kosmos/chef
8
3
Fork 0
Code Issues 34 Pull Requests 3 Projects 2 Activity

Add a custom resource to set up PostgreSQL 12

Browse Source 
Supports both primary and replica. The access rules and firewall have to
be set up outside of the custom resource, so they are part of the
recipes instead

Refs #160
This commit is contained in:
Greg Karékinian
2020-05-11 18:18:21 +02:00
parent 136fc84c4f
commit 21119fff08
9 changed files with 339 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
site-cookbooks/kosmos-postgresql/README.md
View File

@@ -1,4 +1,41 @@
# kosmos-postgresql
TODO: Enter the cookbook description here.
## Custom resources
### `postgresql_custom_server`
Usage:
When the `tls` attribute is set to true, a TLS certificate for the FQDN
(`node['fqdn']`, for example `andromeda.kosmos.org`) is generated using Let's
Encrypt and copied to the PostgreSQL data directory and added to the
`postgresql.conf` file
#### On the primary:
```ruby
postgresql_custom_server "12" do
role "primary"
tls true
end
```
#### On a replica:
```ruby
postgresql_custom_server "12" do
role "primary"
tls true
end
```
After the initial Chef run on the replica, run Chef on the primary to add the
firewall rules and PostgreSQL access rules, then run Chef again on the replica
to set up replication.
#### Caveat
[`firewall_rules`](https://github.com/chef-cookbooks/firewall/issues/134) and
[`postgresql_access`](https://github.com/sous-chefs/postgresql/issues/648) need
to be declared in recipes, not resources because of the way custom resources
work currently in Chef