paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-04 05:53:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

puppet: Support password-based PostgreSQL replication.

Browse Source
This commit is contained in:
Alex Vandiver
2022-03-10 19:18:30 +00:00
committed by Tim Abbott
parent b3f1f1675b
commit 253bef27f5
6 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
docs/production/deployment.md
View File

@@ -523,8 +523,10 @@ replication_primary = hostname-of-primary.example.com
The `postgres` user on the replica will need to be able to The `postgres` user on the replica will need to be able to
authenticate as the `replicator` user, which may require further authenticate as the `replicator` user, which may require further
configuration of `pg_hba.conf` and client certificates on the configuration of `pg_hba.conf` and client certificates on the replica.
replica. If you are using password authentication, you can set a
`postgresql_replication_password` secret in
`/etc/zulip/zulip-secrets.conf`.
[warm-standby]: https://www.postgresql.org/docs/current/warm-standby.html [warm-standby]: https://www.postgresql.org/docs/current/warm-standby.html
[wal-g]: export-and-import.md#backup-details [wal-g]: export-and-import.md#backup-details
@@ -690,7 +692,10 @@ should be done from.
On the [warm standby replicas](#postgresql-warm-standby), set to the On the [warm standby replicas](#postgresql-warm-standby), set to the
username that the host should authenticate to the primary PostgreSQL username that the host should authenticate to the primary PostgreSQL
server as, for streaming replication. server as, for streaming replication. Authentication will be done
based on the `pg_hba.conf` file; if you are using password
authentication, you can set a `postgresql_replication_password` secret
for authentication.
#### `ssl_ca_file` #### `ssl_ca_file`

1
puppet/zulip/manifests/profile/postgresql.pp
View File

@@ -16,6 +16,7 @@ class zulip::profile::postgresql {
$s3_backups_bucket = zulipsecret('secrets', 's3_backups_bucket', '') $s3_backups_bucket = zulipsecret('secrets', 's3_backups_bucket', '')
$replication_primary = zulipconf('postgresql', 'replication_primary', undef) $replication_primary = zulipconf('postgresql', 'replication_primary', undef)
$replication_user = zulipconf('postgresql', 'replication_user', undef) $replication_user = zulipconf('postgresql', 'replication_user', undef)
$replication_password = zulipsecret('secrets', 'postgresql_replication_password', '')
$ssl_cert_file = zulipconf('postgresql', 'ssl_cert_file', undef) $ssl_cert_file = zulipconf('postgresql', 'ssl_cert_file', undef)
$ssl_key_file = zulipconf('postgresql', 'ssl_key_file', undef) $ssl_key_file = zulipconf('postgresql', 'ssl_key_file', undef)

4
puppet/zulip/templates/postgresql/12/postgresql.conf.template.erb
View File

@@ -794,7 +794,9 @@ archive_mode = on
archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p' archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p'
restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"' restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"'
<% if @replication_primary != '' && @replication_user != '' -%> <% if @replication_primary != '' && @replication_user != '' -%>
primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user %>' primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user -%>
<% if @replication_password != '' %> password=<%= @replication_password %><% end -%>
'
<% end -%> <% end -%>
<% end -%> <% end -%>

4
puppet/zulip/templates/postgresql/13/postgresql.conf.template.erb
View File

@@ -825,7 +825,9 @@ archive_mode = on
archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p' archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p'
restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"' restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"'
<% if @replication_primary != '' && @replication_user != '' -%> <% if @replication_primary != '' && @replication_user != '' -%>
primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user %>' primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user -%>
<% if @replication_password != '' %> password=<%= @replication_password %><% end -%>
'
<% end -%> <% end -%>
<% end -%> <% end -%>

4
puppet/zulip/templates/postgresql/14/postgresql.conf.template.erb
View File

@@ -846,7 +846,9 @@ archive_mode = on
archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p' archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p'
restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"' restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"'
<% if @replication_primary != '' && @replication_user != '' -%> <% if @replication_primary != '' && @replication_user != '' -%>
primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user %>' primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user -%>
<% if @replication_password != '' %> password=<%= @replication_password %><% end -%>
'
<% end -%> <% end -%>
<% end -%> <% end -%>

4
puppet/zulip/templates/postgresql/recovery.conf.template.erb
View File

@@ -2,5 +2,7 @@ standby_mode = on
restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"' restore_command = '/usr/local/bin/env-wal-g wal-fetch "%f" "%p"'
recovery_target_timeline = 'latest' recovery_target_timeline = 'latest'
<% if @replication_primary != '' && @replication_user != '' -%> <% if @replication_primary != '' && @replication_user != '' -%>
primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user %>' primary_conninfo = 'host=<%= @replication_primary %> user=<%= @replication_user -%>
<% if @replication_password != '' %> password=<%= @replication_password %><% end -%>
'
<% end -%> <% end -%>