Remove the postgresql_replica from centaurus, run Chef

I have also deleted the data directory (in /mnt/data)
Update the mastodon-1 node after Chef run
2021-01-23 17:11:45 +01:00 · 2021-01-23 17:11:45 +01:00 · 2021-01-23 17:11:45 +01:00 · 2021-01-23 17:11:45 +01:00 · 2021-01-23 17:11:45 +01:00 · 2021-01-23 17:11:45 +01:00
13 changed files with 18 additions and 89 deletions
--- a/clients/postgres-1.json
+++ b/clients/postgres-1.json
@@ -1,4 +0,0 @@
-{
-  "name": "postgres-1",
-  "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M27iQm/yjXQ3hQ2O2HJ\nJtzB3reCo+Rkb5G8inOgrMPk458vn9NeSjsxtjh0oOZQEFM7tpRa7XVZuR8/H8PX\nvtzDljvmODmZmF+Qdhxw0+gUK/HQKlFAhKCoa3W04UyEJvafG9comNws0X3TWepu\n9RFlTxla9fmj7miXFidTLoNTkm9SbfZTQCBzhUq4QGvRMnbjIQkbkpUgT6WPU3q3\nJDldWk9xBZ7hjTSCN14ASdMVQMQZQlbtxRo2J6pKEdIwkstw+M8BUp2XBHppncpG\n/oY8ov4w9bIBX0U2Qy6lngmZnNYbhQkyxJVoH5qQJusW7EVNNc7QgZ1cujl+F6+A\nWQIDAQAB\n-----END PUBLIC KEY-----\n"
-}
--- a/nodes/akkounts-1.json
+++ b/nodes/akkounts-1.json
@@ -12,11 +12,13 @@
    "hostname": "akkounts-1",
    "ipaddress": "192.168.122.160",
    "roles": [
+      "postgresql_client",
      "akkounts"
    ],
    "recipes": [
      "kosmos-base",
      "kosmos-base::default",
+      "kosmos-postgresql::hostsfile",
      "kosmos-akkounts",
      "kosmos-akkounts::default",
      "kosmos-akkounts::nginx",
@@ -71,4 +73,4 @@
    "recipe[kosmos-base]",
    "role[akkounts]"
  ]
-}
+}
--- a/nodes/centaurus.kosmos.org.json
+++ b/nodes/centaurus.kosmos.org.json
@@ -2,7 +2,7 @@
  "name": "centaurus.kosmos.org",
  "normal": {
    "knife_zero": {
-      "host": "centaurus.kosmos.org"
+      "host": "10.1.1.186"
    }
  },
  "automatic": {
@@ -14,7 +14,6 @@
    "roles": [
      "gitea",
      "postgresql_client",
-      "postgresql_replica",
      "discourse",
      "drone"
    ],
@@ -23,11 +22,10 @@
      "kosmos-base::default",
      "kosmos_encfs",
      "kosmos_encfs::default",
+      "kosmos-postgresql::hostsfile",
      "kosmos_gitea",
      "kosmos_gitea::default",
      "kosmos_gitea::backup",
-      "kosmos-postgresql::replica",
-      "kosmos-postgresql::firewall_replicas",
      "kosmos_discourse",
      "kosmos_discourse::default",
      "kosmos_drone",
@@ -61,8 +59,7 @@
      "kosmos-nginx::firewall",
      "backup::default",
      "logrotate::default",
-      "kosmos-base::letsencrypt",
-      "build-essential::default"
+      "kosmos-base::letsencrypt"
    ],
    "platform": "ubuntu",
    "platform_version": "20.04",
@@ -82,7 +79,6 @@
    "recipe[kosmos-base]",
    "recipe[kosmos_encfs]",
    "role[gitea]",
-    "role[postgresql_replica]",
    "role[discourse]",
    "role[drone]",
    "recipe[kosmos_kvm::host]",
--- a/nodes/ejabberd-1.json
+++ b/nodes/ejabberd-1.json
@@ -21,6 +21,7 @@
    "recipes": [
      "kosmos-base",
      "kosmos-base::default",
+      "kosmos-postgresql::hostsfile",
      "kosmos-ejabberd",
      "kosmos-ejabberd::default",
      "kosmos-ejabberd::letsencrypt",
--- a/nodes/ejabberd-2.json
+++ b/nodes/ejabberd-2.json
@@ -21,6 +21,7 @@
    "recipes": [
      "kosmos-base",
      "kosmos-base::default",
+      "kosmos-postgresql::hostsfile",
      "kosmos-ejabberd",
      "kosmos-ejabberd::default",
      "kosmos-ejabberd::letsencrypt",
--- a/nodes/mastodon-1.json
+++ b/nodes/mastodon-1.json
@@ -18,6 +18,7 @@
    "recipes": [
      "kosmos-base",
      "kosmos-base::default",
+      "kosmos-postgresql::hostsfile",
      "kosmos-mastodon",
      "kosmos-mastodon::default",
      "kosmos-mastodon::nginx",
--- a/nodes/postgres-1.json
+++ b/nodes/postgres-1.json
@@ -1,59 +0,0 @@
-{
-  "name": "postgres-1",
-  "normal": {
-    "knife_zero": {
-      "host": "10.1.1.208"
-    }
-  },
-  "automatic": {
-    "fqdn": "postgres-1",
-    "os": "linux",
-    "os_version": "5.4.0-1026-kvm",
-    "hostname": "postgres-1",
-    "ipaddress": "192.168.122.249",
-    "roles": [
-      "postgresql_replica"
-    ],
-    "recipes": [
-      "kosmos-base",
-      "kosmos-base::default",
-      "kosmos_encfs",
-      "kosmos_encfs::default",
-      "kosmos-postgresql::replica",
-      "kosmos-postgresql::firewall_replicas",
-      "apt::default",
-      "timezone_iii::default",
-      "timezone_iii::debian",
-      "ntp::default",
-      "ntp::apparmor",
-      "kosmos-base::systemd_emails",
-      "apt::unattended-upgrades",
-      "kosmos-base::firewall",
-      "kosmos-postfix::default",
-      "postfix::default",
-      "postfix::_common",
-      "postfix::_attributes",
-      "postfix::sasl_auth",
-      "hostname::default",
-      "build-essential::default"
-    ],
-    "platform": "ubuntu",
-    "platform_version": "20.04",
-    "cloud": null,
-    "chef_packages": {
-      "ohai": {
-        "version": "15.12.0",
-        "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai"
-      },
-      "chef": {
-        "version": "15.14.0",
-        "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.14.0/lib"
-      }
-    }
-  },
-  "run_list": [
-    "recipe[kosmos-base]",
-    "recipe[kosmos_encfs]",
-    "role[postgresql_replica]"
-  ]
-}
--- a/roles/akkounts.rb
+++ b/roles/akkounts.rb
@@ -1,6 +1,7 @@
 name "akkounts"

 default_run_list = %w(
+  role[postgresql_client]
  kosmos-akkounts::default
  kosmos-akkounts::nginx
 )
--- a/roles/mastodon.rb
+++ b/roles/mastodon.rb
@@ -1,7 +1,7 @@
 name "mastodon"

 run_list %w(
+  role[postgresql_client]
  kosmos-mastodon
  kosmos-mastodon::nginx
-  role[postgresql_client]
 )
--- a/roles/postgresql_client.rb
+++ b/roles/postgresql_client.rb
@@ -2,4 +2,6 @@
 # rules to every server that is a PostgreSQL client
 name "postgresql_client"

-run_list []
+run_list %w(
+  kosmos-postgresql::hostsfile
+)
--- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb
+++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb
@@ -138,11 +138,6 @@ ldap_base = "cn=users,dc=kosmos,dc=org"

 admin_users = ejabberd_credentials['admins']

-postgresql_primary_node = postgresql_primary
-postgresql_server = postgresql_primary_node[:ipaddress]
-# PostgreSQL is on the same server, connect through localhost
-postgresql_server = "localhost" if postgresql_primary_node[:hostname] == node[:hostname]
-
 hosts.each do |host|
  ldap_rootdn = "uid=xmpp,ou=#{host[:name]},cn=applications,dc=kosmos,dc=org"

@@ -153,7 +148,7 @@ hosts.each do |host|
    group     'ejabberd'
    sensitive true
    variables pgsql_password: postgresql_data_bag_item['ejabberd_user_password'],
-              sql_server: postgresql_server,
+              sql_server: "pg.kosmos.local",
              host: host,
              ldap_base: ldap_base,
              ldap_server: ldap_domain,
--- a/site-cookbooks/kosmos-mastodon/recipes/default.rb
+++ b/site-cookbooks/kosmos-mastodon/recipes/default.rb
@@ -21,10 +21,6 @@ end
 elasticsearch_service 'elasticsearch'

 postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
-postgresql_primary_node = postgresql_primary
-postgresql_server = postgresql_primary_node[:ipaddress]
-# PostgreSQL is on the same server, connect through localhost
-postgresql_server = "localhost" if postgresql_primary_node[:hostname] == node[:hostname]

 mastodon_path = node["kosmos-mastodon"]["directory"]

@@ -138,7 +134,8 @@ application mastodon_path do
              vapid_private_key: mastodon_credentials['vapid_private_key'],
              vapid_public_key: mastodon_credentials['vapid_public_key'],
              db_pass: postgresql_data_bag_item['mastodon_user_password'],
-              db_host: postgresql_server
+              db_host: "pg.kosmos.local"
+    notifies :restart, "application[#{mastodon_path}]", :delayed
  end

  execute "bundle install" do
--- a/site-cookbooks/kosmos_gitea/recipes/default.rb
+++ b/site-cookbooks/kosmos_gitea/recipes/default.rb
@@ -37,10 +37,6 @@ smtp_credentials = data_bag_item("credentials", "smtp")
 jwt_secret = gitea_data_bag_item["jwt_secret"]
 internal_token = gitea_data_bag_item["internal_token"]
 secret_key = gitea_data_bag_item["secret_key"]
-postgresql_primary_node = postgresql_primary
-postgresql_server = postgresql_primary_node[:ipaddress]
-# PostgreSQL is on the same server, connect through localhost
-postgresql_server = "localhost" if postgresql_primary_node[:hostname] == node[:hostname]

 # Dependency
 package "git"
@@ -110,7 +106,7 @@ template "#{config_directory}/app.ini" do
            jwt_secret: jwt_secret,
            internal_token: internal_token,
            secret_key: secret_key,
-            postgresql_host: "#{postgresql_server}:5432",
+            postgresql_host: "pg.kosmos.local:5432",
            postgresql_password: gitea_data_bag_item["postgresql_password"],
            smtp_host: smtp_credentials["relayhost"],
            smtp_user: smtp_credentials["user_name"],
Author	SHA1	Message	Date
Greg Karékinian	5cb390f340	Remove the postgresql_replica from centaurus, run Chef I have also deleted the data directory (in /mnt/data)	2021-01-23 17:11:45 +01:00
Greg Karékinian	4e1bd458f3	Update the mastodon-1 node after Chef run	2021-01-23 17:11:45 +01:00
Greg Karékinian	40fde8a861	Update the ejabberd nodes after Chef run	2021-01-23 17:11:45 +01:00
Greg Karékinian	39d0304ab4	Update the akkounts-1 node after Chef run	2021-01-23 17:11:45 +01:00
Greg Karékinian	ee7b3626be	Generate a host entry for the current PostgreSQL primary	2021-01-23 17:11:45 +01:00
Greg Karékinian	286cd2f2a3	Move the postgresql_client role to the top We want the host file to be written before database connections happen	2021-01-23 17:11:45 +01:00
Greg Karékinian	1e3a2b40d4	Add the postgresql_client role to the akkounts role	2021-01-23 17:11:45 +01:00
Greg Karékinian	bb0e73d1b9	Switch ejabberd, mastodon and gitea to a hostname for Postgres	2021-01-23 17:11:45 +01:00
Greg Karékinian	fdd70d1872	Remove postgres-1 server It was created with an encfs volume inside a VM, we want full disk encryption instead. I have deleted the VM from centaurus as well as its disk and have also unauthorized its id from the zerotier controller	2021-01-23 17:11:45 +01:00