postgresql hosts can talk to each other
    template: src={{ item.1 }}.j2 dest={{ item.0.backend_data_directory }}/{{ item.1 }} owner=postgres group=postgres mode=0500
    with_nested: 
      - '{{ pgpool_backends | default([]) }}'
      - [ '{{ pgpool_recovery_stage1_script }}', '{{ pgpool_recovery_stage2_script }}', '{{ pgpool_remote_start_script }}' ]

  - name: Set the postgresql configuration parameters needed by pgpool
    action: configfile path={{ psql_conf_dir }}/postgresql.conf key={{ item.name }} value="{{ item.value }}"
    with_items: '{{ psql_wal_files_conf }}'
    when:
      - item.set
      - psql_wal_files_archiving_enabled
    notify: Restart postgresql with pgpool config
    tags: [ 'postgresql', 'postgres', 'pg_conf', 'pgpool' ]

  - name: Ensure that the postgresql config file has the correct permissions
    file: dest={{ psql_conf_dir }}/postgresql.conf owner=root group=postgres mode='0440'
    tags: [ 'postgresql', 'postgres', 'pg_conf', 'pgpool' ]

  - name: Add the pgpool postgres extensions to the template1 dbs
    become: True
    become_user: postgres
    postgresql_ext: name={{ item }} db=template1 port={{ psql_db_port }}
    with_items:
      - pgpool_regclass
      - pgpool_recovery
    tags: [ 'postgresql', 'postgres', 'pg_extensions' ]

  - name: Install the sudoers config that permits the postgres user to restart the service after a recovery
    template: src=postgresql-sudoers.j2 dest=/etc/sudoers.d/postgres-pgpool owner=root group=root mode=0440
    tags: [ 'postgres', 'postgresql', 'sudo', 'pgpool' ]

  - name: Install a script that cleans up the wal log archives
    template: src=postgresql_wal_backup_and_removal.j2 dest=/usr/local/sbin/postgresql_wal_backup_and_removal owner=root group=root mode=0755

  - name: Install a cron job to cleanup the wal log archives
    cron: name="Clean up the postgresql WAL log archives" user=postgres job="/usr/local/sbin/postgresql_wal_backup_and_removal > {{ psql_log_dir }}/wal_removal.log 2>&1" special_time=daily

  tags: [ 'postgresql', 'postgres', 'pgpool' ]
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00			`---`
			`- name: Install the packages needed by postgres when running behind a pgpool server`
			`apt: pkg={{ postgresql_pgpool_pkgs }} state={{ psql_pkg_state }} cache_valid_time=3600`
			`notify: Restart postgresql`
			`when:`
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- psql_pgpool_install`
			`- ansible_distribution_file_variety == "Debian"`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00			`tags: [ 'postgresql', 'postgres', 'pgpool' ]`

Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: PgPool II configuration`
			`block:`
			`- name: Add the postgres user that will manage the recovery, if not postgres`
			`become: True`
			`become_user: postgres`
			`postgresql_user: user={{ pgpool_recovery_user }} password={{ pgpool_recovery_user_pwd }} role_attr_flags=REPLICATION port={{ psql_db_port }}`
			`when:`
			`- ('{{ pgpool_recovery_user }}' != 'postgres')`
			`- pgpool_recovery_user_pwd is defined`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Give access to the pgpool recovery user, if it is not postgres`
Fix the postgresql data dir path. 2021-02-05 13:49:56 +01:00			`lineinfile: name={{ psql_conf_dir }}/pg_hba.conf regexp="^host {{ item.0.name }} {{ pgpool_recovery_user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ pgpool_recovery_user }} {{ item.1 }} md5"`
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`with_subelements:`
			`- '{{ psql_db_data \| default([]) }}'`
			`- allowed_hosts`
			`when:`
			`- psql_db_data is defined`
			`- item.1 is defined`
			`- pgpool_recovery_user_pwd is defined`
			`notify: Reload postgresql`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Add the system user that will manage the recovery, if not postgres`
			`user: user={{ pgpool_recovery_user }} password={{ pgpool_recovery_user_pwd \| password_hash('sha512') }} groups=postgres shell=/bin/bash system=yes`
			`when:`
			`- ('{{ pgpool_recovery_user }}' != 'postgres')`
			`- pgpool_recovery_user_pwd is defined`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Create the ssh keys for the recovery user`
			`user: user={{ pgpool_recovery_user }} generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa ssh_key_type=rsa`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
alert to remember that the ssh setup has a manual step 2021-02-05 17:37:30 +01:00			`- name: Remember to trust the ssh keys between the two nodes`
			`debug:`
			`msg: "Remember to trust the ssh keys between the two nodes. You have to setup the .ssh/authorized_keys manually for the user {{ pgpool_recovery_user }}"`

Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Install the pgpool recovery and remote restart scripts. They assume that the postgresql hosts can talk to each other`
Fix the postgresql data dir path. 2021-02-05 13:49:56 +01:00			`template: src={{ item.1 }}.j2 dest={{ item.0.backend_data_directory }}/{{ item.1 }} owner=postgres group=postgres mode=0500`
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`with_nested:`
			`- '{{ pgpool_backends \| default([]) }}'`
			`- [ '{{ pgpool_recovery_stage1_script }}', '{{ pgpool_recovery_stage2_script }}', '{{ pgpool_remote_start_script }}' ]`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Set the postgresql configuration parameters needed by pgpool`
Fix the postgresql data dir path. 2021-02-05 13:49:56 +01:00			`action: configfile path={{ psql_conf_dir }}/postgresql.conf key={{ item.name }} value="{{ item.value }}"`
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`with_items: '{{ psql_wal_files_conf }}'`
			`when:`
			`- item.set`
			`- psql_wal_files_archiving_enabled`
			`notify: Restart postgresql with pgpool config`
			`tags: [ 'postgresql', 'postgres', 'pg_conf', 'pgpool' ]`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
Ensure the correct permissions of the config files. 2021-02-05 16:15:23 +01:00			`- name: Ensure that the postgresql config file has the correct permissions`
Fix a typo. 2021-02-05 19:50:30 +01:00			`file: dest={{ psql_conf_dir }}/postgresql.conf owner=root group=postgres mode='0440'`
Ensure the correct permissions of the config files. 2021-02-05 16:15:23 +01:00			`tags: [ 'postgresql', 'postgres', 'pg_conf', 'pgpool' ]`

Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Add the pgpool postgres extensions to the template1 dbs`
			`become: True`
			`become_user: postgres`
			`postgresql_ext: name={{ item }} db=template1 port={{ psql_db_port }}`
			`with_items:`
			`- pgpool_regclass`
			`- pgpool_recovery`
			`tags: [ 'postgresql', 'postgres', 'pg_extensions' ]`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
Add support for CentOS. 2020-07-30 14:14:39 +02:00			`- name: Install the sudoers config that permits the postgres user to restart the service after a recovery`
			`template: src=postgresql-sudoers.j2 dest=/etc/sudoers.d/postgres-pgpool owner=root group=root mode=0440`
			`tags: [ 'postgres', 'postgresql', 'sudo', 'pgpool' ]`

			`- name: Install a script that cleans up the wal log archives`
			`template: src=postgresql_wal_backup_and_removal.j2 dest=/usr/local/sbin/postgresql_wal_backup_and_removal owner=root group=root mode=0755`

			`- name: Install a cron job to cleanup the wal log archives`
			`cron: name="Clean up the postgresql WAL log archives" user=postgres job="/usr/local/sbin/postgresql_wal_backup_and_removal > {{ psql_log_dir }}/wal_removal.log 2>&1" special_time=daily`
Import the old role, Ubuntu only. 2020-06-03 19:53:13 +02:00
			`tags: [ 'postgresql', 'postgres', 'pgpool' ]`