--- /dev/null
+params:
+ db_synchronous_commit: "off"
+ db_shared_buffers: "256MB"
+ db_work_mem: "10MB"
+ db_default_text_search_config: "pg_catalog.english"
+ db_name: discourse
+ db_user: discourse
+ db_wal_level: minimal
+ db_max_wal_senders: 0
+ db_checkpoint_segments: 6
+ db_logging_collector: off
+ db_log_min_duration_statement: 100
+
+
+hooks:
+ before_code:
+ - replace:
+ filename: /etc/service/unicorn/run
+ from: "# postgres"
+ to: sv start postgres || exit 1
+
+run:
+ - exec: mkdir -p /shared/postgres_run
+ - exec: chown postgres:postgres /shared/postgres_run
+ - exec: chmod 775 /shared/postgres_run
+ - exec: rm -fr /var/run/postgresql
+ - exec: ln -s /shared/postgres_run /var/run/postgresql
+ - exec: socat /dev/null UNIX-CONNECT:/shared/postgres_run/.s.PGSQL.5432 || exit 0 && echo postgres already running stop container ; exit 1
+ - exec: rm -fr /shared/postgres_run/.s*
+ - exec: rm -fr /shared/postgres_run/*.pid
+ - exec: mkdir -p /shared/postgres_run/9.5-main.pg_stat_tmp
+ - exec: chown postgres:postgres /shared/postgres_run/9.5-main.pg_stat_tmp
+ - file:
+ path: /etc/service/postgres/run
+ chmod: "+x"
+ contents: |
+ #!/bin/sh
+ exec 2>&1
+ echo -1000 >/proc/self/oom_score_adj
+ HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/9.5/bin/postmaster -D /etc/postgresql/9.5/main
+
+ - file:
+ path: /etc/runit/3.d/99-postgres
+ chmod: "+x"
+ contents: |
+ #!/bin/bash
+ sv stop postgres
+
+ - exec:
+ cmd:
+ - chown -R root /var/lib/postgresql/9.5/main
+ - "[ ! -e /shared/postgres_data ] && install -d -m 0755 -o postgres -g postgres /shared/postgres_data && sudo -E -u postgres /usr/lib/postgresql/9.5/bin/initdb -D /shared/postgres_data || exit 0"
+ - chown -R postgres:postgres /shared/postgres_data
+ - chown -R postgres:postgres /var/run/postgresql
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: "data_directory = '/var/lib/postgresql/9.5/main'"
+ to: "data_directory = '/shared/postgres_data'"
+
+ # listen on all interfaces
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?listen_addresses *=.*/
+ to: "listen_addresses = '*'"
+
+ # sync commit off is faster and less spiky, also marginally less safe
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?synchronous_commit *=.*/
+ to: "synchronous_commit = $db_synchronous_commit"
+
+ # default is 128MB which is way too small
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?shared_buffers *=.*/
+ to: "shared_buffers = $db_shared_buffers"
+
+ # default is 1MB which is too small
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?work_mem *=.*/
+ to: "work_mem = $db_work_mem"
+
+ # allow for other
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?default_text_search_config *=.*/
+ to: "default_text_search_config = '$db_default_text_search_config'"
+
+ # Necessary to enable backups
+ - exec:
+ cmd:
+ - install -d -m 0755 -o postgres -g postgres /shared/postgres_backup
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?max_wal_senders *=.*/
+ to: "max_wal_senders = $db_max_wal_senders"
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?wal_level *=.*/
+ to: "wal_level = $db_wal_level"
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?checkpoint_segments *=.*/
+ to: "checkpoint_segments = $db_checkpoint_segments"
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?logging_collector *=.*/
+ to: "logging_collector = $db_logging_collector"
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/postgresql.conf"
+ from: /#?log_min_duration_statement *=.*/
+ to: "log_min_duration_statement = $db_log_min_duration_statement"
+
+ - replace:
+ filename: "/etc/postgresql/9.5/main/pg_hba.conf"
+ from: /^#local +replication +postgres +peer$/
+ to: "local replication postgres peer"
+
+ # allow all to connect in with md5 auth
+ - replace:
+ filename: "/etc/postgresql/9.5/main/pg_hba.conf"
+ from: /^host.*all.*all.*127.*$/
+ to: "host all all 0.0.0.0/0 md5"
+
+ - exec:
+ background: true
+ # use fast shutdown for pg
+ stop_signal: INT
+ cmd: HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/9.5/bin/postmaster -D /etc/postgresql/9.5/main
+
+ # give db a few secs to start up
+ - exec: "sleep 5"
+
+ - exec: su postgres -c 'createdb $db_name' || true
+ - exec: su postgres -c 'psql $db_name -c "create user $db_user;"' || true
+ - exec: su postgres -c 'psql $db_name -c "grant all privileges on database $db_name to $db_user;"' || true
+ - exec: su postgres -c 'psql $db_name -c "alter schema public owner to $db_user;"'
+ - exec: su postgres -c 'psql template1 -c "create extension if not exists hstore;"'
+ - exec: su postgres -c 'psql template1 -c "create extension if not exists pg_trgm;"'
+ - exec: su postgres -c 'psql $db_name -c "create extension if not exists hstore;"'
+ - exec: su postgres -c 'psql $db_name -c "create extension if not exists pg_trgm;"'
+ - exec:
+ stdin: |
+ update pg_database set encoding = pg_char_to_encoding('UTF8') where datname = '$db_name' AND encoding = pg_char_to_encoding('SQL_ASCII');
+ cmd: sudo -u postgres psql $db_name
+ raise_on_fail: false
+
+ - file:
+ path: /var/lib/postgresql/take-database-backup
+ chown: postgres:postgres
+ chmod: "+x"
+ contents: |
+ #!/bin/bash
+ ID=db-$(date +%F_%T)
+ FILENAME=/shared/postgres_backup/$ID.tar.gz
+ pg_basebackup --format=tar --pgdata=- --xlog --gzip --label=$ID > $FILENAME
+ echo $FILENAME
+
+ - file:
+ path: /var/spool/cron/crontabs/postgres
+ contents: |
+ # m h dom mon dow command
+ #MAILTO=?
+ #0 */4 * * * /var/lib/postgresql/take-database-backup
+
+ - exec:
+ hook: postgres
+ cmd: "echo postgres installed!"