Better defaults. Additional tag for the firewalld task.
This commit is contained in:
parent
c314c2f192
commit
a61da112ef
|
@ -55,13 +55,17 @@ psql_el_scl_packages:
|
||||||
- python-psycopg2
|
- python-psycopg2
|
||||||
|
|
||||||
psql_conf_parameters:
|
psql_conf_parameters:
|
||||||
- { name: 'max_connections', value: '100', set: 'False' }
|
- { name: 'max_connections', value: '100', set: 'True' }
|
||||||
- { name: 'shared_buffers', value: '24MB', set: 'False' }
|
- { name: 'shared_buffers', value: '{{ (ansible_memtotal_mb / 4) | int }}MB', set: 'True' }
|
||||||
- { name: 'temp_buffers', value: '8MB', set: 'False' }
|
- { name: 'work_mem', value: '{{ ((ansible_memtotal_mb * 1024) / (400 * ansible_processor_vcpus)) | int }}kB', set: 'True' }
|
||||||
- { name: 'work_mem', value: '1MB', set: 'False' }
|
- { name: 'maintenance_work_mem', value: '{{ (ansible_memtotal_mb / 8) | int }}MB', set: 'True' }
|
||||||
- { name: 'maintenance_work_mem', value: '16MB', set: 'False' }
|
- { name: 'temp_buffers', value: '{{ ansible_memtotal_mb }}kB', set: 'True' }
|
||||||
|
- { name: 'wal_buffers', value: '{{ (ansible_memtotal_mb / 1024 * 2) | int }}MB', set: 'True' }
|
||||||
|
- { name: 'min_wal_size', value: '{{ (ansible_memtotal_mb / 16) | int }}MB', set: 'True' }
|
||||||
|
- { name: 'max_wal_size', value: '{{ (ansible_memtotal_mb / 8) | int }}MB', set: 'True' }
|
||||||
|
- { name: 'effective_cache_size', value: '{{ (ansible_memtotal_mb / 1.3) | int }}MB', set: 'True' }
|
||||||
- { name: 'max_stack_depth', value: '2MB', set: 'False' }
|
- { name: 'max_stack_depth', value: '2MB', set: 'False' }
|
||||||
- { name: 'max_files_per_process', value: '1000', set: 'False' }
|
- { name: 'max_files_per_process', value: '8192', set: 'False' }
|
||||||
|
|
||||||
# logging configuration. Important: the parameters that need a restart must be listed in psql_conf_parameters
|
# logging configuration. Important: the parameters that need a restart must be listed in psql_conf_parameters
|
||||||
psql_log_configuration:
|
psql_log_configuration:
|
||||||
|
@ -90,6 +94,8 @@ psql_autovacuum_configuration:
|
||||||
- { name: 'autovacuum_analyze_threshold', value: '50', set: 'True' }
|
- { name: 'autovacuum_analyze_threshold', value: '50', set: 'True' }
|
||||||
- { name: 'autovacuum_vacuum_scale_factor', value: '0.2', set: 'True' }
|
- { name: 'autovacuum_vacuum_scale_factor', value: '0.2', set: 'True' }
|
||||||
- { name: 'autovacuum_vacuum_cost_limit', value: '1000', set: 'True' }
|
- { name: 'autovacuum_vacuum_cost_limit', value: '1000', set: 'True' }
|
||||||
|
- { name: 'autovacuum_max_workers', value: '10', set: 'True' }
|
||||||
|
- { name: 'autovacuum_naptime', value: '10', set: 'True' }
|
||||||
|
|
||||||
# SSL as a special case
|
# SSL as a special case
|
||||||
psql_enable_ssl: False
|
psql_enable_ssl: False
|
||||||
|
|
|
@ -42,6 +42,7 @@
|
||||||
when:
|
when:
|
||||||
- psql_listen_on_ext_int
|
- psql_listen_on_ext_int
|
||||||
- firewalld_enabled
|
- firewalld_enabled
|
||||||
|
tags: [ 'postgresql', 'postgres', 'pg_hba', 'pg_db', 'firewall', 'iptables_rules' ]
|
||||||
|
|
||||||
- name: Give access to the remote postgresql client
|
- name: Give access to the remote postgresql client
|
||||||
lineinfile: name={{ psql_el_conf_dir }}/pg_hba.conf regexp="^host.* {{ item.0.name }} {{ item.0.user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ item.0.user }} {{ item.1 }} md5" owner=root group=postgres mode='0440'
|
lineinfile: name={{ psql_el_conf_dir }}/pg_hba.conf regexp="^host.* {{ item.0.name }} {{ item.0.user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ item.0.user }} {{ item.1 }} md5" owner=root group=postgres mode='0440'
|
||||||
|
|
Loading…
Reference in New Issue