kosmos/chef

History

Greg Karékinian 254f9020ae Enable firewall rules to allow primary/replica to connect

2020-05-12 12:10:10 +02:00

..

Add a custom resource to set up PostgreSQL 12

2020-05-11 18:23:11 +02:00

Add a custom resource to set up PostgreSQL 12

2020-05-11 18:23:11 +02:00

Enable firewall rules to allow primary/replica to connect

2020-05-12 12:10:10 +02:00

Add a custom resource to set up PostgreSQL 12

2020-05-11 18:23:11 +02:00

Add a custom resource to set up PostgreSQL 12

2020-05-11 18:23:11 +02:00

.gitignore

Add initial kosmos-postgresql cookbook

2019-04-03 11:34:34 +02:00

Berksfile

Add initial kosmos-postgresql cookbook

2019-04-03 11:34:34 +02:00

CHANGELOG.md

Remove boilerplate from the CHANGELOG

2019-04-12 11:42:29 +02:00

chefignore

Add initial kosmos-postgresql cookbook

2019-04-03 11:34:34 +02:00

LICENSE

Change the licenses of hte kosmos cookbooks to MIT

2019-04-12 11:41:20 +02:00

metadata.rb

Add a custom resource to set up PostgreSQL 12

2020-05-11 18:23:11 +02:00

README.md

Add a custom resource to set up PostgreSQL 12

2020-05-11 18:23:11 +02:00

README.md

kosmos-postgresql

Custom resources

`postgresql_custom_server`

Usage:

When the tls attribute is set to true, a TLS certificate for the FQDN (node['fqdn'], for example andromeda.kosmos.org) is generated using Let's Encrypt and copied to the PostgreSQL data directory and added to the postgresql.conf file

On the primary:

postgresql_custom_server "12" do
  role "primary"
  tls true
end

On a replica:

postgresql_custom_server "12" do
  role "primary"
  tls true
end

After the initial Chef run on the replica, run Chef on the primary to add the firewall rules and PostgreSQL access rules, then run Chef again on the replica to set up replication.

Caveat

firewall_rules and postgresql_access need to be declared in recipes, not resources because of the way custom resources work currently in Chef