Compare commits
8 Commits
fddcd4899e
...
ac4fb0c9ca
| Author | SHA1 | Date | |
|---|---|---|---|
ac4fb0c9ca
|
|||
|
d5e3d62522
|
|||
|
061880536b
|
|||
|
9de37cde96
|
|||
|
64d5d34d85
|
|||
|
db9177c9c6
|
|||
|
c92f9157a5
|
|||
|
a89db454d0
|
@@ -24,6 +24,7 @@ cookbook 'composer', '~> 2.7.0'
|
||||
cookbook 'fail2ban', '~> 7.0.4'
|
||||
cookbook 'git', '~> 10.0.0'
|
||||
cookbook 'golang', '~> 5.3.1'
|
||||
cookbook 'homebrew', '>= 6.0.0'
|
||||
cookbook 'hostname', '= 0.4.2'
|
||||
cookbook 'hostsfile', '~> 3.0.1'
|
||||
cookbook 'java', '~> 4.3.0'
|
||||
|
||||
@@ -8,6 +8,7 @@ DEPENDENCIES
|
||||
firewall (~> 6.2.16)
|
||||
git (~> 10.0.0)
|
||||
golang (~> 5.3.1)
|
||||
homebrew (>= 6.0.0)
|
||||
hostname (= 0.4.2)
|
||||
hostsfile (~> 3.0.1)
|
||||
ipfs
|
||||
@@ -62,7 +63,7 @@ GRAPH
|
||||
git (10.0.0)
|
||||
golang (5.3.1)
|
||||
ark (>= 6.0)
|
||||
homebrew (5.4.1)
|
||||
homebrew (6.0.2)
|
||||
hostname (0.4.2)
|
||||
hostsfile (>= 0.0.0)
|
||||
hostsfile (3.0.1)
|
||||
|
||||
4
clients/postgres-11.json
Normal file
4
clients/postgres-11.json
Normal file
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"name": "postgres-11",
|
||||
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1foYpuubS2ovlg3uHO12\nQ/ROZ8MpG+LkCAM46uVfPaoWwfY0vdfMsBOanHDgm9DGUCEBJZ6LPrvCvGXbpPy6\n9GSswK75zVWODblNjvvV4ueGFq4bBFwRuZNjyMlqgyzeU+srZL0ivelu5XEuGuoD\nPYCBKWYqGMz85/eMC7/tinTJtKPyOtXe/G8meji+r7gh3j+ypj/EWeKfcRDa4aGe\n/DmMCurIjjPAXFLMAA6fIqPWVfcPw4APNPE60Z92yPGsTbPu7bL54M5f7udmmu7H\nOgk1HjMAmXCuLDzTkfaxqHP+57yELg/YpXR1E93VmBeQuIBsyOFEk6AmUmA1Ib6e\nnQIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
}
|
||||
4
clients/postgres-12.json
Normal file
4
clients/postgres-12.json
Normal file
@@ -0,0 +1,4 @@
|
||||
{
|
||||
"name": "postgres-12",
|
||||
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mYGrYB8keUKmXA8dhWc\ncCLzp50xR0ajSw+bWYydyRqD5wuEVKjiJu4+G9QmTVXkVgJ+AYI0Y9/WZYpDqVH6\nvLUo6BSNQaWx20q93qIdOGLy8YG3Qyznezk4l8T9u9vWZDyDpKw6gCxzikMkrXxb\n0cqOYtyud8+PtSEEMogSjOKhRURVHlVrlVH3SQO7Whke9rkiFcbXzubsK9yjkUtF\nxZafSoGorOlDsPvFTfYnkepVB+GHcgiribRYSrO+73GypC2kqMhCpWrb6a0VWsP/\nh53+q3JL3vBvdvjcv51Wpf4n6JdnXnQGn2/MdXEzw+NXgjU4/IdYtbORSbaI8F5t\nowIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
}
|
||||
@@ -246,7 +246,7 @@ sudo -u postgres pg_fix_sequences [db_name]
|
||||
|
||||
```bash
|
||||
export NEW_PG_PRIMARY=[private_ip]
|
||||
bundle exec knife ssh roles:ejabberd -a knife_zero.host "sudo sed -r \"s/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s(pg.kosmos.local)/$NEW_PG_PRIMARY\t\1/\" -i /etc/hosts"
|
||||
knife ssh roles:ejabberd -a knife_zero.host "sudo sed -r \"s/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s(pg.kosmos.local)/$NEW_PG_PRIMARY\t\1/\" -i /etc/hosts"
|
||||
```
|
||||
|
||||
Or override node attribute(s) if necessary and/or approporiate.
|
||||
|
||||
@@ -1,16 +1,17 @@
|
||||
{
|
||||
"name": "postgres-6",
|
||||
"name": "postgres-11",
|
||||
"chef_environment": "production",
|
||||
"normal": {
|
||||
"knife_zero": {
|
||||
"host": "10.1.1.196"
|
||||
"host": "10.1.1.91"
|
||||
}
|
||||
},
|
||||
"automatic": {
|
||||
"fqdn": "postgres-6",
|
||||
"fqdn": "postgres-11",
|
||||
"os": "linux",
|
||||
"os_version": "5.4.0-173-generic",
|
||||
"hostname": "postgres-6",
|
||||
"ipaddress": "192.168.122.60",
|
||||
"os_version": "5.15.0-1095-kvm",
|
||||
"hostname": "postgres-11",
|
||||
"ipaddress": "192.168.122.142",
|
||||
"roles": [
|
||||
"base",
|
||||
"kvm_guest",
|
||||
@@ -21,18 +22,20 @@
|
||||
"kosmos-base::default",
|
||||
"kosmos_kvm::guest",
|
||||
"kosmos_postgresql::primary",
|
||||
"kosmos_postgresql::firewall",
|
||||
"kosmos-akkounts::pg_db",
|
||||
"kosmos-bitcoin::lndhub-go_pg_db",
|
||||
"kosmos-bitcoin::nbxplorer_pg_db",
|
||||
"kosmos_drone::pg_db",
|
||||
"kosmos_gitea::pg_db",
|
||||
"kosmos-mastodon::pg_db",
|
||||
"kosmos_postgresql::firewall",
|
||||
"kosmos_postgresql::management_scripts",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
@@ -44,17 +47,17 @@
|
||||
"hostname::default"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "20.04",
|
||||
"platform_version": "22.04",
|
||||
"cloud": null,
|
||||
"chef_packages": {
|
||||
"chef": {
|
||||
"version": "18.4.2",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.4.2/lib",
|
||||
"version": "18.10.17",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.10.17/lib",
|
||||
"chef_effortless": null
|
||||
},
|
||||
"ohai": {
|
||||
"version": "18.1.11",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.11/lib/ohai"
|
||||
"version": "18.2.13",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.2.13/lib/ohai"
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -1,17 +1,17 @@
|
||||
{
|
||||
"name": "postgres-10",
|
||||
"name": "postgres-12",
|
||||
"chef_environment": "production",
|
||||
"normal": {
|
||||
"knife_zero": {
|
||||
"host": "10.1.1.176"
|
||||
"host": "10.1.1.134"
|
||||
}
|
||||
},
|
||||
"automatic": {
|
||||
"fqdn": "postgres-10",
|
||||
"fqdn": "postgres-12",
|
||||
"os": "linux",
|
||||
"os_version": "5.15.0-1095-kvm",
|
||||
"hostname": "postgres-10",
|
||||
"ipaddress": "192.168.122.41",
|
||||
"os_version": "5.15.0-1096-kvm",
|
||||
"hostname": "postgres-12",
|
||||
"ipaddress": "192.168.122.139",
|
||||
"roles": [
|
||||
"base",
|
||||
"kvm_guest",
|
||||
@@ -24,6 +24,7 @@
|
||||
"kosmos_postgresql::hostsfile",
|
||||
"kosmos_postgresql::replica",
|
||||
"kosmos_postgresql::firewall",
|
||||
"kosmos_postgresql::management_scripts",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
@@ -1,62 +0,0 @@
|
||||
{
|
||||
"name": "postgres-8",
|
||||
"chef_environment": "production",
|
||||
"normal": {
|
||||
"knife_zero": {
|
||||
"host": "10.1.1.99"
|
||||
}
|
||||
},
|
||||
"automatic": {
|
||||
"fqdn": "postgres-8",
|
||||
"os": "linux",
|
||||
"os_version": "5.15.0-1059-kvm",
|
||||
"hostname": "postgres-8",
|
||||
"ipaddress": "192.168.122.100",
|
||||
"roles": [
|
||||
"base",
|
||||
"kvm_guest",
|
||||
"postgresql_replica"
|
||||
],
|
||||
"recipes": [
|
||||
"kosmos-base",
|
||||
"kosmos-base::default",
|
||||
"kosmos_kvm::guest",
|
||||
"kosmos_postgresql::hostsfile",
|
||||
"kosmos_postgresql::replica",
|
||||
"kosmos_postgresql::firewall",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
"kosmos-postfix::default",
|
||||
"postfix::default",
|
||||
"postfix::_common",
|
||||
"postfix::_attributes",
|
||||
"postfix::sasl_auth",
|
||||
"hostname::default"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "22.04",
|
||||
"cloud": null,
|
||||
"chef_packages": {
|
||||
"chef": {
|
||||
"version": "18.5.0",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.5.0/lib",
|
||||
"chef_effortless": null
|
||||
},
|
||||
"ohai": {
|
||||
"version": "18.1.11",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.11/lib/ohai"
|
||||
}
|
||||
}
|
||||
},
|
||||
"run_list": [
|
||||
"role[base]",
|
||||
"role[kvm_guest]",
|
||||
"role[postgresql_replica]"
|
||||
]
|
||||
}
|
||||
@@ -1,63 +0,0 @@
|
||||
{
|
||||
"name": "postgres-9",
|
||||
"chef_environment": "production",
|
||||
"normal": {
|
||||
"knife_zero": {
|
||||
"host": "10.1.1.3"
|
||||
}
|
||||
},
|
||||
"automatic": {
|
||||
"fqdn": "postgres-9",
|
||||
"os": "linux",
|
||||
"os_version": "5.15.0-1059-kvm",
|
||||
"hostname": "postgres-9",
|
||||
"ipaddress": "192.168.122.64",
|
||||
"roles": [
|
||||
"base",
|
||||
"kvm_guest",
|
||||
"postgresql_replica"
|
||||
],
|
||||
"recipes": [
|
||||
"kosmos-base",
|
||||
"kosmos-base::default",
|
||||
"kosmos_kvm::guest",
|
||||
"kosmos_postgresql::hostsfile",
|
||||
"kosmos_postgresql::replica",
|
||||
"kosmos_postgresql::firewall",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
"kosmos-postfix::default",
|
||||
"postfix::default",
|
||||
"postfix::_common",
|
||||
"postfix::_attributes",
|
||||
"postfix::sasl_auth",
|
||||
"hostname::default"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "22.04",
|
||||
"cloud": null,
|
||||
"chef_packages": {
|
||||
"chef": {
|
||||
"version": "18.8.54",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.8.54/lib",
|
||||
"chef_effortless": null
|
||||
},
|
||||
"ohai": {
|
||||
"version": "18.2.8",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.2.8/lib/ohai"
|
||||
}
|
||||
}
|
||||
},
|
||||
"run_list": [
|
||||
"role[base]",
|
||||
"role[kvm_guest]",
|
||||
"role[postgresql_replica]"
|
||||
]
|
||||
}
|
||||
@@ -1,12 +1,13 @@
|
||||
name "postgresql_primary"
|
||||
|
||||
run_list %w(
|
||||
kosmos_postgresql::primary
|
||||
kosmos_postgresql::firewall
|
||||
kosmos-akkounts::pg_db
|
||||
kosmos-bitcoin::lndhub-go_pg_db
|
||||
kosmos-bitcoin::nbxplorer_pg_db
|
||||
kosmos_drone::pg_db
|
||||
kosmos_gitea::pg_db
|
||||
kosmos-mastodon::pg_db
|
||||
)
|
||||
run_list [
|
||||
"kosmos_postgresql::primary",
|
||||
"kosmos-akkounts::pg_db",
|
||||
"kosmos-bitcoin::lndhub-go_pg_db",
|
||||
"kosmos-bitcoin::nbxplorer_pg_db",
|
||||
"kosmos_drone::pg_db",
|
||||
"kosmos_gitea::pg_db",
|
||||
"kosmos-mastodon::pg_db",
|
||||
"kosmos_postgresql::firewall",
|
||||
"kosmos_postgresql::management_scripts"
|
||||
]
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
name "postgresql_replica"
|
||||
|
||||
run_list %w(
|
||||
kosmos_postgresql::hostsfile
|
||||
kosmos_postgresql::replica
|
||||
kosmos_postgresql::firewall
|
||||
)
|
||||
run_list [
|
||||
"kosmos_postgresql::hostsfile",
|
||||
"kosmos_postgresql::replica",
|
||||
"kosmos_postgresql::firewall",
|
||||
"kosmos_postgresql::management_scripts"
|
||||
]
|
||||
|
||||
@@ -230,7 +230,6 @@ systemd_unit "akkounts.service" do
|
||||
WorkingDirectory: deploy_path,
|
||||
Environment: "RAILS_ENV=#{rails_env} SOLID_QUEUE_IN_PUMA=true",
|
||||
ExecStart: "#{bundle_path} exec puma -C config/puma.rb --pidfile #{deploy_path}/tmp/puma.pid",
|
||||
ExecStop: "#{bundle_path} exec puma -C config/puma.rb --pidfile #{deploy_path}/tmp/puma.pid stop",
|
||||
ExecReload: "#{bundle_path} exec pumactl -F config/puma.rb --pidfile #{deploy_path}/tmp/puma.pid phased-restart",
|
||||
PIDFile: "#{deploy_path}/tmp/puma.pid",
|
||||
TimeoutSec: "10",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
cd /tmp && \
|
||||
(pg_dumpall --globals-only > globals.sql) && \
|
||||
psql -Atqc "SELECT datname FROM pg_database WHERE datallowconn AND datname NOT IN (''template0'',''postgres'')" | \
|
||||
psql -Atqc "SELECT datname FROM pg_database WHERE datallowconn AND datname NOT IN (''template1'',''postgres'')" | \
|
||||
xargs -I{} -P4 sh -c "
|
||||
pg_dump -Fd -j 4 -d \"{}\" -f dump_{} &&
|
||||
tar -cf - dump_{} | zstd -19 -T0 > dump_{}.tar.zst &&
|
||||
|
||||
@@ -1,5 +1,16 @@
|
||||
#!/bin/bash
|
||||
for db in $(psql -Atqc "SELECT datname FROM pg_database WHERE datallowconn AND datname NOT IN ('template1','postgres')"); do
|
||||
echo "==== DB: $db ===="
|
||||
psql -d "$db" -c "SELECT * FROM pg_stat_subscription;"
|
||||
set -euo pipefail
|
||||
|
||||
psql -Atqc "
|
||||
SELECT datname
|
||||
FROM pg_database
|
||||
WHERE datallowconn
|
||||
AND datname NOT IN ('template1','postgres')
|
||||
" | while read -r db; do
|
||||
result=$(psql -X -At -d "$db" -c "SELECT * FROM pg_stat_subscription;" 2>/dev/null || true)
|
||||
|
||||
if [[ -n "$result" ]]; then
|
||||
echo "==== DB: $db ===="
|
||||
echo "$result"
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -39,13 +39,5 @@ class Chef
|
||||
def postgresql_version
|
||||
node['kosmos_postgresql']['postgresql_version']
|
||||
end
|
||||
|
||||
def postgresql_service
|
||||
"postgresql@#{postgresql_version}-main"
|
||||
end
|
||||
|
||||
def postgresql_data_dir
|
||||
"/var/lib/postgresql/#{postgresql_version}/main"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
@@ -16,16 +16,19 @@ if primary.nil?
|
||||
return
|
||||
end
|
||||
|
||||
postgresql_service_name = "postgresql@#{postgresql_version}-main"
|
||||
postgresql_data_dir = "/var/lib/postgresql/#{postgresql_version}/main"
|
||||
|
||||
# TODO Replace pg.kosmos.local with private IP once available
|
||||
# via proper node attribute
|
||||
# https://gitea.kosmos.org/kosmos/chef/issues/263
|
||||
execute "set up replication" do
|
||||
command <<-EOF
|
||||
systemctl stop #{postgresql_service}
|
||||
systemctl stop #{postgresql_service_name}
|
||||
mv #{postgresql_data_dir} #{postgresql_data_dir}.old
|
||||
pg_basebackup -h pg.kosmos.local -U replication -D #{postgresql_data_dir} -R
|
||||
chown -R postgres:postgres #{postgresql_data_dir}
|
||||
systemctl start #{postgresql_service}
|
||||
systemctl start #{postgresql_service_name}
|
||||
EOF
|
||||
environment 'PGPASSWORD' => postgresql_data_bag_item['replication_password']
|
||||
sensitive true
|
||||
|
||||
@@ -44,13 +44,14 @@ action :create do
|
||||
|
||||
shared_buffers = if node['memory']['total'].to_i / 1024 < 1024 # < 1GB RAM
|
||||
"128MB"
|
||||
else # >= 1GB RAM, use 50% of total RAM
|
||||
"#{node['memory']['total'].to_i / 1024 / 2}MB"
|
||||
else # >= 1GB RAM, use 25% of total RAM
|
||||
"#{node['memory']['total'].to_i / 1024 / 4}MB"
|
||||
end
|
||||
|
||||
additional_config = {
|
||||
max_connections: 200, # default
|
||||
shared_buffers: shared_buffers,
|
||||
work_mem: "4MB",
|
||||
unix_socket_directories: "/var/run/postgresql",
|
||||
dynamic_shared_memory_type: "posix",
|
||||
timezone: "UTC", # default is GMT
|
||||
|
||||
Reference in New Issue
Block a user