-
-
Notifications
You must be signed in to change notification settings - Fork 240
Expand file tree
/
Copy pathsetup-postgres.yml
More file actions
338 lines (304 loc) · 9.28 KB
/
setup-postgres.yml
File metadata and controls
338 lines (304 loc) · 9.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
- name: Postgres - execute debpkg_mode tasks
when:
- debpkg_mode
block:
- name: Postgres - copy package
ansible.builtin.copy:
dest: '/tmp/build/'
src: 'files/postgres/'
- name: Postgres - add PPA
ansible.builtin.apt_repository:
repo: 'deb [ trusted=yes ] file:///tmp/build ./'
state: 'present'
- name: Postgres - install commons
ansible.builtin.apt:
install_recommends: false
name: 'postgresql-common'
- name: Do not create main cluster
ansible.builtin.command:
cmd: sed -ri 's/#(create_main_cluster) .*$/\1 = false/' /etc/postgresql-common/createcluster.conf
- name: Postgres - install server
ansible.builtin.apt:
install_recommends: false
name: "postgresql-{{ postgresql_major_version }}={{ postgresql_release }}-1.pgdg24.04+1"
- name: Postgres - remove PPA
ansible.builtin.apt_repository:
repo: 'deb [ trusted=yes ] file:///tmp/build ./'
state: 'absent'
- name: Postgres - cleanup package
ansible.builtin.file:
path: '/tmp/build'
state: 'absent'
- name: execute stage2_nix tasks
when:
- stage2_nix
block:
- name: install locales
ansible.builtin.apt:
name: 'locales'
state: 'present'
become: true
- name: configure locales
ansible.builtin.lineinfile:
create: true
line: "{{ locale_item }}.UTF-8 UTF-8"
path: '/etc/locale.gen'
state: 'present'
become: true
loop:
- 'C'
- 'en_US'
loop_control:
loop_var: 'locale_item'
- name: locale-gen
ansible.builtin.command:
cmd: 'locale-gen'
become: true
- name: update-locale
ansible.builtin.command:
cmd: 'update-locale'
become: true
- name: execute nixpkg_mode tasks
when:
- nixpkg_mode
block:
# the old method of installing from debian creates this group, but we must create it explicitly
# for the nix built version
- name: create ssl-cert and postgres groups
ansible.builtin.group:
name: "{{ group_item }}"
state: 'present'
loop:
- 'ssl-cert'
- 'postgres'
loop_control:
loop_var: 'group_item'
- name: create postgres user
ansible.builtin.user:
comment: 'PostgreSQL administrator'
create_home: false
group: 'postgres'
groups: 'ssl-cert'
home: '/var/lib/postgresql'
name: 'postgres'
shell: '/bin/bash'
state: 'present'
system: true
become: yes
- name: execute (debpkg_mode or nixpkg_mode) tasks
when:
- (debpkg_mode or nixpkg_mode)
block:
- name: Create relevant directories
ansible.builtin.file:
group: 'postgres'
mode: '0750'
owner: 'postgres'
path: "{{ pg_dir_item }}"
recurse: true
state: 'directory'
loop:
- '/data/pgdata'
- '/home/postgres'
- '/var/lib/postgresql/data'
- '/var/log/postgresql'
- '/etc/postgresql-custom/conf.d'
loop_control:
loop_var: 'pg_dir_item'
- name: Set /var/lib/postgresql to 0755 for nix-profile symlink traversal
ansible.builtin.file:
group: 'postgres'
mode: '0755'
owner: 'postgres'
path: '/var/lib/postgresql'
state: 'directory'
- name: Allow adminapi to write custom config
ansible.builtin.file:
group: 'postgres'
mode: '0775'
owner: 'postgres'
path: "{{ pg_config_dir_item }}"
recurse: true
state: 'directory'
loop:
- '/etc/postgresql'
- '/etc/postgresql-custom'
- '/etc/postgresql-custom/conf.d'
loop_control:
loop_var: 'pg_config_dir_item'
- name: create placeholder config files
ansible.builtin.file:
group: 'postgres'
mode: '0664'
owner: 'postgres'
path: "/etc/postgresql-custom/{{ pg_config_item }}"
state: 'touch'
loop:
- 'custom-overrides.conf'
- 'generated-optimizations.conf'
loop_control:
loop_var: 'pg_config_item'
- name: import postgresql.conf, pg_hba.conf, and pg_ident.conf
ansible.builtin.template:
dest: '/etc/postgresql/{{ pg_config_item }}'
group: 'postgres'
src: 'files/postgresql_config/{{ pg_config_item }}.j2'
loop:
- 'postgresql.conf'
- 'pg_hba.conf'
- 'pg_ident.conf'
loop_control:
loop_var: 'pg_config_item'
- name: Move custom read-replica.conf file to /etc/postgresql-custom/read-replica.conf
ansible.builtin.template:
dest: '/etc/postgresql-custom/read-replica.conf'
mode: '0664'
owner: 'postgres'
group: 'postgres'
src: 'files/postgresql_config/custom_read_replica.conf.j2'
# Install extensions before init
- name: Install Postgres extensions
ansible.builtin.import_tasks:
file: 'tasks/setup-docker.yml'
when:
- (debpkg_mode or stage2_nix)
#stage 2 postgres tasks
- name: stage2 postgres tasks
ansible.builtin.import_tasks:
file: 'tasks/stage2-setup-postgres.yml'
when:
- stage2_nix
# init DB
- name: init the db when (debpkg_mode or nixpkg_mode)
when:
- (debpkg_mode or nixpkg_mode)
block:
- name: Create directory on data volume
ansible.builtin.file:
group: 'postgres'
mode: '0750'
owner: 'postgres'
path: '/data/pgdata'
recurse: true
state: 'directory'
- name: Link database data_dir to data volume directory
ansible.builtin.file:
force: true
path: '/var/lib/postgresql/data'
src: '/data/pgdata'
state: 'link'
- name: Initialize the database
become: true
become_user: 'postgres'
ansible.builtin.command:
cmd: /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data initdb -o "--allow-group-access" -o "--data-checksums" -o "--username=supabase_admin"
vars:
ansible_command_timeout: 60
when:
- debpkg_mode
- name: Make sure .bashrc exists
ansible.builtin.file:
group: 'postgres'
owner: 'postgres'
path: '/var/lib/postgresql/.bashrc'
state: 'touch'
when:
- nixpkg_mode
- name: Check psql_version and modify supautils.conf and postgresql.conf if necessary
when:
- stage2_nix
block:
- name: Check if psql_version is psql_orioledb
ansible.builtin.set_fact:
is_psql_17: "{{ psql_version in ['psql_17'] }}"
is_psql_oriole: "{{ psql_version in ['psql_orioledb-17'] }}"
- name: Initialize the database stage2_nix (non-orioledb)
become: true
become_user: 'postgres'
ansible.builtin.command:
cmd: /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data initdb -o "--allow-group-access" -o "--username=supabase_admin"
environment:
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
LC_ALL: en_US.UTF-8
LC_CTYPE: en_US.UTF-8
LOCALE_ARCHIVE: /usr/lib/locale/locale-archive
vars:
ansible_command_timeout: 60
when:
- not is_psql_oriole
- not is_psql_17
- name: Initialize the database stage2_nix (orioledb)
become: true
become_user: 'postgres'
ansible.builtin.command:
cmd: /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data initdb -o "--allow-group-access" -o "--username=supabase_admin" -o "--locale-provider=icu" -o "--encoding=UTF-8" -o "--icu-locale=en_US.UTF-8"
environment:
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
LC_ALL: en_US.UTF-8
LC_CTYPE: en_US.UTF-8
LOCALE_ARCHIVE: /usr/lib/locale/locale-archive
vars:
ansible_command_timeout: 60
when:
- (is_psql_oriole or is_psql_17)
- name: copy PG and optimizations systemd units
ansible.builtin.template:
dest: "/etc/systemd/system/{{ systemd_svc_item | basename }}"
src: "files/{{ systemd_svc_item }}.j2"
loop:
- 'database-optimizations.service'
- 'postgresql_config/postgresql.service'
loop_control:
loop_var: 'systemd_svc_item'
when:
- (debpkg_mode or stage2_nix)
- name: initialize pg required state
become: true
ansible.builtin.file:
group: 'postgres'
owner: 'postgres'
path: '/run/postgresql'
state: 'directory'
when:
- stage2_nix
- qemu_mode is defined
- name: Restart Postgres Database without Systemd
become: true
become_user: 'postgres'
ansible.builtin.command:
cmd: '/usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data start'
environment:
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
LC_ALL: en_US.UTF-8
LC_CTYPE: en_US.UTF-8
LOCALE_ARCHIVE: /usr/lib/locale/locale-archive
when:
- stage2_nix
# Reload
- name: System - systemd reload
ansible.builtin.systemd_service:
daemon_reload: true
enabled: true
name: 'postgresql'
when:
- (debpkg_mode or stage2_nix)
- name: Add lang and locale items to .bashrc
ansible.builtin.lineinfile:
create: true
dest: '/var/lib/postgresql/.bashrc'
line: "{{ lang_item }}"
become: true
loop:
- 'export LOCALE_ARCHIVE=/usr/lib/locale/locale-archive'
- 'export LANG="en_US.UTF-8"'
- 'export LANGUAGE="en_US.UTF-8"'
- 'export LC_ALL="en_US.UTF-8"'
- 'export LANG="en_US.UTF-8"'
- 'export LC_CTYPE="en_US.UTF-8"'
loop_control:
loop_var: 'lang_item'
when:
- nixpkg_mode