]> WPIA git - infra.git/blob - environments/production/manifests/postgres-primary.pp
projects / infra.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fix: replication needs max_wal_senders
[infra.git] / environments / production / manifests / postgres-primary.pp
1 node postgres-primary {
2   include container::contained
3   include container::no_ssh
4
5   exec { 'backup installed':
6     before => Package['postgresql'],
7     notify => Exec['backup permissions corrected'],
8     command => '! [ -f /var/lib/postgresql/9.6/main/PG_VERSION ] && mkdir -p /var/lib/postgresql/9.6/main && tar xzf /var/lib/postgresql/pg_base.tar.gz -C /var/lib/postgresql/9.6/main',
9     onlyif => '[ -f /var/lib/postgresql/pg_base.tar.gz ]',
10     provider => 'shell'
11   }
12   package{ 'postgresql':
13     ensure => 'installed',
14     install_options => ['--no-install-recommends'],
15   }->
16   class { 'postgresql::globals':
17     version => '9.6',
18   }->
19   class { 'postgresql::server':
20       listen_addresses => '*',
21   }
22   exec { 'backup permissions corrected':
23     require => Class['postgresql::server::install'],
24     before => Class['postgresql::server::initdb'],
25     command => 'chown -R postgres:postgres /var/lib/postgresql && rm /var/lib/postgresql/pg_base.tar.gz',
26     onlyif => '[ -f /var/lib/postgresql/pg_base.tar.gz ]',
27     refreshonly => 'true',
28     provider => 'shell'
29   }
30   postgresql::server::db { 'gigi':
31     require  => Package['postgresql'],
32     user     => 'gigi',
33     password => postgresql_password('gigi', $passwords[postgres][gigi]),
34   }
35   $gigi_ip = $ips[gigi];
36   postgresql::server::pg_hba_rule { 'allow gigi to access its database':
37     require  => Package['postgresql'],
38     description => "Open up PostgreSQL for access from gigi to its database",
39     type        => 'host',
40     database    => 'gigi',
41     user        => 'gigi',
42     address     => "$gigi_ip/32",
43     auth_method => 'md5',
44   }
45
46   postgresql::server::db { 'quiz':
47     require  => Exec['backup installed'],
48     user     => 'quiz',
49     password => postgresql_password('quiz', $passwords[postgres][quiz]),
50   }
51   postgresql::server::pg_hba_rule { 'allow quiz to access its database':
52     require  => Package['postgresql'],
53     description => "Open up PostgreSQL for access from quiz to its database",
54     type        => 'host',
55     database    => 'quiz',
56     user        => 'quiz',
57     address     => "${ips[quiz]}/32",
58     auth_method => 'md5',
59   }
60   postgresql::server::pg_hba_rule{'allow local replication by postgres':
61     #local   replication     postgres                ident
62     type        => 'local',
63     database    => 'replication',
64     user        => 'postgres',
65     auth_method => 'ident'
66   }
67   postgresql_conf{'archive_mode':
68     target => '/etc/postgresql/9.6/main/postgresql.conf',
69     value => 'on'
70   }
71   file{'/var/lib/postgresql/archive/':
72     require  => Exec['backup permissions corrected'],
73     ensure => 'directory',
74     owner => 'postgres'
75   } ->
76   postgresql_conf{'archive_command':
77     target => '/etc/postgresql/9.6/main/postgresql.conf',
78     value => 'test ! -f /var/lib/postgresql/archive/%f && cp %p /var/lib/postgresql/archive/%f'
79   }
80   postgresql_conf{'wal_level':
81     target => '/etc/postgresql/9.6/main/postgresql.conf',
82     value => 'replica'
83   }
84   postgresql_conf{'max_wal_senders':
85     target => '/etc/postgresql/9.6/main/postgresql.conf',
86     value => '2'
87   }
88 }
WPIA Technical Infrastructure