diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2021-01-20 10:29:19 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2021-01-20 10:29:19 +0100 |
commit | d77a2af7acee55457f4cab5f3acc8e3060564196 (patch) | |
tree | e4c3ffc2af288b7f5b6e1aadc93a147075bb1832 /ansible | |
parent | ed65919b0327e733c6863d397ba354badf2a280e (diff) | |
download | infra-d77a2af7acee55457f4cab5f3acc8e3060564196.tar.gz infra-d77a2af7acee55457f4cab5f3acc8e3060564196.tar.bz2 infra-d77a2af7acee55457f4cab5f3acc8e3060564196.tar.xz infra-d77a2af7acee55457f4cab5f3acc8e3060564196.zip |
Minio + wal-g
Diffstat (limited to 'ansible')
-rwxr-xr-x | ansible/inventory-terraform | 8 | ||||
-rw-r--r-- | ansible/knot.yml | 47 | ||||
-rw-r--r-- | ansible/terraform-to-ansible-inventory.py | 2 |
3 files changed, 56 insertions, 1 deletions
diff --git a/ansible/inventory-terraform b/ansible/inventory-terraform new file mode 100755 index 0000000..6eeba30 --- /dev/null +++ b/ansible/inventory-terraform @@ -0,0 +1,8 @@ +#!/bin/bash + +set -euo pipefail + +basedir=$(dirname $0) + +(cd "$basedir/../terraform" && terraform output -json) |\ + "$basedir/env/bin/python" "$basedir/terraform-to-ansible-inventory.py" diff --git a/ansible/knot.yml b/ansible/knot.yml index 9bd7632..796bdc1 100644 --- a/ansible/knot.yml +++ b/ansible/knot.yml @@ -22,3 +22,50 @@ - role: knot-misc tags: knot-misc become: true + tasks: + - tags: pg-backup + vars: + wal_g: /etc/postgresql/wal-g.env + wal_g_bin: /var/lib/postgresql/wal-g + block: + - name: "mkdir {{ wal_g }}" + become: yes + file: + path: "{{ wal_g }}" + state: directory + mode: ug=rx,o= + owner: root + group: postgres + + - name: Configure environment + become: yes + copy: + dest: "{{ wal_g }}/{{ item.file }}" + content: "{{ item.content }}" + owner: root + group: postgres + mode: g=r,u=r,o= + loop: + - {file: "AWS_ACCESS_KEY_ID", content: "{{ pg_backup_knot.sender.access_key }}"} + - {file: "AWS_ENDPOINT", content: "https://minio.trygvis.io"} + - {file: "AWS_REGION", content: "us-east-1"} + - {file: "AWS_S3_FORCE_PATH_STYLE", content: "true"} + - {file: "AWS_SECRET_ACCESS_KEY", content: "{{ pg_backup_knot.sender.secret_key }}"} + - {file: "WALG_S3_PREFIX", content: "s3://{{ pg_backup_knot.bucket.name }}"} + - {file: "PGHOST", content: "/var/run/postgresql"} + + - name: /etc/postgresql/13/main/wal-g.conf + become: yes + copy: + dest: /etc/postgresql/13/main/wal-g.conf + content: | + archive_mode = yes + archive_command = '/usr/bin/envdir {{ wal_g }} {{ wal_g_bin }} wal-push %p' + archive_timeout = 60 + + - name: /etc/postgresql/13/main/postgresql.conf + become: yes + lineinfile: + path: /etc/postgresql/13/main/postgresql.conf + regexp: wal-g.conf + line: "include = 'wal-g.conf'" diff --git a/ansible/terraform-to-ansible-inventory.py b/ansible/terraform-to-ansible-inventory.py index 25b402b..6e2e4a9 100644 --- a/ansible/terraform-to-ansible-inventory.py +++ b/ansible/terraform-to-ansible-inventory.py @@ -10,4 +10,4 @@ for k, v in blob.items(): new[k] = v["value"] new = {"all": {"vars": new}} -json.dump(new, fp=sys.stdout) +json.dump(new, fp=sys.stdout, indent=2) |