]> WPIA git - infra.git/blob - environments/production/manifests/postgres-primary.pp
projects / infra.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add: make postgresql write archives
[infra.git] / environments / production / manifests / postgres-primary.pp
1 node postgres-primary {
2   include container::contained
3   include container::no_ssh
4
5   package{ 'postgresql':
6     ensure => 'installed',
7     install_options => ['--no-install-recommends'],
8   }
9
10   class { 'postgresql::globals':
11     version => '9.6',
12   }->
13   class { 'postgresql::server':
14       listen_addresses => '*',
15   } ->
16   postgresql::server::db { 'gigi':
17     require  => Package['postgresql'],
18     user     => 'gigi',
19     password => postgresql_password('gigi', $passwords[postgres][gigi]),
20   }
21   $gigi_ip = $ips[gigi];
22   postgresql::server::pg_hba_rule { 'allow gigi to access its database':
23     require  => Package['postgresql'],
24     description => "Open up PostgreSQL for access from gigi to its database",
25     type        => 'host',
26     database    => 'gigi',
27     user        => 'gigi',
28     address     => "$gigi_ip/32",
29     auth_method => 'md5',
30   }
31
32   postgresql::server::db { 'quiz':
33     require  => Class['postgresql::server'],
34     user     => 'quiz',
35     password => postgresql_password('quiz', $passwords[postgres][quiz]),
36   }
37   postgresql::server::pg_hba_rule { 'allow quiz to access its database':
38     require  => Package['postgresql'],
39     description => "Open up PostgreSQL for access from quiz to its database",
40     type        => 'host',
41     database    => 'quiz',
42     user        => 'quiz',
43     address     => "${ips[quiz]}/32",
44     auth_method => 'md5',
45   }
46   postgresql::server::pg_hba_rule{'allow local replication by postgres':
47     #local   replication     postgres                ident
48     type        => 'local',
49     database    => 'replication',
50     user        => 'postgres',
51     auth_method => 'ident'
52   }
53   postgresql_conf{'archive_mode':
54     target => '/etc/postgresql/9.6/main/postgresql.conf',
55     value => 'on'
56   }
57   file{'/var/lib/postgresql/archive/':
58     ensure => 'directory',
59     owner => 'postgres'
60   } ->
61   postgresql_conf{'archive_command':
62     target => '/etc/postgresql/9.6/main/postgresql.conf',
63     value => 'test ! -f /var/lib/postgresql/archive/%f && cp %p /var/lib/postgresql/archive/%f'
64   }
65   postgresql_conf{'wal_level':
66     target => '/etc/postgresql/9.6/main/postgresql.conf',
67     value => 'replica'
68   }
69 }
WPIA Technical Infrastructure