diff --git a/docs/production/export-and-import.md b/docs/production/export-and-import.md index 81de21623c..8144e81229 100644 --- a/docs/production/export-and-import.md +++ b/docs/production/export-and-import.md @@ -160,7 +160,7 @@ data includes: * The postgres database. You can back it up like any postgres database. We have some example tooling for doing that incrementally -into S3 using [wal-e](https://github.com/wal-e/wal-e) in +into S3 using [wal-g](https://github.com/wal-g/wal-g) in `puppet/zulip_ops/manifests/postgres_common.pp`. In short, this requires: - Zulip 1.4 or newer release. @@ -207,7 +207,7 @@ To restore from a manual backup, the process is basically the reverse of the abo * If you ran `initialize-database` anyway above, you'll want to run `scripts/setup/postgres-init-db` to drop the initial database first. -* Restore your database from the backup using `wal-e`. +* Restore your database from the backup. * Reconfigure rabbitmq to use the password from `secrets.conf` by running, as root, `scripts/setup/configure-rabbitmq`. diff --git a/puppet/zulip_ops/manifests/postgres_common.pp b/puppet/zulip_ops/manifests/postgres_common.pp index 29b1fde99d..8b99cf87b3 100644 --- a/puppet/zulip_ops/manifests/postgres_common.pp +++ b/puppet/zulip_ops/manifests/postgres_common.pp @@ -1,23 +1,16 @@ class zulip_ops::postgres_common { include zulip::postgres_common - $internal_postgres_packages = [# dependencies for our wal-e backup system - 'lzop', - 'pv', - 'python3-pip', - 'python-pip', - 'python3-gevent', - 'python-gevent', - ] - package { $internal_postgres_packages: ensure => 'installed' } + $wal_g_version = '0.2.15' + $wal_g_hash = 'ea33c2341d7bfb203c6948590c29834c013ab06a28c7a2b236a73d906f785c84' + exec {'install-wal-g': + command => "${::zulip_scripts_path}/setup/install-wal-g ${wal_g_version} ${wal_g_hash}", + creates => "/usr/local/bin/wal-g-${wal_g_version}", + } - exec {'pip_wal-e': - # On trusty, there is no python3-boto or python3-gevent package, - # so we keep our `wal-e` explicitly on Python 2 for now. - command => '/usr/bin/pip2 install git+git://github.com/zbenjamin/wal-e.git#egg=wal-e', - creates => '/usr/local/bin/wal-e', - require => Package['python-pip', 'python-boto', 'python-gevent', - 'lzop', 'pv'], + file { '/usr/local/bin/wal-g': + ensure => 'link', + target => "/usr/local/bin/wal-g-${wal_g_version}", } cron { 'pg_backup_and_purge': diff --git a/scripts/setup/install-wal-g.sh b/scripts/setup/install-wal-g.sh new file mode 100755 index 0000000000..d8a11c6387 --- /dev/null +++ b/scripts/setup/install-wal-g.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +set -e +set -x + +VERSION="$1" +HASH="$2" + +cd /tmp +wget -qO "wal-g-$VERSION.tar.gz" \ + "https://github.com/wal-g/wal-g/releases/download/v$VERSION/wal-g.linux-amd64.tar.gz" + +# Check not against the arbitrary provided sha256 on Github, but +# against the (same) sha256 that we hardcode as "known good". +echo "$HASH wal-g-$VERSION.tar.gz" > "wal-g-$VERSION.tar.gz.sha256" +sha256sum -c "wal-g-$VERSION.tar.gz.sha256" + +tar xzf "wal-g-$VERSION.tar.gz" +mv wal-g "/usr/local/bin/wal-g-$VERSION" +rm "wal-g-$VERSION.tar.gz" "wal-g-$VERSION.tar.gz.sha256"