From: Michael Brown Date: Wed, 15 Jul 2020 15:56:46 +0000 (-0400) Subject: Update postgres templates (#472) X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=278b7793431e0581465f606f89a84642f65c2c97;p=discourse_docker.git Update postgres templates (#472) * postgres: Allow replication and basebackups to happen * the overrides for db_wal_level and db_max_wal_senders disallow replication and basebackups to be taken * there is no need for us to disable these features, allow the defaults to stay * postgres: remove out-of-support templates * taken from https://www.postgresql.org/support/versioning/ : * postgres 9.2 and 9.3 are no longer supported * 9.5 will be supported until February 11, 2021: --- diff --git a/templates/postgres.10.template.yml b/templates/postgres.10.template.yml index fb5b252..c60350c 100644 --- a/templates/postgres.10.template.yml +++ b/templates/postgres.10.template.yml @@ -5,8 +5,6 @@ params: db_default_text_search_config: "pg_catalog.english" db_name: discourse db_user: discourse - db_wal_level: minimal - db_max_wal_senders: 0 db_checkpoint_segments: 6 db_logging_collector: off db_log_min_duration_statement: 100 diff --git a/templates/postgres.12.template.yml b/templates/postgres.12.template.yml index 20cd5d8..b4b76f5 100644 --- a/templates/postgres.12.template.yml +++ b/templates/postgres.12.template.yml @@ -5,8 +5,6 @@ params: db_default_text_search_config: "pg_catalog.english" db_name: discourse db_user: discourse - db_wal_level: minimal - db_max_wal_senders: 0 db_checkpoint_segments: 6 db_logging_collector: off db_log_min_duration_statement: 100 diff --git a/templates/postgres.9.2.template.yml b/templates/postgres.9.2.template.yml deleted file mode 100644 index b716877..0000000 --- a/templates/postgres.9.2.template.yml +++ /dev/null @@ -1,97 +0,0 @@ -hooks: - before_code: - - replace: - filename: /etc/service/unicorn/run - from: "# postgres" - to: sv start postgres || exit 1 - -run: - - exec: mkdir -p /shared/postgres_run - - exec: chown postgres:postgres /shared/postgres_run - - exec: chmod 775 /shared/postgres_run - - exec: rm -fr /var/run/postgresql - - exec: ln -s /shared/postgres_run /var/run/postgresql - - exec: socat /dev/null UNIX-CONNECT:/shared/postgres_run/.s.PGSQL.5432 || exit 0 && echo postgres already running stop container ; exit 1 - - file: - path: /etc/service/postgres/run - chmod: "+x" - contents: | - #!/bin/sh - exec 2>&1 - exec sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main - - - exec: - cmd: - - chown -R root /var/lib/postgresql/9.2/main - - "[ ! -e /shared/postgres_data ] && install -d -m 0755 -o postgres -g postgres /shared/postgres_data && sudo -u postgres /usr/lib/postgresql/9.2/bin/initdb -D /shared/postgres_data || exit 0" - - chown -R postgres:postgres /shared/postgres_data - - - replace: - filename: "/etc/postgresql/9.2/main/postgresql.conf" - from: "data_directory = '/var/lib/postgresql/9.2/main'" - to: "data_directory = '/shared/postgres_data'" - - # listen on all interfaces - - replace: - filename: "/etc/postgresql/9.2/main/postgresql.conf" - from: /#?listen_addresses *=.*/ - to: "listen_addresses = '*'" - - # Necessary to enable backups - - exec: - cmd: - - install -d -m 0755 -o postgres -g postgres /shared/postgres_backup - - - replace: - filename: "/etc/postgresql/9.2/main/postgresql.conf" - from: /#?max_wal_senders *=.*/ - to: "max_wal_senders = 4" - - - replace: - filename: "/etc/postgresql/9.2/main/postgresql.conf" - from: /#?wal_level *=.*/ - to: "wal_level = hot_standby" - - - replace: - filename: "/etc/postgresql/9.2/main/pg_hba.conf" - from: /^#local +replication +postgres +peer$/ - to: "local replication postgres peer" - - # allow all to connect in with md5 auth - - replace: - filename: "/etc/postgresql/9.2/main/pg_hba.conf" - from: /^host.*all.*all.*127.*$/ - to: "host all all 0.0.0.0/0 md5" - - - exec: - background: true - cmd: "sudo -u postgres /usr/lib/postgresql/9.2/bin/postmaster -D /etc/postgresql/9.2/main" - - # give db a few secs to start up - - exec: "sleep 5" - - - exec: sudo -u postgres createdb discourse || exit 0 - - exec: - stdin: | - create user discourse; - cmd: sudo -u postgres psql discourse - raise_on_fail: false - - - exec: - stdin: | - grant all privileges on database discourse to discourse; - cmd: sudo -u postgres psql discourse - raise_on_fail: false - - - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "alter schema public owner to discourse;"' - - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists hstore;"' - - exec: /bin/bash -c 'sudo -u postgres psql discourse <<< "create extension if not exists pg_trgm;"' - - exec: - stdin: | - update pg_database set encoding = pg_char_to_encoding('UTF8') where datname = 'discourse' AND encoding = pg_encoding_to_char('SQL_ASCII'); - cmd: sudo -u postgres psql discourse - raise_on_fail: false - - - exec: - hook: postgres - cmd: "echo postgres installed!" diff --git a/templates/postgres.9.3.template.yml b/templates/postgres.9.3.template.yml deleted file mode 100644 index dc90025..0000000 --- a/templates/postgres.9.3.template.yml +++ /dev/null @@ -1,182 +0,0 @@ -params: - db_synchronous_commit: "off" - db_shared_buffers: "256MB" - db_work_mem: "10MB" - db_default_text_search_config: "pg_catalog.english" - db_name: discourse - db_user: discourse - db_wal_level: minimal - db_max_wal_senders: 0 - db_checkpoint_segments: 6 - db_logging_collector: off - db_log_min_duration_statement: 100 - - -hooks: - before_code: - - replace: - filename: /etc/service/unicorn/run - from: "# postgres" - to: sv start postgres || exit 1 - -run: - - exec: apt-get remove -y postgresql-9.5 postgresql-client-9.5 postgresql-contrib-9.5 - - exec: apt-get update && apt-get install -y postgresql-9.3 postgresql-client-9.3 postgresql-contrib-9.3 - - exec: /etc/init.d/postgresql stop - - exec: mkdir -p /shared/postgres_run - - exec: chown postgres:postgres /shared/postgres_run - - exec: chmod 775 /shared/postgres_run - - exec: rm -fr /var/run/postgresql - - exec: ln -s /shared/postgres_run /var/run/postgresql - - exec: socat /dev/null UNIX-CONNECT:/shared/postgres_run/.s.PGSQL.5432 || exit 0 && echo postgres already running stop container ; exit 1 - - exec: rm -fr /shared/postgres_run/.s* - - exec: rm -fr /shared/postgres_run/*.pid - - exec: mkdir -p /shared/postgres_run/9.3-main.pg_stat_tmp - - exec: chown postgres:postgres /shared/postgres_run/9.3-main.pg_stat_tmp - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /port =.*/ - to: "port = 5432" - - file: - path: /etc/service/postgres/run - chmod: "+x" - contents: | - #!/bin/sh - exec 2>&1 - echo -1000 >/proc/self/oom_score_adj - HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/9.3/bin/postmaster -D /etc/postgresql/9.3/main - - - file: - path: /etc/runit/3.d/99-postgres - chmod: "+x" - contents: | - #!/bin/bash - sv stop postgres - - - exec: - cmd: - - chown -R root /var/lib/postgresql/9.3/main - - "[ ! -e /shared/postgres_data ] && install -d -m 0755 -o postgres -g postgres /shared/postgres_data && sudo -E -u postgres /usr/lib/postgresql/9.3/bin/initdb -D /shared/postgres_data || exit 0" - - chown -R postgres:postgres /shared/postgres_data - - chown -R postgres:postgres /var/run/postgresql - - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: "data_directory = '/var/lib/postgresql/9.3/main'" - to: "data_directory = '/shared/postgres_data'" - - # listen on all interfaces - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?listen_addresses *=.*/ - to: "listen_addresses = '*'" - - # sync commit off is faster and less spiky, also marginally less safe - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?synchronous_commit *=.*/ - to: "synchronous_commit = $db_synchronous_commit" - - # default is 128MB which is way too small - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?shared_buffers *=.*/ - to: "shared_buffers = $db_shared_buffers" - - # default is 1MB which is too small - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?work_mem *=.*/ - to: "work_mem = $db_work_mem" - - # allow for other - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?default_text_search_config *=.*/ - to: "default_text_search_config = '$db_default_text_search_config'" - - # Necessary to enable backups - - exec: - cmd: - - install -d -m 0755 -o postgres -g postgres /shared/postgres_backup - - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?max_wal_senders *=.*/ - to: "max_wal_senders = $db_max_wal_senders" - - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?wal_level *=.*/ - to: "wal_level = $db_wal_level" - - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?checkpoint_segments *=.*/ - to: "checkpoint_segments = $db_checkpoint_segments" - - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?logging_collector *=.*/ - to: "logging_collector = $db_logging_collector" - - - replace: - filename: "/etc/postgresql/9.3/main/postgresql.conf" - from: /#?log_min_duration_statement *=.*/ - to: "log_min_duration_statement = $db_log_min_duration_statement" - - - replace: - filename: "/etc/postgresql/9.3/main/pg_hba.conf" - from: /^#local +replication +postgres +peer$/ - to: "local replication postgres peer" - - # allow all to connect in with md5 auth - - replace: - filename: "/etc/postgresql/9.3/main/pg_hba.conf" - from: /^host.*all.*all.*127.*$/ - to: "host all all 0.0.0.0/0 md5" - - - exec: - background: true - # use fast shutdown for pg - stop_signal: INT - cmd: HOME=/var/lib/postgresql USER=postgres exec chpst -u postgres:postgres:ssl-cert -U postgres:postgres:ssl-cert /usr/lib/postgresql/9.3/bin/postmaster -D /etc/postgresql/9.3/main - - # give db a few secs to start up - - exec: "sleep 5" - - - exec: su postgres -c 'createdb $db_name' || true - - exec: su postgres -c 'psql $db_name -c "create user $db_user;"' || true - - exec: su postgres -c 'psql $db_name -c "grant all privileges on database $db_name to $db_user;"' || true - - exec: su postgres -c 'psql $db_name -c "alter schema public owner to $db_user;"' - - exec: su postgres -c 'psql template1 -c "create extension if not exists hstore;"' - - exec: su postgres -c 'psql template1 -c "create extension if not exists pg_trgm;"' - - exec: su postgres -c 'psql $db_name -c "create extension if not exists hstore;"' - - exec: su postgres -c 'psql $db_name -c "create extension if not exists pg_trgm;"' - - exec: - stdin: | - update pg_database set encoding = pg_char_to_encoding('UTF8') where datname = '$db_name' AND encoding = pg_char_to_encoding('SQL_ASCII'); - cmd: sudo -u postgres psql $db_name - raise_on_fail: false - - - file: - path: /var/lib/postgresql/take-database-backup - chown: postgres:postgres - chmod: "+x" - contents: | - #!/bin/bash - ID=db-$(date +%F_%T) - FILENAME=/shared/postgres_backup/$ID.tar.gz - pg_basebackup --format=tar --pgdata=- --xlog --gzip --label=$ID > $FILENAME - echo $FILENAME - - - file: - path: /var/spool/cron/crontabs/postgres - contents: | - # m h dom mon dow command - #MAILTO=? - #0 */4 * * * /var/lib/postgresql/take-database-backup - - - exec: - hook: postgres - cmd: "echo postgres installed!" diff --git a/templates/postgres.template.yml b/templates/postgres.template.yml index 1e5784e..afccf3f 100644 --- a/templates/postgres.template.yml +++ b/templates/postgres.template.yml @@ -5,8 +5,6 @@ params: db_default_text_search_config: "pg_catalog.english" db_name: discourse db_user: discourse - db_wal_level: minimal - db_max_wal_senders: 0 db_checkpoint_segments: 6 db_logging_collector: off db_log_min_duration_statement: 100