Add a custom resource to set up PostgreSQL 12

Supports both primary and replica. The access rules and firewall have to
be set up outside of the custom resource, so they are part of the
recipes instead

Refs #160

site-cookbooks/kosmos-postgresql/recipes/default.rb

@@ -24,28 +24,30 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-return if platform?('ubuntu') && node[:platform_version].to_f < 18.04
+postgresql_version = "12"
+postgresql_service = "postgresql@#{postgresql_version}-main"
 
-node.override['build-essential']['compile_time'] = true
-include_recipe 'build-essential::default'
-
-package("libpq-dev") { action :nothing }.run_action(:install)
-
-chef_gem 'pg' do
-  compile_time true
+postgresql_custom_server postgresql_version do
+  role "primary"
+  tls true unless node.chef_environment == "development"
 end
 
-postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
-
-postgresql_server_install "main" do
-  version "10"
-  setup_repo false
-  password postgresql_data_bag_item['server_password']
-  action :install
+service postgresql_service do
+  supports restart: true, status: true, reload: true
+  action [:enable]
 end
 
-postgresql_client_install "main" do
-  version "10"
-  setup_repo false
-  action :install
+postgresql_replicas.each do |replica|
+  postgresql_access "#{replica[:hostname]} replication" do
+    access_type "host"
+    access_db "replication"
+    access_user "replication"
+    access_addr "#{replica[:ipaddress]}/32"
+    access_method "md5"
+    # notification does not work, as postgresql_access always says the
+    # resource was already up to date
+    notifies :reload, "service[#{postgresql_service}]", :immediately
+  end
 end
+
+include_recipe "kosmos-postgresql::firewall"