-
Notifications
You must be signed in to change notification settings - Fork 21
/
postgres_backups.yml
193 lines (169 loc) · 6.42 KB
/
postgres_backups.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
# This file is part of deployment-tool.
# Copyright (C) 2016-2017 Sequent Tech Inc <[email protected]>
# deployment-tool is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation, either version 3 of the License.
# deployment-tool is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
# You should have received a copy of the GNU Lesser General Public License
# along with deployment-tool. If not, see <http://www.gnu.org/licenses/>.
---
- name: PostgreSQL Backups, create postgresql backup folder
become: true
when: config.postgres_backups.enabled
file:
path: "{{ item.path }}"
state: directory
owner: postgres
group: postgres
with_items:
- { path: "{{ config.postgres_backups.folder }}" }
- { path: "{{ config.postgres_backups.folder }}/wal" }
- { path: "{{ config.postgres_backups.folder }}/base" }
- { path: "{{ config.postgres_backups.folder }}/dump" }
- name: PostgreSQL Backups, create postgresql backup commands and recovery config
become: true
when: config.postgres_backups.enabled
template:
src: "templates/{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
mode: "{{ item.mode }}"
with_items:
- src: create_backup_postgres.sh
dest: /usr/bin/create_backup_postgres.sh
owner: root
group: root
mode: '0755'
- src: clean_old_postgres_backups.sh
dest: /usr/bin/clean_old_postgres_backups.sh
owner: root
group: root
mode: '0755'
- src: restore_backup_postgres.sh
dest: /usr/bin/restore_backup_postgres.sh
owner: root
group: root
mode: '0755'
- src: copy_wal_postgres.sh
dest: /usr/bin/copy_wal_postgres.sh
owner: postgres
group: postgres
mode: '0755'
- src: recovery_end.sh
dest: /usr/bin/recovery_end.sh
owner: postgres
group: postgres
mode: '0755'
- src: archive_command_postgres.sh
dest: /usr/bin/archive_command_postgres.sh
owner: postgres
group: postgres
mode: '0755'
- src: restore_file_postgres.sh
dest: /usr/bin/restore_file_postgres.sh
owner: postgres
group: postgres
mode: '0755'
- src: restore_script_postgres.sh
dest: /usr/bin/restore_script_postgres.sh
owner: postgres
group: postgres
mode: '0755'
- src: recovery.conf
dest: /etc/postgresql/12/main/recovery.conf.copy
owner: postgres
group: postgres
mode: '0644'
- name: PostgreSQL Backups, set postgresql 12 conf for archiving
become: true
become_user: postgres
when: config.postgres_backups.enabled
lineinfile:
dest: /etc/postgresql/12/main/postgresql.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- regexp: \s*#?\s*wal_level\s*=\s*'?(minimal|archive|hot_standby|logical)'?.*
line: wal_level = 'logical'
- { regexp: '\s*#?\s*fsync\s*=\s*(on|off).*', line: 'fsync = on' }
- { regexp: '\s*#?\s*wal_sync_method\s*=\s*(open_datasync|fdatasync|fsync|fsync_writethrough|open_sync).*', line: 'wal_sync_method = fsync' }
- { regexp: '\s*#?\s*full_page_writes\s*=\s*(on|off).*', line: 'full_page_writes = on' }
- { regexp: '\s*#?\s*wal_writer_delay\s*=\s*\d+(ms)?.*', line: 'wal_writer_delay = 200ms' }
- { regexp: '\s*#?\s*archive_mode\s*=\s*(on|off).*', line: 'archive_mode = on' }
- { regexp: '\s*#?\s*archive_command\s*=\s*.*', line: "archive_command = 'bash archive_command_postgres.sh %p %f'" }
- { regexp: '\s*#?\s*archive_timeout\s*=\s*\d+.*', line: "archive_timeout = {{ config.postgres_backups.archive_timeout }}" }
- { regexp: '\s*#?\s*max_wal_senders\s*=\s*\d+.*', line: 'max_wal_senders = 5' }
- { regexp: '\s*#?\s*wal_keep_segments\s*=\s*\d+.*', line: 'wal_keep_segments = 10' }
- name: PostgreSQL Backups, disable archiving on postgresql 12 conf
become: true
become_user: postgres
when: not config.postgres_backups.enabled
lineinfile:
dest: /etc/postgresql/12/main/postgresql.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '\s*#?\s*archive_mode\s*=\s*(on|off).*', line: 'archive_mode = off' }
- name: PostgreSQL Backups, set postgresql 12 pg_hba local replication config
become: true
become_user: postgres
when: config.postgres_backups.enabled
lineinfile:
dest: /etc/postgresql/12/main/pg_hba.conf
regexp: '\s*#?\s*local\s+replication\s+postgres\s+(trust|reject|md5|password|gss|sspi|ident|peer|ldap|radius|cert|pam).*'
line: "local replication postgres trust"
- name: PostgreSQL Backups, set daily postgresql backups
become: true
when: config.postgres_backups.enabled
cron:
name: "postgres_backups"
state: present
user: root
weekday: "{{ config.postgres_backups.base_backups.weekday }}"
day: "{{ config.postgres_backups.base_backups.day }}"
minute: "{{ config.postgres_backups.base_backups.minute }}"
hour: "{{ config.postgres_backups.base_backups.hour }}"
job: "bash /usr/bin/create_backup_postgres.sh 2>&1"
- name: PostgreSQL Backups, disable daily postgresql backups
become: true
when: not config.postgres_backups.enabled
cron:
name: "postgres_backups"
state: absent
- name: PostgreSQL Backups, ensure recovery.conf is absent on /etc/postgresql/12/main
become: true
when: config.postgres_backups.enabled
file:
path: /etc/postgresql/12/main/recovery.conf
state: absent
owner: postgres
group: postgres
- name: PostgreSQL Backups, restarting postgresql to enable backups
become: true
when: config.postgres_backups.enabled
service:
name: postgresql
state: restarted
- name: PostgreSQL Backups, create base backups
become: true
become_user: root
when: config.postgres_backups.enabled and config.postgres_backups.backup_on_deploy
shell: /usr/bin/create_backup_postgres.sh > /dev/null 2>&1
args:
executable: /bin/bash
- name: Check that the EOrchestra is there
stat:
path: /home/eorchestra
register: stat_result
- name: election-orchestra, Restarting eorchestra service
become: true
supervisorctl:
name: "{{ item }}"
state: restarted
with_items:
- eorchestra
when: stat_result.stat.exists