add restore from backup support

2024-11-25 00:06:42 +00:00 · 2023-02-17 18:13:08 +03:00 · 2023-02-17 18:13:08 +03:00 · a2cfbde7e3
commit a2cfbde7e3
parent 4f40c189f7
7 changed files with 42 additions and 40 deletions
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@ -1,9 +1,9 @@
 postgresql_version: "15.2"

 # Options
-postgresql_group: "postgresql"
+postgresql_play_group: "postgresql"
 postgresql_superuser_db: "postgres"
-postgresql_superuser_name: "postgres"
+postgresql_superuser_username: "postgres"
 postgresql_superuser_password: "postgres"

 # SSL options
@ -12,8 +12,15 @@ postgresql_ssl_keep_nonssl_endpoint: false
 postgresql_self_signed_cert: true
 postgresql_self_signed_cert_name: "cert"

-## Backup options
+## Backup and restore options
 postgresql_wal_g_install: false
+postgresql_wal_g_restore: false
+postgresql_wal_g_force_delete_and_restore: false
+postgresql_wal_g_config_name: ".walg.json"
+postgresql_wal_g_restore_config_name: ".walg-restore.json"
+postgresql_wal_g_binary_name: "wal-g-pg"
+postgresql_wal_g_postgresql_pitr: "LATEST"
+postgresql_promote_trigger_file: "{{ postgresql_data_dir }}/promote.trigger"

 postgresql_password_encryption_algorithm: "scram-sha-256"
 postgresql_default_parameters:
@ -47,6 +54,7 @@ postgresql_default_parameters:
  lc_time: '{{ postgresql_system_locale | default("en_US.UTF-8") }}'
  default_text_search_config: 'pg_catalog.english'
  password_encryption: '{{ postgresql_password_encryption_algorithm }}'
+  promote_trigger_file: '{{ postgresql_promote_trigger_file }}'

 postgresql_backup_parameters:
  archive_command: "{{ postgresql_archive_command | default('cd .')}}"
--- a/tasks/Debian/main.yaml
+++ b/tasks/Debian/main.yaml
@ -7,7 +7,7 @@
  tags: postgresql_configuration

 - name: "PostgreSQL initdb"
-  become_user: "{{ postgresql_superuser_name }}"
+  become_user: "{{ postgresql_superuser_username }}"
  shell: "/usr/lib/postgresql/{{ postgresql_major_version }}/bin/initdb -D {{ postgresql_data_dir }} --auth-local peer --auth-host {{ postgresql_password_encryption_algorithm }} --no-instructions"
  register: initdb
  changed_when: "'exists but is not empty' not in initdb.stderr"
--- a/tasks/RedHat/main.yaml
+++ b/tasks/RedHat/main.yaml
@ -23,6 +23,23 @@
    disable_gpg_check: yes
  register: postgresql_setup

+- name: Include data direcory
+  include_tasks: data_dir.yaml
+
+- name: Include WAL-G role
+  ansible.builtin.include_role:
+    name: wal-g
+  vars:
+    wal_g_pg: yes
+    wal_g_pg_home_dir: "{{ postgresql_base_dir }}"
+    wal_g_pg_data_dir: "{{ postgresql_data_dir }}"
+    wal_g_restore: "{{ postgresql_wal_g_restore }}"
+  when: postgresql_wal_g_install
+
+- name: Include PostgreSQL restore
+  include_tasks: restore.yaml
+  when: postgresql_wal_g_restore
+
 - name: PostgreSQL Initdb
  shell: "/usr/pgsql-{{ postgresql_major_version }}/bin/postgresql-{{ postgresql_major_version }}-setup initdb"
  register: initdb
@ -32,11 +49,3 @@
 - name: "Configure PostgreSQL"
  include_tasks: config.yaml
  tags: postgresql_configuration
-
- name: Include WAL-G role
-  ansible.builtin.include_role:
-    name: wal-g
-  vars:
-    wal_g_pg: yes
-  when: postgresql_wal_g_install
-
--- a/tasks/cacert.yaml
+++ b/tasks/cacert.yaml
@ -1,10 +1,10 @@
- name: "Add host to {{ postgresql_group }} group"
+- name: "Add host to {{ postgresql_play_group }} group"
  add_host:
-    groups: "{{ postgresql_group }}"
+    groups: "{{ postgresql_play_group }}"
    hostname: "{{ hostvars[item]['inventory_hostname'] }}"
    ansible_host: "{{ hostvars[item]['ansible_host'] | default(omit) }}"
  loop: "{{ ansible_play_hosts }}"
-  when: groups[postgresql_group] is not defined
+  when: groups[postgresql_play_group] is not defined
  changed_when: false

 - name: Install python3-cryptography as dependence
@ -31,7 +31,7 @@
  when: postgresql_cert is defined

 - name: Generate OpenSSL key and cert for PostgreSQL
-  when: "inventory_hostname == groups[postgresql_group]|first"
+  when: "inventory_hostname == groups[postgresql_play_group]|first"
  block:
    - name: Generate an OpenSSL private CA key with the default values (4096 bits, RSA)
      community.crypto.openssl_privatekey:
@ -78,17 +78,17 @@

    - name: Generate PostgreSQL subject_alt_ips from ansible_host
      set_fact:
-        postgresql_server_subject_alt_ips_from_ansible_host: "{{ groups[postgresql_group] | default([]) | map('extract', hostvars, ['ansible_host']) | map('regex_replace', '^', 'IP:') | list }}"
+        postgresql_server_subject_alt_ips_from_ansible_host: "{{ groups[postgresql_play_group] | default([]) | map('extract', hostvars, ['ansible_host']) | map('regex_replace', '^', 'IP:') | list }}"
      when: hostvars[inventory_hostname]['ansible_host'] is defined

    - name: Generate PostgreSQL subject_alt_ips from default ipv4 address
      set_fact:
-        postgresql_server_subject_alt_ips: "{{ groups[postgresql_group] | default([]) | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | map('regex_replace', '^', 'IP:') | list }}"
+        postgresql_server_subject_alt_ips: "{{ groups[postgresql_play_group] | default([]) | map('extract', hostvars, ['ansible_default_ipv4', 'address']) | map('regex_replace', '^', 'IP:') | list }}"
      when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] is defined

    - name: Generate PostgreSQL subject_alt_names
      set_fact:
-        postgresql_server_subject_alt_names: "{{ groups[postgresql_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}"
+        postgresql_server_subject_alt_names: "{{ groups[postgresql_play_group] | default([]) | map('extract', hostvars, ['inventory_hostname']) | map('regex_replace', '^', 'DNS:') | list }}"

    - name: Generate an OpenSSL Certificate Signing Request for client
      community.crypto.openssl_csr:
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@ -12,25 +12,10 @@
        - "vars"
  tags: postgresql_vars

- name: Load host variables to override role vars
-  include_vars:
-    dir: "{{ inventory_dir }}/host_vars"
-    ignore_unknown_extensions: True
-    extensions:
-      - ''
-      - "yaml"
-      - "yml"
-  tags: postgresql_override_role_vars
-
- name: Load group variables to override role vars
-  include_vars:
-    dir: "{{ inventory_dir }}/group_vars"
-    ignore_unknown_extensions: True
-    extensions:
-      - ''
-      - "yaml"
-      - "yml"
-  tags: postgresql_override_role_vars
+- name: Set facts about needed vars
+  set_fact:
+    postgresql_base_dir: "{{ postgresql_base_dir }}"
+    postgresql_data_dir: "{{ postgresql_data_dir }}"

 - name: "Set locale for PostgreSQL"
  include_tasks: locale.yaml
--- a/tasks/user.yaml
+++ b/tasks/user.yaml
@ -5,6 +5,6 @@
    ansible_python_interpreter: '/usr/bin/env python3'
  community.postgresql.postgresql_user:
    db: "{{ postgresql_superuser_db }}"
-    name: "{{ postgresql_superuser_name }}"
+    name: "{{ postgresql_superuser_username }}"
    password: "{{ postgresql_superuser_password }}"
    state: present
--- a/vars/main.yaml
+++ b/vars/main.yaml
@ -2,4 +2,4 @@ postgresql_major_version: "{{ postgresql_version | split('.') | first }}"
 postgresql_minor_version: "{{ postgresql_version | split('.') | last }}"
 postgresql_system_locale: "en_US.UTF-8"
 postgresql_system_language: "{{ postgresql_system_locale }}"
-
+postgresql_system_override_dir: "/etc/systemd/system/postgresql-{{ postgresql_major_version }}.service.d"