diff --git a/defaults/main.yaml b/defaults/main.yaml index 9426374..fb4e2d2 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -13,20 +13,23 @@ postgresql_ssl_keep_nonssl_endpoint: false postgresql_self_signed_cert: true postgresql_self_signed_cert_name: "cert" -## Backup and restore options +## WAL-G backup and restore options postgresql_wal_g_install: false -postgresql_wal_g_restore: false +postgresql_wal_g_restore_from_backup: false postgresql_wal_g_force_delete_and_restore: false postgresql_wal_g_config_name: ".walg.json" postgresql_wal_g_restore_config_name: ".walg-restore.json" +postgresql_wal_g_pitr: 'latest' +postgresql_wal_g_restore_backup_name: 'LATEST' postgresql_wal_g_binary_name: "wal-g-pg" -postgresql_wal_g_postgresql_pitr: "LATEST" + postgresql_recovery_target_time: "" postgresql_promote_trigger_file: "{{ postgresql_data_dir }}/promote.trigger" postgresql_password_encryption_algorithm: "scram-sha-256" postgresql_default_parameters: data_directory: '{{ postgresql_data_dir }}' + archive_mode: "{{ postgresql_archive_mode | default('on') }}" listen_addresses: '*' max_connections: '1000' superuser_reserved_connections: '5' @@ -59,8 +62,9 @@ postgresql_default_parameters: postgresql_backup_parameters: archive_command: "{{ postgresql_archive_command | default('cd .')}}" + +postgresql_restore_parameters: restore_command: "{{ postgresql_restore_command | default('cd .') }}" - archive_mode: "{{ postgresql_archive_mode | default('on') }}" postgresql_log_dir: "/var/log/postgresql" diff --git a/tasks/Debian/config.yaml b/tasks/Debian/config.yaml index bd64e7a..59db4ac 100644 --- a/tasks/Debian/config.yaml +++ b/tasks/Debian/config.yaml @@ -19,8 +19,11 @@ - name: Merge backup options for PostgreSQL config set_fact: - postgresql_combined_parameters: "{{ postgresql_combined_parameters | combine(postgresql_backup_parameters|default({}), recursive=true) }}" - when: + postgresql_combined_parameters: "{{ postgresql_combined_parameters | combine(postgresql_backup_parameters, recursive=true) }}" + +- name: Merge restore options for PostgreSQL config + set_fact: + postgresql_combined_parameters: "{{ postgresql_combined_parameters | combine(postgresql_restore_parameters, recursive=true) }}" - name: Propagate PostgreSQL configs block: diff --git a/tasks/Debian/main.yaml b/tasks/Debian/main.yaml index 1ca61cb..522caf6 100644 --- a/tasks/Debian/main.yaml +++ b/tasks/Debian/main.yaml @@ -6,6 +6,10 @@ include_tasks: config.yaml tags: postgresql_configuration +- name: "Manage TLS/SSL certificates" + include_tasks: cacert.yaml + when: postgresql_ssl + - name: Include WAL-G role ansible.builtin.include_role: name: wal-g @@ -16,6 +20,10 @@ wal_g_restore: "{{ postgresql_wal_g_restore }}" when: postgresql_wal_g_install +- name: Include PostgreSQL restore + include_tasks: restore.yaml + when: postgresql_wal_g_restore_from_backup + - name: "PostgreSQL initdb" become_user: "{{ postgresql_superuser_username }}" shell: "/usr/lib/postgresql/{{ postgresql_major_version }}/bin/initdb -D {{ postgresql_data_dir }} --username {{ postgresql_superuser_username }} --auth-local peer --auth-host {{ postgresql_password_encryption_algorithm }} --no-instructions" diff --git a/tasks/RedHat/config.yaml b/tasks/RedHat/config.yaml index a0ee688..13d3166 100644 --- a/tasks/RedHat/config.yaml +++ b/tasks/RedHat/config.yaml @@ -6,7 +6,10 @@ - name: Merge backup options for PostgreSQL config set_fact: postgresql_combined_parameters: "{{ postgresql_combined_parameters | combine(postgresql_backup_parameters|default({}), recursive=true) }}" - when: + +- name: Merge restore options for PostgreSQL config + set_fact: + postgresql_combined_parameters: "{{ postgresql_combined_parameters | combine(postgresql_restore_parameters|default({}), recursive=true) }}" - name: Propagate PostgreSQL configs block: diff --git a/tasks/RedHat/main.yaml b/tasks/RedHat/main.yaml index 9ce33a9..fe98415 100644 --- a/tasks/RedHat/main.yaml +++ b/tasks/RedHat/main.yaml @@ -27,6 +27,10 @@ - name: Include data direcory include_tasks: data_dir.yaml +- name: "Manage TLS/SSL certificates" + include_tasks: cacert.yaml + when: postgresql_ssl + - name: Include WAL-G role ansible.builtin.include_role: name: wal-g @@ -39,7 +43,7 @@ - name: Include PostgreSQL restore include_tasks: restore.yaml - when: postgresql_wal_g_restore + when: postgresql_wal_g_restore_from_backup - name: PostgreSQL Initdb shell: "/usr/pgsql-{{ postgresql_major_version }}/bin/postgresql-{{ postgresql_major_version }}-setup initdb --username {{ postgresql_superuser_username }} --auth-host {{ postgresql_password_encryption_algorithm }}" diff --git a/tasks/main.yaml b/tasks/main.yaml index 74a22d6..ded22cc 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -27,9 +27,9 @@ include_tasks: "{{ ansible_facts['os_family'] }}/main.yaml" tags: postgresql_setup -- name: "Manage TLS/SSL certificates" - include_tasks: cacert.yaml - when: postgresql_ssl +#- name: "Manage TLS/SSL certificates" +# include_tasks: cacert.yaml +# when: postgresql_ssl - name: Enable and start PostgreSQL systemd: diff --git a/tasks/restore.yaml b/tasks/restore.yaml index c09565b..b10d9eb 100644 --- a/tasks/restore.yaml +++ b/tasks/restore.yaml @@ -29,27 +29,27 @@ - postgresql_files_found.matched == 0 block: - name: Restore database dir from backup - shell: "{{ postgresql_wal_g_binary_name ~ ' --config ' ~ postgresql_home_dir ~ '/' ~ postgresql_wal_g_restore_config_name ~ ' backup-fetch ' ~ postgresql_data_dir ~ ' ' ~ postgresql_wal_g_postgresql_pitr }}" + shell: "{{ postgresql_wal_g_binary_name ~ ' --config ' ~ postgresql_home_dir ~ '/' ~ postgresql_wal_g_restore_config_name ~ ' backup-fetch ' ~ postgresql_data_dir ~ ' ' ~ postgresql_wal_g_restore_backup_name }}" become_user: postgres - + - name: Include PostgreSQL configuration vars: postgresql_archive_command: "cd ." postgresql_restore_command: "{{ postgresql_wal_g_binary_name ~ ' --config ' ~ postgresql_home_dir ~ '/' ~ postgresql_wal_g_restore_config_name ~ ' wal-fetch %f %p' }}" include_tasks: config.yaml - + - name: Create recovery.signal file - file: + file: name: "{{ postgresql_data_dir }}/recovery.signal" state: touch become_user: postgres - - - name: Create standby.signal file - file: - name: "{{ postgresql_data_dir }}/standby.signal" - state: touch - become_user: postgres - + + #- name: Create standby.signal file + # file: + # name: "{{ postgresql_data_dir }}/standby.signal" + # state: touch + # become_user: postgres + - name: Start PostgreSQL for recovery systemd: daemon_reload: true @@ -57,19 +57,19 @@ state: started masked: no register: postgresql_start_for_recovery - + - name: Ping PostgreSQL server vars: ansible_python_interpreter: '/usr/bin/env python3' community.postgresql.postgresql_ping: db: "{{ postgresql_superuser_db }}" login_user: "{{ postgresql_superuser_username }}" - login_password: "{{ postgresql_superuser_password }}" + login_password: "{{ postgresql_superuser_password }}" register: postgresql_ping until: postgresql_ping.is_available retries: 60 delay: 20 - + - name: debug debug: msg: "{{ postgresql_ping }}" @@ -83,7 +83,10 @@ register: postgresql_stop - name: Create promote trigger file - file: + file: name: "{{ postgresql_promote_trigger_file }}" state: touch become_user: postgres + + - name: Include PostgreSQL configuration + include_tasks: config.yaml