From f6086e2f6a38d5a0688284dab2575010f97c373c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Thu, 7 Jan 2021 12:02:35 +0100
Subject: [PATCH 1/2] Add the firewall rules to the postgresql role

---
 nodes/centaurus.kosmos.org.json |  3 +--
 nodes/draco.kosmos.org.json     | 10 +++++-----
 roles/postgresql_primary.rb     |  1 +
 roles/postgresql_replica.rb     |  1 +
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/nodes/centaurus.kosmos.org.json b/nodes/centaurus.kosmos.org.json
index 59c6b79..38bc7d4 100644
--- a/nodes/centaurus.kosmos.org.json
+++ b/nodes/centaurus.kosmos.org.json
@@ -27,13 +27,13 @@
       "kosmos_gitea::default",
       "kosmos_gitea::backup",
       "kosmos-postgresql::replica",
+      "kosmos-postgresql::firewall_replicas",
       "kosmos_discourse",
       "kosmos_discourse::default",
       "kosmos_drone",
       "kosmos_drone::default",
       "kosmos_kvm::host",
       "kosmos-ejabberd::firewall",
-      "kosmos-postgresql::firewall_replicas",
       "kosmos_zerotier::firewall",
       "apt::default",
       "timezone_iii::default",
@@ -87,7 +87,6 @@
     "role[drone]",
     "recipe[kosmos_kvm::host]",
     "recipe[kosmos-ejabberd::firewall]",
-    "recipe[kosmos-postgresql::firewall_replicas]",
     "recipe[kosmos_zerotier::firewall]"
   ]
 }
\ No newline at end of file
diff --git a/nodes/draco.kosmos.org.json b/nodes/draco.kosmos.org.json
index f463aad..ece1685 100644
--- a/nodes/draco.kosmos.org.json
+++ b/nodes/draco.kosmos.org.json
@@ -12,19 +12,20 @@
     "hostname": "draco",
     "ipaddress": "148.251.237.73",
     "roles": [
-      "postgresql_replica"
+      "postgresql_primary"
     ],
     "recipes": [
       "kosmos-base",
       "kosmos-base::default",
       "kosmos_encfs",
       "kosmos_encfs::default",
-      "kosmos-postgresql::replica",
+      "kosmos-postgresql",
+      "kosmos-postgresql::default",
+      "kosmos-postgresql::firewall_replicas",
       "kosmos_kvm::host",
       "kosmos-ejabberd::firewall",
       "kosmos-ipfs::firewall_swarm",
       "kosmos-ipfs::firewall_public_gateway",
-      "kosmos-postgresql::firewall_replicas",
       "kosmos-bitcoin::firewall",
       "kosmos_zerotier::firewall",
       "kosmos-nginx::firewall",
@@ -62,12 +63,11 @@
   "run_list": [
     "recipe[kosmos-base]",
     "recipe[kosmos_encfs]",
-    "role[postgresql_replica]",
+    "role[postgresql_primary]",
     "recipe[kosmos_kvm::host]",
     "recipe[kosmos-ejabberd::firewall]",
     "recipe[kosmos-ipfs::firewall_swarm]",
     "recipe[kosmos-ipfs::firewall_public_gateway]",
-    "recipe[kosmos-postgresql::firewall_replicas]",
     "recipe[kosmos-bitcoin::firewall]",
     "recipe[kosmos_zerotier::firewall]",
     "recipe[kosmos-nginx::firewall]"
diff --git a/roles/postgresql_primary.rb b/roles/postgresql_primary.rb
index 0cb0ccd..16db3d9 100644
--- a/roles/postgresql_primary.rb
+++ b/roles/postgresql_primary.rb
@@ -2,4 +2,5 @@ name "postgresql_primary"
 
 run_list %w(
   kosmos-postgresql::default
+  kosmos-postgresql::firewall_replicas
 )
diff --git a/roles/postgresql_replica.rb b/roles/postgresql_replica.rb
index 8ee5100..3b247b2 100644
--- a/roles/postgresql_replica.rb
+++ b/roles/postgresql_replica.rb
@@ -2,4 +2,5 @@ name "postgresql_replica"
 
 run_list %w(
   kosmos-postgresql::replica
+  kosmos-postgresql::firewall_replicas
 )

From af547772509f3d89632b1aaf1da1bb5b1a0481f1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Thu, 7 Jan 2021 12:04:21 +0100
Subject: [PATCH 2/2] Create postgresql-1 VM

Refs #280
---
 clients/postgres-1.json |  4 +++
 nodes/postgres-1.json   | 59 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 clients/postgres-1.json
 create mode 100644 nodes/postgres-1.json

diff --git a/clients/postgres-1.json b/clients/postgres-1.json
new file mode 100644
index 0000000..ff604f3
--- /dev/null
+++ b/clients/postgres-1.json
@@ -0,0 +1,4 @@
+{
+  "name": "postgres-1",
+  "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M27iQm/yjXQ3hQ2O2HJ\nJtzB3reCo+Rkb5G8inOgrMPk458vn9NeSjsxtjh0oOZQEFM7tpRa7XVZuR8/H8PX\nvtzDljvmODmZmF+Qdhxw0+gUK/HQKlFAhKCoa3W04UyEJvafG9comNws0X3TWepu\n9RFlTxla9fmj7miXFidTLoNTkm9SbfZTQCBzhUq4QGvRMnbjIQkbkpUgT6WPU3q3\nJDldWk9xBZ7hjTSCN14ASdMVQMQZQlbtxRo2J6pKEdIwkstw+M8BUp2XBHppncpG\n/oY8ov4w9bIBX0U2Qy6lngmZnNYbhQkyxJVoH5qQJusW7EVNNc7QgZ1cujl+F6+A\nWQIDAQAB\n-----END PUBLIC KEY-----\n"
+}
\ No newline at end of file
diff --git a/nodes/postgres-1.json b/nodes/postgres-1.json
new file mode 100644
index 0000000..5dbad0d
--- /dev/null
+++ b/nodes/postgres-1.json
@@ -0,0 +1,59 @@
+{
+  "name": "postgres-1",
+  "normal": {
+    "knife_zero": {
+      "host": "10.1.1.208"
+    }
+  },
+  "automatic": {
+    "fqdn": "postgres-1",
+    "os": "linux",
+    "os_version": "5.4.0-1026-kvm",
+    "hostname": "postgres-1",
+    "ipaddress": "192.168.122.249",
+    "roles": [
+      "postgresql_replica"
+    ],
+    "recipes": [
+      "kosmos-base",
+      "kosmos-base::default",
+      "kosmos_encfs",
+      "kosmos_encfs::default",
+      "kosmos-postgresql::replica",
+      "kosmos-postgresql::firewall_replicas",
+      "apt::default",
+      "timezone_iii::default",
+      "timezone_iii::debian",
+      "ntp::default",
+      "ntp::apparmor",
+      "kosmos-base::systemd_emails",
+      "apt::unattended-upgrades",
+      "kosmos-base::firewall",
+      "kosmos-postfix::default",
+      "postfix::default",
+      "postfix::_common",
+      "postfix::_attributes",
+      "postfix::sasl_auth",
+      "hostname::default",
+      "build-essential::default"
+    ],
+    "platform": "ubuntu",
+    "platform_version": "20.04",
+    "cloud": null,
+    "chef_packages": {
+      "ohai": {
+        "version": "15.12.0",
+        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai"
+      },
+      "chef": {
+        "version": "15.14.0",
+        "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib"
+      }
+    }
+  },
+  "run_list": [
+    "recipe[kosmos-base]",
+    "recipe[kosmos_encfs]",
+    "role[postgresql_replica]"
+  ]
+}
\ No newline at end of file