1 files changed, 47 insertions, 0 deletions

diff --git a/ansible/knot.yml b/ansible/knot.yml
index 9bd7632..796bdc1 100644
--- a/ansible/knot.yml
+++ b/ansible/knot.yml
@@ -22,3 +22,50 @@
     - role: knot-misc
       tags: knot-misc
       become: true
+  tasks:
+    - tags: pg-backup
+      vars:
+        wal_g: /etc/postgresql/wal-g.env
+        wal_g_bin: /var/lib/postgresql/wal-g
+      block:
+        - name: "mkdir {{ wal_g }}"
+          become: yes
+          file:
+            path: "{{ wal_g }}"
+            state: directory
+            mode: ug=rx,o=
+            owner: root
+            group: postgres
+
+        - name: Configure environment
+          become: yes
+          copy:
+            dest: "{{ wal_g }}/{{ item.file }}"
+            content: "{{ item.content }}"
+            owner: root
+            group: postgres
+            mode: g=r,u=r,o=
+          loop:
+            - {file: "AWS_ACCESS_KEY_ID", content: "{{ pg_backup_knot.sender.access_key }}"}
+            - {file: "AWS_ENDPOINT", content: "https://minio.trygvis.io"}
+            - {file: "AWS_REGION", content: "us-east-1"}
+            - {file: "AWS_S3_FORCE_PATH_STYLE", content: "true"}
+            - {file: "AWS_SECRET_ACCESS_KEY", content: "{{ pg_backup_knot.sender.secret_key }}"}
+            - {file: "WALG_S3_PREFIX", content: "s3://{{ pg_backup_knot.bucket.name }}"}
+            - {file: "PGHOST", content: "/var/run/postgresql"}
+
+        - name: /etc/postgresql/13/main/wal-g.conf
+          become: yes
+          copy:
+            dest: /etc/postgresql/13/main/wal-g.conf
+            content: |
+             archive_mode = yes
+             archive_command = '/usr/bin/envdir {{ wal_g }} {{ wal_g_bin }} wal-push %p'
+             archive_timeout = 60
+
+        - name: /etc/postgresql/13/main/postgresql.conf
+          become: yes
+          lineinfile:
+            path: /etc/postgresql/13/main/postgresql.conf
+            regexp: wal-g.conf
+            line: "include = 'wal-g.conf'"