From 5f9ab94f9b7681a96871f97aae830bfeaa4a5d5d Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 3 Oct 2021 16:32:51 +0200 Subject: [PATCH 1/4] feat: add test for Rocky Linux 8 --- .drone.jsonnet | 4 +- .drone.yml | 37 +++++++- molecule/default | 2 +- molecule/rocky8/converge.yml | 15 ++++ molecule/rocky8/create.yml | 120 ++++++++++++++++++++++++++ molecule/rocky8/destroy.yml | 78 +++++++++++++++++ molecule/rocky8/molecule.yml | 24 ++++++ molecule/rocky8/prepare.yml | 15 ++++ molecule/rocky8/tests/test_default.py | 23 +++++ 9 files changed, 315 insertions(+), 3 deletions(-) create mode 100644 molecule/rocky8/converge.yml create mode 100644 molecule/rocky8/create.yml create mode 100644 molecule/rocky8/destroy.yml create mode 100644 molecule/rocky8/molecule.yml create mode 100644 molecule/rocky8/prepare.yml create mode 100644 molecule/rocky8/tests/test_default.py diff --git a/.drone.jsonnet b/.drone.jsonnet index 18fab09..439fb8e 100644 --- a/.drone.jsonnet +++ b/.drone.jsonnet @@ -71,7 +71,7 @@ local PipelineDeployment(scenario='centos7') = { 'linting', ], trigger: { - ref: ['refs/heads/master', 'refs/tags/**'], + ref: ['refs/heads/master', 'refs/tags/**', 'refs/pull/**'], }, }; @@ -116,6 +116,7 @@ local PipelineDocumentation = { }, depends_on: [ 'testing-centos7', + 'testing-rocky8', ], }; @@ -154,6 +155,7 @@ local PipelineNotification = { [ PipelineLinting, PipelineDeployment(scenario='centos7'), + PipelineDeployment(scenario='rocky8'), PipelineDocumentation, PipelineNotification, ] diff --git a/.drone.yml b/.drone.yml index d1b9bb4..076d34a 100644 --- a/.drone.yml +++ b/.drone.yml @@ -62,6 +62,40 @@ trigger: ref: - refs/heads/master - refs/tags/** + - refs/pull/** + +depends_on: + - linting + +--- +kind: pipeline +name: testing-rocky8 + +platform: + os: linux + arch: amd64 + +concurrency: + limit: 1 + +workspace: + base: /drone/src + path: ${DRONE_REPO_NAME} + +steps: + - name: ansible-molecule + image: thegeeklab/molecule:3 + commands: + - molecule test -s rocky8 + environment: + HCLOUD_TOKEN: + from_secret: hcloud_token + +trigger: + ref: + - refs/heads/master + - refs/tags/** + - refs/pull/** depends_on: - linting @@ -108,6 +142,7 @@ trigger: depends_on: - testing-centos7 + - testing-rocky8 --- kind: pipeline @@ -147,6 +182,6 @@ depends_on: --- kind: signature -hmac: 9c670d53b462557f2945be4d94c2b0328bd971e10e43ce61ca106ca9669bb167 +hmac: 916e22d58f38ffdeb4b10459c2ebdef15e69b4a3704bb1d2679e0b0629865981 ... diff --git a/molecule/default b/molecule/default index 2fdf3e8..62ea184 120000 --- a/molecule/default +++ b/molecule/default @@ -1 +1 @@ -centos7 \ No newline at end of file +rocky8 \ No newline at end of file diff --git a/molecule/rocky8/converge.yml b/molecule/rocky8/converge.yml new file mode 100644 index 0000000..376d574 --- /dev/null +++ b/molecule/rocky8/converge.yml @@ -0,0 +1,15 @@ +--- +- name: Converge + hosts: all + vars: + postgres_repository_enabled: True + postgres_users: + - name: "pgdemo" + password: "secure" + priv: ALL + db: "demo" + postgres_dbs: + - name: demo + + roles: + - role: xoxys.postgres diff --git a/molecule/rocky8/create.yml b/molecule/rocky8/create.yml new file mode 100644 index 0000000..8b945cd --- /dev/null +++ b/molecule/rocky8/create.yml @@ -0,0 +1,120 @@ +--- +- name: Create + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ molecule_no_log }}" + vars: + ssh_port: 22 + ssh_user: root + ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key" + tasks: + - name: Create SSH key + user: + name: "{{ lookup('env', 'USER') }}" + generate_ssh_key: true + ssh_key_file: "{{ ssh_path }}" + force: true + register: generated_ssh_key + + - name: Register the SSH key name + set_fact: + ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}" + + - name: Register SSH key for test instance(s) + hcloud_ssh_key: + name: "{{ ssh_key_name }}" + public_key: "{{ generated_ssh_key.ssh_public_key }}" + state: present + + - name: Create molecule instance(s) + hcloud_server: + name: "{{ item.name }}" + server_type: "{{ item.server_type }}" + ssh_keys: + - "{{ ssh_key_name }}" + image: "{{ item.image }}" + location: "{{ item.location | default(omit) }}" + datacenter: "{{ item.datacenter | default(omit) }}" + user_data: "{{ item.user_data | default(omit) }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: present + register: server + loop: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_jobs + until: hetzner_jobs.finished + retries: 300 + loop: "{{ server.results }}" + + - name: Create volume(s) + hcloud_volume: + name: "{{ item.name }}" + server: "{{ item.name }}" + location: "{{ item.location | default(omit) }}" + size: "{{ item.volume_size | default(10) }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: "present" + loop: "{{ molecule_yml.platforms }}" + when: item.volume | default(False) | bool + register: volumes + async: 7200 + poll: 0 + + - name: Wait for volume(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_volumes + until: hetzner_volumes.finished + retries: 300 + when: volumes.changed + loop: "{{ volumes.results }}" + + # Mandatory configuration for Molecule to function. + + - name: Populate instance config dict + set_fact: + instance_conf_dict: + { + "instance": "{{ item.hcloud_server.name }}", + "ssh_key_name": "{{ ssh_key_name }}", + "address": "{{ item.hcloud_server.ipv4_address }}", + "user": "{{ ssh_user }}", + "port": "{{ ssh_port }}", + "identity_file": "{{ ssh_path }}", + "volume": "{{ item.item.item.volume | default(False) | bool }}", + } + loop: "{{ hetzner_jobs.results }}" + register: instance_config_dict + when: server.changed | bool + + - name: Convert instance config dict to a list + set_fact: + instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}" + when: server.changed | bool + + - name: Dump instance config + copy: + content: | + # Molecule managed + + {{ instance_conf | to_nice_yaml(indent=2) }} + dest: "{{ molecule_instance_config }}" + when: server.changed | bool + + - name: Wait for SSH + wait_for: + port: "{{ ssh_port }}" + host: "{{ item.address }}" + search_regex: SSH + delay: 10 + loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}" + + - name: Wait for VM to settle down + pause: + seconds: 30 diff --git a/molecule/rocky8/destroy.yml b/molecule/rocky8/destroy.yml new file mode 100644 index 0000000..6454c71 --- /dev/null +++ b/molecule/rocky8/destroy.yml @@ -0,0 +1,78 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ molecule_no_log }}" + tasks: + - name: Check existing instance config file + stat: + path: "{{ molecule_instance_config }}" + register: cfg + + - name: Populate the instance config + set_fact: + instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}" + + - name: Destroy molecule instance(s) + hcloud_server: + name: "{{ item.instance }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: absent + register: server + loop: "{{ instance_conf }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_jobs + until: hetzner_jobs.finished + retries: 300 + loop: "{{ server.results }}" + + - pause: + seconds: 5 + + - name: Destroy volume(s) + hcloud_volume: + name: "{{ item.instance }}" + server: "{{ item.instance }}" + api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" + state: "absent" + register: volumes + loop: "{{ instance_conf }}" + when: item.volume | default(False) | bool + async: 7200 + poll: 0 + + - name: Wait for volume(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: hetzner_volumes + until: hetzner_volumes.finished + retries: 300 + when: volumes.changed + loop: "{{ volumes.results }}" + + - name: Remove registered SSH key + hcloud_ssh_key: + name: "{{ instance_conf[0].ssh_key_name }}" + state: absent + when: (instance_conf | default([])) | length > 0 + + # Mandatory configuration for Molecule to function. + + - name: Populate instance config + set_fact: + instance_conf: {} + + - name: Dump instance config + copy: + content: | + # Molecule managed + + {{ instance_conf | to_nice_yaml(indent=2) }} + dest: "{{ molecule_instance_config }}" + when: server.changed | bool diff --git a/molecule/rocky8/molecule.yml b/molecule/rocky8/molecule.yml new file mode 100644 index 0000000..63f80ba --- /dev/null +++ b/molecule/rocky8/molecule.yml @@ -0,0 +1,24 @@ +--- +dependency: + name: galaxy + options: + role-file: molecule/requirements.yml + requirements-file: molecule/requirements.yml + env: + ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false" +driver: + name: delegated +platforms: + - name: rocky8-postgres + image: rocky-8 + server_type: cx11 +lint: | + /usr/local/bin/flake8 +provisioner: + name: ansible + env: + ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter} + ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library} + log: False +verifier: + name: testinfra diff --git a/molecule/rocky8/prepare.yml b/molecule/rocky8/prepare.yml new file mode 100644 index 0000000..183f4d3 --- /dev/null +++ b/molecule/rocky8/prepare.yml @@ -0,0 +1,15 @@ +--- +- name: Prepare + hosts: all + gather_facts: false + tasks: + - name: Bootstrap python for Ansible + raw: | + command -v python3 python || ( + (test -e /usr/bin/dnf && sudo dnf install -y python3) || + (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || + (test -e /usr/bin/yum && sudo yum -y -qq install python3) || + echo "Warning: Python not boostrapped due to unknown platform." + ) + become: true + changed_when: false diff --git a/molecule/rocky8/tests/test_default.py b/molecule/rocky8/tests/test_default.py new file mode 100644 index 0000000..5f358cd --- /dev/null +++ b/molecule/rocky8/tests/test_default.py @@ -0,0 +1,23 @@ +import os + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ["MOLECULE_INVENTORY_FILE"] +).get_hosts("all") + + +def test_postgres_is_installed(host): + postgres = host.package("postgresql10-server") + assert postgres.is_installed + + +def test_postgres_running_and_enabled(host): + postgres = host.service("postgresql-10") + assert postgres.is_running + assert postgres.is_enabled + + +def test_postgres_socket(host): + # Verify the socket is listening for HTTP traffic + assert host.socket("tcp://127.0.0.1:5432").is_listening -- 2.45.2 From 7a3752d57bb0701e1201cd9e5d679b4d945c6ee9 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 3 Apr 2022 14:53:03 +0200 Subject: [PATCH 2/4] switch to postgres 14 as default --- defaults/main.yml | 8 +- molecule/centos7/tests/test_default.py | 9 +- molecule/rocky8/tests/test_default.py | 9 +- tasks/config.yml | 2 +- tasks/main.yml | 12 + tasks/post_tasks.yml | 4 +- tasks/prepare.yml | 32 +-- tasks/prepare_redhat_7.yml | 10 + tasks/prepare_redhat_8.yml | 24 ++ templates/postgresql/data/postgresql.conf.j2 | 246 ++----------------- 10 files changed, 98 insertions(+), 258 deletions(-) create mode 100644 tasks/prepare_redhat_7.yml create mode 100644 tasks/prepare_redhat_8.yml diff --git a/defaults/main.yml b/defaults/main.yml index bc80982..3bfc0fd 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,6 +1,6 @@ --- postgres_repository_enabled: False -postgres_version: 12 +postgres_version: 14 postgres_repository_filename: "Postgresql-{{ postgres_version | regex_replace('\\.') }}" postgres_user: postgres postgres_group: postgres @@ -20,7 +20,7 @@ postgres_connection_addresses: postgres_socket_directories: - /var/run/postgresql -postgres_password_encryption: md5 +postgres_password_encryption: scram-sha-256 postgres_tls_enabled: False postgres_tls_cert_filename: "mycert.pem" @@ -81,13 +81,13 @@ postgres_hba_entries: users: - all address: "127.0.0.1/32" - auth_method: md5 + auth_method: "{{ postgres_password_encryption }}" - contype: host databases: - all users: - all address: "::1/128" - auth_method: md5 + auth_method: "{{ postgres_password_encryption }}" postgres_hba_entries_extra: [] diff --git a/molecule/centos7/tests/test_default.py b/molecule/centos7/tests/test_default.py index f48b2b8..e672871 100644 --- a/molecule/centos7/tests/test_default.py +++ b/molecule/centos7/tests/test_default.py @@ -8,16 +8,21 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def test_postgres_is_installed(host): - postgres = host.package("postgresql12-server") + postgres = host.package("postgresql14-server") assert postgres.is_installed def test_postgres_running_and_enabled(host): - postgres = host.service("postgresql-12") + postgres = host.service("postgresql-14") assert postgres.is_running assert postgres.is_enabled +def test_postgres_auth(host): + login = host.run("PGPASSWORD=secure psql -U pgdemo -h localhost -c 'select 1' -q demo") + assert login.succeeded + + def test_postgres_socket(host): # Verify the socket is listening for HTTP traffic assert host.socket("tcp://127.0.0.1:5432").is_listening diff --git a/molecule/rocky8/tests/test_default.py b/molecule/rocky8/tests/test_default.py index 5f358cd..e672871 100644 --- a/molecule/rocky8/tests/test_default.py +++ b/molecule/rocky8/tests/test_default.py @@ -8,16 +8,21 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( def test_postgres_is_installed(host): - postgres = host.package("postgresql10-server") + postgres = host.package("postgresql14-server") assert postgres.is_installed def test_postgres_running_and_enabled(host): - postgres = host.service("postgresql-10") + postgres = host.service("postgresql-14") assert postgres.is_running assert postgres.is_enabled +def test_postgres_auth(host): + login = host.run("PGPASSWORD=secure psql -U pgdemo -h localhost -c 'select 1' -q demo") + assert login.succeeded + + def test_postgres_socket(host): # Verify the socket is listening for HTTP traffic assert host.socket("tcp://127.0.0.1:5432").is_listening diff --git a/tasks/config.yml b/tasks/config.yml index 245961f..873415d 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -24,7 +24,7 @@ users: "{{ item.users | default(['all']) | join(',') }}" address: "{{ item.address | default('all') }}" databases: "{{ item.databases | default(['all']) | join(',') }}" - method: "{{ item.auth_method | default('md5') }}" + method: "{{ item.auth_method | default(postgres_password_encryption) }}" state: "{{ item.state | default('present') }}" loop: "{{ postgres_hba_entries + postgres_hba_entries_extra }}" loop_control: diff --git a/tasks/main.yml b/tasks/main.yml index ed9d4e5..fde0d29 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,5 +1,17 @@ --- - import_tasks: prepare.yml + +- include_tasks: "{{ task_files }}" + vars: + task_files: "{{ lookup('first_found', params, errors='ignore') }}" + params: + files: + - "prepare_{{ ansible_os_family | lower }}_{{ ansible_distribution_major_version }}.yml" + - "prepare_{{ ansible_os_family | lower }}.yml" + paths: + - "tasks" + when: task_files + - import_tasks: install.yml - import_tasks: config.yml - import_tasks: tls.yml diff --git a/tasks/post_tasks.yml b/tasks/post_tasks.yml index a3bfc7d..27f269d 100644 --- a/tasks/post_tasks.yml +++ b/tasks/post_tasks.yml @@ -23,9 +23,11 @@ become_user: "{{ postgres_user }}" - name: Ensure PostgreSQL users are present + environment: + PGOPTIONS: "-c password_encryption={{ postgres_password_encryption }}" postgresql_user: name: "{{ item.name }}" - password: "{{ 'md5' + (item.password + item.name) | hash('md5') }}" + password: "{{ item.password | default(omit) }}" encrypted: "{{ item.encrypted | default('yes') }}" priv: "{{ item.priv | default(omit) }}" role_attr_flags: "{{ item.role_attr_flags | default(omit) }}" diff --git a/tasks/prepare.yml b/tasks/prepare.yml index d8798bd..ef726dd 100644 --- a/tasks/prepare.yml +++ b/tasks/prepare.yml @@ -1,24 +1,10 @@ --- -- name: Load helper variables - include_vars: "main.yml" - -- block: - - name: Add PostgreSQL repository - yum_repository: - name: "postgresql-{{ __postgres_version }}" - file: "{{ postgres_repository_filename }}" - description: "PostgreSQL {{ __postgres_version }} yum repository" - baseurl: "https://download.postgresql.org/pub/repos/yum/{{ __postgres_version }}/redhat/rhel-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}" - gpgcheck: yes - enabled: yes - gpgkey: "https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-{{ __postgres_version }}" - - - name: Install dependencies - package: - name: "{{ item }}" - state: present - loop: - - python2-psycopg2 - become: True - become_user: root - when: postgres_repository_enabled | bool +- name: Add PostgreSQL repository + yum_repository: + name: "postgresql-{{ __postgres_version }}" + file: "{{ postgres_repository_filename }}" + description: "PostgreSQL {{ __postgres_version }} yum repository" + baseurl: "https://download.postgresql.org/pub/repos/yum/{{ __postgres_version }}/redhat/rhel-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}" + gpgcheck: yes + enabled: yes + gpgkey: "https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-{{ __postgres_version }}" diff --git a/tasks/prepare_redhat_7.yml b/tasks/prepare_redhat_7.yml new file mode 100644 index 0000000..9a2b9c7 --- /dev/null +++ b/tasks/prepare_redhat_7.yml @@ -0,0 +1,10 @@ +--- +- name: Install RH7 dependencies + package: + name: "{{ item }}" + state: present + loop: + - python2-psycopg2 + become: True + become_user: root + when: postgres_repository_enabled | bool diff --git a/tasks/prepare_redhat_8.yml b/tasks/prepare_redhat_8.yml new file mode 100644 index 0000000..44bbd19 --- /dev/null +++ b/tasks/prepare_redhat_8.yml @@ -0,0 +1,24 @@ +--- +- block: + - name: Disable default Postgres module + copy: + dest: /etc/dnf/modules.d/postgresql.module + content: | + [postgresql] + name=postgresql + stream= + profiles= + state=disabled + mode: 644 + owner: root + group: root + + - name: Install RH8 dependencies + package: + name: "{{ item }}" + state: present + loop: + - python3-psycopg2 + become: True + become_user: root + when: postgres_repository_enabled | bool diff --git a/templates/postgresql/data/postgresql.conf.j2 b/templates/postgresql/data/postgresql.conf.j2 index 8baf404..13ac7fe 100644 --- a/templates/postgresql/data/postgresql.conf.j2 +++ b/templates/postgresql/data/postgresql.conf.j2 @@ -2,23 +2,6 @@ # ----------------------------- # PostgreSQL configuration file # ----------------------------- -# -# This file consists of lines of the form: -# -# name = value -# -# (The "=" is optional.) Whitespace may be used. Comments are introduced with -# "#" anywhere on a line. The complete list of parameter names and allowed -# values can be found in the PostgreSQL documentation. - - -#------------------------------------------------------------------------------ -# FILE LOCATIONS -#------------------------------------------------------------------------------ - -# The default values of these variables are driven from the -D command-line -# option or PGDATA environment variable, represented here as ConfigDir. - #------------------------------------------------------------------------------ # CONNECTIONS AND AUTHENTICATION @@ -29,262 +12,75 @@ listen_addresses = '{{ postgres_connection_addresses | join(",") }}' port = {{ postgres_connection_port }} max_connections = 100 -#superuser_reserved_connections = 3 unix_socket_directories = '{{ postgres_socket_directories | join(",") }}' -#unix_socket_group = '' -#unix_socket_permissions = 0777 -#bonjour = off -#bonjour_name = '' -# - Security and Authentication - +# - Authentication - + +authentication_timeout = 1min +password_encryption = {{ postgres_password_encryption }} + +# - SSL - -#authentication_timeout = 1min {% if postgres_tls_enabled %} ssl = on +ssl_cert_file = '{{ __postgres_tls_cert_path }}' +ssl_key_file = '{{ __postgres_tls_key_path }}' {% else %} ssl = off {% endif %} -{% if postgres_tls_enabled %} -#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' -#ssl_prefer_server_ciphers = on -#ssl_ecdh_curve = 'prime256v1' -#ssl_dh_params_file = '' -ssl_cert_file = '{{ __postgres_tls_cert_path }}' -ssl_key_file = '{{ __postgres_tls_key_path }}' -#ssl_ca_file = '' -#ssl_crl_file = '' -{% endif %} -password_encryption = {{ postgres_password_encryption }} -#db_user_namespace = off -#row_security = on - -# GSSAPI using Kerberos -#krb_server_keyfile = '' -#krb_caseins_users = off - -# - TCP Keepalives - -# see "man 7 tcp" for details - -#tcp_keepalives_idle = 0 -#tcp_keepalives_interval = 0 -#tcp_keepalives_count = 0 - #------------------------------------------------------------------------------ # RESOURCE USAGE (except WAL) #------------------------------------------------------------------------------ + +# - Memory - + shared_buffers = 128MB dynamic_shared_memory_type = posix -# - Disk - - -# - Kernel Resource Usage - - -# - Cost-Based Vacuum Delay - - -# - Background Writer - - -# - Asynchronous Behavior - - - -#------------------------------------------------------------------------------ -# WRITE AHEAD LOG -#------------------------------------------------------------------------------ - -# - Settings - - # - Checkpoints - -# - Archiving - +max_wal_size = 1GB +min_wal_size = 80MB #------------------------------------------------------------------------------ -# REPLICATION -#------------------------------------------------------------------------------ - -# - Sending Server(s) - - -# Set these on the master and on any standby that will send replication data. - -# - Master Server - - -# These settings are ignored on a standby server. - -# - Standby Servers - - -# These settings are ignored on a master server. - -# - Subscribers - - -# These settings are ignored on a publisher. - - -#------------------------------------------------------------------------------ -# QUERY TUNING -#------------------------------------------------------------------------------ - -# - Planner Method Configuration - - -# - Planner Cost Constants - - -# - Genetic Query Optimizer - - -# - Other Planner Options - - - -#------------------------------------------------------------------------------ -# ERROR REPORTING AND LOGGING +# REPORTING AND LOGGING #------------------------------------------------------------------------------ # - Where to Log - log_destination = '{{ postgres_log_destination | join(",") }}' -# This is used when logging to stderr: {% if "stderr" in postgres_log_destination or "csvlog" in postgres_log_destination %} logging_collector = on {% else %} logging_collector = off {% endif %} -# These are only used if logging_collector is on: log_directory = '{{ postgres_log_directory }}' log_filename = '{{ postgres_log_filename }}' -#log_file_mode = 0600 -log_truncate_on_rotation = on log_rotation_age = {{ postgres_log_rotation_age }} log_rotation_size = {{ postgres_log_rotation_size }} - - -# These are relevant when logging to syslog: -#syslog_facility = 'LOCAL0' -#syslog_ident = 'postgres' -#syslog_sequence_numbers = on -#syslog_split_messages = on - -# - When to Log - -#client_min_messages = notice -#log_min_messages = warning -#log_min_error_statement = error -#log_min_duration_statement = -1 +log_truncate_on_rotation = on # - What to Log - -#debug_print_parse = off -#debug_print_rewritten = off -#debug_print_plan = off -#debug_pretty_print = on -#log_checkpoints = off -#log_connections = off -#log_disconnections = off -#log_duration = off -#log_error_verbosity = default # terse, default, or verbose messages -#log_hostname = off + log_line_prefix = '%m [%p] ' -#log_lock_waits = off -#log_statement = 'none' -#log_replication_commands = off -#log_temp_files = -1 -log_timezone = 'Europe/Berlin' - - -# - Process Title - - -#cluster_name = '' -#update_process_title = on - - -#------------------------------------------------------------------------------ -# RUNTIME STATISTICS -#------------------------------------------------------------------------------ - -# - Query/Index Statistics Collector - - -# - Statistics Monitoring - - - -#------------------------------------------------------------------------------ -# AUTOVACUUM PARAMETERS -#------------------------------------------------------------------------------ +log_timezone = 'Etc/UTC' #------------------------------------------------------------------------------ # CLIENT CONNECTION DEFAULTS #------------------------------------------------------------------------------ -# - Statement Behavior - - # - Locale and Formatting - datestyle = 'iso, mdy' -#intervalstyle = 'postgres' -timezone = 'Europe/Berlin' -#timezone_abbreviations = 'Default' -#extra_float_digits = 0 -#client_encoding = sql_ascii +timezone = 'Etc/UTC' -# These settings are initialized by initdb, but they can be changed. lc_messages = 'en_US.UTF-8' -lc_monetary = 'en_US.UTF-8' -lc_numeric = 'en_US.UTF-8' -lc_time = 'en_US.UTF-8' +lc_monetary = 'en_US.UTF-8' # locale for monetary formatting +lc_numeric = 'en_US.UTF-8' # locale for number formatting +lc_time = 'en_US.UTF-8' # locale for time formatting -# default configuration for text search default_text_search_config = 'pg_catalog.english' - -# - Other Defaults - - -#dynamic_library_path = '$libdir' -#local_preload_libraries = '' -#session_preload_libraries = '' - - -#------------------------------------------------------------------------------ -# LOCK MANAGEMENT -#------------------------------------------------------------------------------ - - -#------------------------------------------------------------------------------ -# VERSION/PLATFORM COMPATIBILITY -#------------------------------------------------------------------------------ - -# - Previous PostgreSQL Versions - - -#array_nulls = on -#backslash_quote = safe_encoding -#default_with_oids = off -#escape_string_warning = on -#lo_compat_privileges = off -#operator_precedence_warning = off -#quote_all_identifiers = off -#standard_conforming_strings = on -#synchronize_seqscans = on - -# - Other Platforms and Clients - - -#transform_null_equals = off - - -#------------------------------------------------------------------------------ -# ERROR HANDLING -#------------------------------------------------------------------------------ - -#exit_on_error = off # terminate session on any error? -#restart_after_crash = on # reinitialize after backend crash? - - -#------------------------------------------------------------------------------ -# CONFIG FILE INCLUDES -#------------------------------------------------------------------------------ - -# These options allow settings to be loaded from files other than the -# default postgresql.conf. - -#include_dir = 'conf.d' -#include_if_exists = 'exists.conf' -#include = 'special.conf' - - -#------------------------------------------------------------------------------ -# CUSTOMIZED OPTIONS -#------------------------------------------------------------------------------ - -# Add settings for extensions here -- 2.45.2 From b88eb7edbbf9a3ffe133a4316777395e8674cbad Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 3 Apr 2022 14:58:01 +0200 Subject: [PATCH 3/4] fix linting --- tasks/prepare_redhat_7.yml | 2 +- tasks/prepare_redhat_8.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/prepare_redhat_7.yml b/tasks/prepare_redhat_7.yml index 9a2b9c7..e9c19b0 100644 --- a/tasks/prepare_redhat_7.yml +++ b/tasks/prepare_redhat_7.yml @@ -1,5 +1,5 @@ --- -- name: Install RH7 dependencies +- name: Install rh7 dependencies package: name: "{{ item }}" state: present diff --git a/tasks/prepare_redhat_8.yml b/tasks/prepare_redhat_8.yml index 44bbd19..a1b80e0 100644 --- a/tasks/prepare_redhat_8.yml +++ b/tasks/prepare_redhat_8.yml @@ -9,11 +9,11 @@ stream= profiles= state=disabled - mode: 644 + mode: 0644 owner: root group: root - - name: Install RH8 dependencies + - name: Install rh8 dependencies package: name: "{{ item }}" state: present -- 2.45.2 From dd16f0218b864b8b995fc7341f98c7a80927831e Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 3 Apr 2022 15:13:11 +0200 Subject: [PATCH 4/4] fix dependencies --- tasks/prepare.yml | 3 +++ tasks/prepare_redhat_7.yml | 3 +-- tasks/prepare_redhat_8.yml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/tasks/prepare.yml b/tasks/prepare.yml index ef726dd..3cfa149 100644 --- a/tasks/prepare.yml +++ b/tasks/prepare.yml @@ -8,3 +8,6 @@ gpgcheck: yes enabled: yes gpgkey: "https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-{{ __postgres_version }}" + become: True + become_user: root + when: postgres_repository_enabled | bool diff --git a/tasks/prepare_redhat_7.yml b/tasks/prepare_redhat_7.yml index e9c19b0..3fd9e96 100644 --- a/tasks/prepare_redhat_7.yml +++ b/tasks/prepare_redhat_7.yml @@ -4,7 +4,6 @@ name: "{{ item }}" state: present loop: - - python2-psycopg2 + - python-psycopg2 become: True become_user: root - when: postgres_repository_enabled | bool diff --git a/tasks/prepare_redhat_8.yml b/tasks/prepare_redhat_8.yml index a1b80e0..df3563e 100644 --- a/tasks/prepare_redhat_8.yml +++ b/tasks/prepare_redhat_8.yml @@ -12,6 +12,7 @@ mode: 0644 owner: root group: root + when: postgres_repository_enabled | bool - name: Install rh8 dependencies package: @@ -21,4 +22,3 @@ - python3-psycopg2 become: True become_user: root - when: postgres_repository_enabled | bool -- 2.45.2