puppet: Move PostgreSQL backups to their own class.

wal-g was used in `puppet/zulip` by env-wal-g, but only installed in `puppet/zulip_ops`. Merge all of the dependencies of doing backups using wal-g (wal-g installation, the pg_backup_and_purge job, the nagios plugin that verifies it happens) into a common base class in `puppet/zulip`, since it is generally useful.
2025-10-26 01:24:02 +00:00 · 2020-07-13 17:53:23 -07:00
parent bc1f2fa80e
commit 6c27f07c1d
7 changed files with 64 additions and 61 deletions
--- a/docs/overview/architecture-overview.md
+++ b/docs/overview/architecture-overview.md
@@ -274,8 +274,8 @@ This component is intended to install Nagios plugins intended to be run
 on a Nagios server; most of the Zulip Nagios plugins are intended to be
 run on the Zulip servers themselves, and are included with the relevant
 component of the Zulip server (e.g.
-`puppet/zulip/manifests/postgres_common.pp` installs a few under
-`/usr/lib/nagios/plugins/zulip_postgres_common`).
+`puppet/zulip/manifests/postgres_backups.pp` installs a few under
+`/usr/lib/nagios/plugins/zulip_backups`).

 ## Glossary

--- a/docs/production/export-and-import.md
+++ b/docs/production/export-and-import.md
@@ -161,7 +161,7 @@ data includes:
 * The postgres database.  You can back it up like any postgres
 database. We have some example tooling for doing that incrementally
 into S3 using [wal-g](https://github.com/wal-g/wal-g) in
-`puppet/zulip_ops/manifests/postgres_common.pp`.
+`puppet/zulip/manifests/postgres_backups.pp`.
 In short, this requires:
  - Zulip 1.4 or newer release.
  - An Amazon S3 bucket for storing the backups.
@@ -173,9 +173,9 @@ In short, this requires:
    s3_backups_bucket = # name of S3 backup
    ```
  - A cron job to run `/usr/local/bin/pg_backup_and_purge.py`. There's puppet
-  config for this in `puppet/zulip_internal/manifests/postgres_common.pp`.
+  config for this in `puppet/zulip/manifests/postgres_backups.pp`.
  - Verification that backups are running via
-  `/usr/lib/nagios/plugins/zulip_postgres_common/check_postgres_backup`.
+  `/usr/lib/nagios/plugins/zulip_postgres_backups/check_postgres_backup`.

 * Any user-uploaded files.  If you're using S3 as storage for file
 uploads, this is backed up in S3. But if you have instead set
@@ -224,7 +224,7 @@ installation from one server to another.
 We recommend running a disaster recovery after setting up your backups to
 confirm that your backups are working. You may also want to monitor
 that they are up to date using the Nagios plugin at:
-`puppet/zulip_ops/files/nagios_plugins/check_postgres_backup`.
+`puppet/zulip/files/nagios_plugins/zulip_postgres_backups/check_postgres_backup`.

 ## Postgres streaming replication

--- a/puppet/zulip/files/nagios_plugins/zulip_postgres_backups/check_postgres_backup
+++ b/puppet/zulip/files/nagios_plugins/zulip_postgres_backups/check_postgres_backup
--- a/puppet/zulip/manifests/postgres_backups.pp
+++ b/puppet/zulip/manifests/postgres_backups.pp
@@ -0,0 +1,56 @@
+class zulip::postgres_backups {
+  $wal_g_version = '0.2.15'
+  $wal_g_hash = 'ea33c2341d7bfb203c6948590c29834c013ab06a28c7a2b236a73d906f785c84'
+  exec {'install-wal-g':
+    command => "${::zulip_scripts_path}/setup/install-wal-g.sh ${wal_g_version} ${wal_g_hash}",
+    creates => "/usr/local/bin/wal-g-${wal_g_version}",
+  }
+  file { '/usr/local/bin/wal-g':
+    ensure => 'link',
+    target => "/usr/local/bin/wal-g-${wal_g_version}",
+  }
+  file { '/usr/local/bin/env-wal-g':
+    ensure  => file,
+    owner   => 'root',
+    group   => 'postgres',
+    mode    => '0750',
+    source  => 'puppet:///modules/zulip/postgresql/env-wal-g',
+    require => Package[$zulip::postgres_common::postgresql],
+  }
+
+  file { '/usr/local/bin/pg_backup_and_purge':
+    ensure  => file,
+    owner   => 'root',
+    group   => 'postgres',
+    mode    => '0754',
+    source  => 'puppet:///modules/zulip/postgresql/pg_backup_and_purge',
+    require => File['/usr/local/bin/env-wal-g'],
+  }
+
+  cron { 'pg_backup_and_purge':
+    ensure      => present,
+    command     => '/usr/local/bin/pg_backup_and_purge',
+    environment => 'PATH=/bin:/usr/bin:/usr/local/bin',
+    hour        => 5,
+    minute      => 0,
+    target      => 'postgres',
+    user        => 'postgres',
+    require     => [
+      File['/usr/local/bin/pg_backup_and_purge'],
+      Package[
+        "postgresql-${zulip::base::postgres_version}",
+        'python3-dateutil',
+      ],
+    ],
+  }
+
+  file { "${zulip::common::nagios_plugins_dir}/zulip_postgres_backups":
+    require => Package[$zulip::common::nagios_plugins],
+    recurse => true,
+    purge   => true,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+    source  => 'puppet:///modules/zulip/nagios_plugins/zulip_postgres_backups',
+  }
+}
--- a/puppet/zulip/manifests/postgres_common.pp
+++ b/puppet/zulip/manifests/postgres_common.pp
@@ -70,33 +70,6 @@ class zulip::postgres_common {
      creates => '/etc/logrotate.d/postgresql-common.disabled',
    }
  }
-  file { "${zulip::common::nagios_plugins_dir}/zulip_postgres_common":
-    require => Package[$zulip::common::nagios_plugins],
-    recurse => true,
-    purge   => true,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0755',
-    source  => 'puppet:///modules/zulip/nagios_plugins/zulip_postgres_common',
-  }
-
-  file { '/usr/local/bin/env-wal-g':
-    ensure  => file,
-    owner   => 'root',
-    group   => 'postgres',
-    mode    => '0750',
-    source  => 'puppet:///modules/zulip/postgresql/env-wal-g',
-    require => Package[$postgresql],
-  }
-
-  file { '/usr/local/bin/pg_backup_and_purge':
-    ensure  => file,
-    owner   => 'root',
-    group   => 'postgres',
-    mode    => '0754',
-    source  => 'puppet:///modules/zulip/postgresql/pg_backup_and_purge',
-    require => File['/usr/local/bin/env-wal-g'],
-  }

  # Use arcane puppet virtual resources to add postgres user to zulip group
  @user { 'postgres':
--- a/puppet/zulip_ops/files/nagios3/commands.cfg
+++ b/puppet/zulip_ops/files/nagios3/commands.cfg
@@ -163,7 +163,7 @@ define command {

 define command {
        command_name    check_postgres_backup
-        command_line    /usr/lib/nagios/plugins/check_by_ssh -l nagios -t 30 -i /var/lib/nagios/.ssh/id_rsa -H $HOSTADDRESS$ -C '/usr/lib/nagios/plugins/zulip_postgres_common/check_postgres_backup'
+        command_line    /usr/lib/nagios/plugins/check_by_ssh -l nagios -t 30 -i /var/lib/nagios/.ssh/id_rsa -H $HOSTADDRESS$ -C '/usr/lib/nagios/plugins/zulip_postgres_backups/check_postgres_backup'
 }

 define command {
--- a/puppet/zulip_ops/manifests/postgres_appdb.pp
+++ b/puppet/zulip_ops/manifests/postgres_appdb.pp
@@ -1,37 +1,11 @@
 class zulip_ops::postgres_appdb {
  include zulip_ops::base
  include zulip::postgres_appdb_tuned
+  include zulip::postgres_backups

  $common_packages = ['xfsprogs']
  package { $common_packages: ensure => 'installed' }

-  $wal_g_version = '0.2.15'
-  $wal_g_hash = 'ea33c2341d7bfb203c6948590c29834c013ab06a28c7a2b236a73d906f785c84'
-  exec {'install-wal-g':
-    command => "${::zulip_scripts_path}/setup/install-wal-g.sh ${wal_g_version} ${wal_g_hash}",
-    creates => "/usr/local/bin/wal-g-${wal_g_version}",
-  }
-  file { '/usr/local/bin/wal-g':
-    ensure => 'link',
-    target => "/usr/local/bin/wal-g-${wal_g_version}",
-  }
-  cron { 'pg_backup_and_purge':
-    ensure      => present,
-    command     => '/usr/local/bin/pg_backup_and_purge',
-    environment => 'PATH=/bin:/usr/bin:/usr/local/bin',
-    hour        => 5,
-    minute      => 0,
-    target      => 'postgres',
-    user        => 'postgres',
-    require     => [
-      File['/usr/local/bin/pg_backup_and_purge'],
-      Package[
-        "postgresql-${zulip::base::postgres_version}",
-        'python3-dateutil',
-      ],
-    ],
-  }
-
  file { '/etc/sysctl.d/40-postgresql.conf':
    ensure => file,
    owner  => 'root',