active_postgres 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dbeebfa934a6587194e20aa39a3d459b7db2568c996f4faec1b781d70a4254ee
-  data.tar.gz: 47867c12a1fbb44652da9a79bb775ce38aaf8ff7b527a0a14ce0e042ca091877
+  metadata.gz: 0c54d617bfe700f38f1be17b6ff66e630bde27185b0dfdbeae52ef9472a25fd2
+  data.tar.gz: 92b80059f95ce83b62de7b047c0827906314d43a737360b32c88de67b4b2b11f
 SHA512:
-  metadata.gz: cd6849746528e378cc7e5d3c7707b20d974dc44cc10e61f4600b7eaccbfd7c9793e20b8741ae7339ab866618aa7357ee6781bf4d7ba7ee0eff959ad9c0af1b24
-  data.tar.gz: fc7635c0908c5920e4f21f702badd030c305819b05e63e6a0a6b54793b563e7338738445d38f11e1269566afba9fb0e6efcbea436287ace088518f6bce42a777
+  metadata.gz: 2a55cf101289b0c3a7f88494b79abd6bd61d2f47d9946308da3612dc5be5334013d455c08ef923202679a14f0aba1a1749c33e8164c85f744e5ff32d2fe99776
+  data.tar.gz: 1c07e9b4fa3d29a6d11cf960d2836c930d64adca20104b8e2911b2d828e0c19b9e2e20d9b46d4491f22ea9b59b7cc56838c648b1dc1fc40351faece92043bfdd

data/lib/active_postgres/cluster_deployment_flow.rb

@@ -54,6 +54,9 @@ module ActivePostgres
 
       # Create application users AFTER repmgr to avoid being wiped by cluster recreation
       create_application_users_if_configured
+
+      # Update pgbouncer userlist AFTER app users are created so they can authenticate
+      update_pgbouncer_userlist if config.component_enabled?(:pgbouncer)
     end
 
     def list_next_steps
@@ -81,5 +84,12 @@ module ActivePostgres
       core_component = Components::Core.new(config, ssh_executor, secrets)
       core_component.create_application_users
     end
+
+    def update_pgbouncer_userlist
+      logger.task('Updating PgBouncer userlist with app users') do
+        component = Components::PgBouncer.new(config, ssh_executor, secrets)
+        component.update_userlist
+      end
+    end
   end
 end

data/lib/active_postgres/components/pgbackrest.rb

@@ -4,14 +4,22 @@ module ActivePostgres
       def install
         puts 'Installing pgBackRest for backups...'
 
-        install_on_host(config.primary_host)
+        # Install on primary with full setup (stanza-create)
+        install_on_host(config.primary_host, create_stanza: true)
+
+        # Install on standbys (package + config only, no stanza-create)
+        config.standby_hosts.each do |host|
+          install_on_host(host, create_stanza: false)
+        end
       end
 
       def uninstall
         puts 'Uninstalling pgBackRest...'
 
-        ssh_executor.execute_on_host(config.primary_host) do
-          execute :sudo, 'apt-get', 'remove', '-y', 'pgbackrest'
+        config.all_hosts.each do |host|
+          ssh_executor.execute_on_host(host) do
+            execute :sudo, 'apt-get', 'remove', '-y', 'pgbackrest'
+          end
         end
       end
 
@@ -55,7 +63,7 @@ module ActivePostgres
 
       private
 
-      def install_on_host(host)
+      def install_on_host(host, create_stanza: true)
         puts "  Installing pgBackRest on #{host}..."
 
         pgbackrest_config = config.component_config(:pgbackrest)
@@ -86,7 +94,10 @@ module ActivePostgres
           execute :sudo, 'mkdir', '-p', '/var/spool/pgbackrest'
           execute :sudo, 'chown', "#{postgres_user}:#{postgres_user}", '/var/spool/pgbackrest'
 
-          execute :sudo, '-u', postgres_user, 'pgbackrest', '--stanza=main', 'stanza-create'
+          # Only create stanza on primary - standbys share the same backup repo
+          if create_stanza
+            execute :sudo, '-u', postgres_user, 'pgbackrest', '--stanza=main', 'stanza-create'
+          end
         end
       end
     end

data/lib/active_postgres/components/pgbouncer.rb

@@ -4,27 +4,49 @@ module ActivePostgres
       def install
         puts 'Installing PgBouncer for connection pooling...'
 
-        # Install on primary (can also install on standbys if needed)
-        install_on_host(config.primary_host)
+        config.all_hosts.each do |host|
+          install_on_host(host)
+        end
       end
 
       def uninstall
         puts 'Uninstalling PgBouncer...'
 
-        ssh_executor.execute_on_host(config.primary_host) do
-          execute :sudo, 'systemctl', 'stop', 'pgbouncer'
-          execute :sudo, 'apt-get', 'remove', '-y', 'pgbouncer'
+        config.all_hosts.each do |host|
+          ssh_executor.execute_on_host(host) do
+            execute :sudo, 'systemctl', 'stop', 'pgbouncer'
+            execute :sudo, 'apt-get', 'remove', '-y', 'pgbouncer'
+          end
         end
       end
 
       def restart
         puts 'Restarting PgBouncer...'
 
-        ssh_executor.execute_on_host(config.primary_host) do
-          execute :sudo, 'systemctl', 'restart', 'pgbouncer'
+        config.all_hosts.each do |host|
+          ssh_executor.execute_on_host(host) do
+            execute :sudo, 'systemctl', 'restart', 'pgbouncer'
+          end
         end
       end
 
+      def update_userlist
+        puts 'Updating PgBouncer userlist on all hosts...'
+
+        config.all_hosts.each do |host|
+          create_userlist(host)
+
+          ssh_executor.execute_on_host(host) do
+            execute :sudo, 'systemctl', 'reload', 'pgbouncer'
+          end
+        end
+      end
+
+      def install_on_standby(standby_host)
+        puts "Installing PgBouncer on standby #{standby_host}..."
+        install_on_host(standby_host)
+      end
+
       private
 
       def install_on_host(host)

data/lib/active_postgres/generators/active_postgres/templates/database.active_postgres.yml.erb

@@ -0,0 +1 @@
+<%= ActivePostgres::Rails::DatabaseConfig.render_partial('production', app_name: boring_app_name).strip %>

data/lib/active_postgres/generators/active_postgres/templates/postgres.yml.erb

@@ -0,0 +1,85 @@
+# PostgreSQL High Availability Configuration
+# Generated by active_postgres
+#
+# 💡 Either:
+#   1. Edit this file manually with your database servers
+#   2. Use Terraform to auto-generate this file
+#
+# See: config/postgres.example.yml in gem for full examples
+
+shared: &shared
+  version: 18
+  user: ubuntu
+  ssh_key: ~/.ssh/id_rsa
+
+  components:
+    core:
+      locale: en_US.UTF-8
+      encoding: UTF8
+      # Optional: Override default PostgreSQL user and app database config
+      # postgres_user: postgres
+      # app_user: app
+      # app_database: app_production
+      postgresql:
+        listen_addresses: '*'
+        port: 5432
+        max_connections: 100
+        shared_buffers: 256MB
+
+    repmgr:
+      enabled: false
+      # Optional: Override default repmgr user/database
+      # user: repmgr
+      # database: repmgr
+
+    pgbouncer:
+      enabled: false
+      # Optional: Override default pgbouncer user
+      # user: pgbouncer
+    
+    pgbackrest:
+      enabled: false
+    
+    monitoring:
+      enabled: false
+    
+    ssl:
+      enabled: false
+
+development:
+  <<: *shared
+  primary:
+    host: localhost
+    port: 5432
+
+production:
+  <<: *shared
+
+  # TODO: Configure your primary database server
+  # host: Public IP for SSH deployment (like Kamal)
+  # private_ip: Private/VPC IP for database connections (optional, falls back to host)
+  primary:
+    host: YOUR_PRIMARY_PUBLIC_IP
+    private_ip: YOUR_PRIMARY_PRIVATE_IP
+    label: us-east-1
+
+  # TODO: Add standby servers for HA (optional)
+  # standby:
+  #   - host: YOUR_STANDBY_PUBLIC_IP
+  #     private_ip: YOUR_STANDBY_PRIVATE_IP
+  #     label: us-west-2
+  
+  # Enable components as needed
+  components:
+    repmgr:
+      enabled: false  # Enable for HA with standbys
+  
+  # Secrets: Using Rails credentials (update via: rails credentials:edit)
+  # The $(command) syntax allows executing commands to fetch secrets
+  secrets:
+    superuser_password: $(rails runner "puts Rails.application.credentials.dig(:postgres, :superuser_password)")
+    replication_password: $(rails runner "puts Rails.application.credentials.dig(:postgres, :replication_password)")
+    repmgr_password: $(rails runner "puts Rails.application.credentials.dig(:postgres, :repmgr_password)")
+    pgbouncer_password: $(rails runner "puts Rails.application.credentials.dig(:postgres, :password)")
+    app_password: $(rails runner "puts Rails.application.credentials.dig(:postgres, :password)")
+

data/lib/active_postgres/health_checker.rb

@@ -51,6 +51,27 @@ module ActivePostgres
         end
       end
 
+      # Check pgbouncer on all hosts
+      if config.component_enabled?(:pgbouncer)
+        puts
+        puts '==> Checking PgBouncer...'
+        config.all_hosts.each do |host|
+          print "PgBouncer (#{host})... "
+          pgbouncer_ok = check_pgbouncer_running(host)
+          userlist_ok = check_pgbouncer_userlist(host)
+
+          if pgbouncer_ok && userlist_ok
+            puts '✓'
+          elsif pgbouncer_ok && !userlist_ok
+            puts '✗ (missing app user in userlist)'
+            all_ok = false
+          else
+            puts '✗'
+            all_ok = false
+          end
+        end
+      end
+
       puts
       if all_ok
         puts '✓ All checks passed'
@@ -99,7 +120,8 @@ module ActivePostgres
         label: primary_config&.dig('label') || '-',
         status: check_postgres_running(config.primary_host) ? '✓ running' : '✗ down',
         connections: get_connection_count(config.primary_host),
-        lag: '-'
+        lag: '-',
+        pgbouncer: check_pgbouncer_status(config.primary_host)
       }
 
       # Standbys
@@ -114,7 +136,8 @@ module ActivePostgres
           label: standby_config&.dig('label') || '-',
           status: running ? '✓ streaming' : '✗ down',
           connections: running ? get_connection_count(host) : 0,
-          lag: running ? get_replication_lag(host) : '-'
+          lag: running ? get_replication_lag(host) : '-',
+          pgbouncer: check_pgbouncer_status(host)
         }
       end
 
@@ -128,7 +151,7 @@ module ActivePostgres
     end
 
     def calculate_column_widths(nodes)
-      {
+      cols = {
         role: [4, nodes.map { |n| n[:role].length }.max].max,
         host: [4, nodes.map { |n| n[:host].length }.max].max,
         private_ip: [10, nodes.map { |n| n[:private_ip].to_s.length }.max].max,
@@ -137,12 +160,25 @@ module ActivePostgres
         conn: 5,
         lag: [3, nodes.map { |n| n[:lag].to_s.length }.max].max
       }
+
+      if config.component_enabled?(:pgbouncer)
+        cols[:pgbouncer] = [9, nodes.map { |n| n[:pgbouncer].to_s.length }.max].max
+      end
+
+      cols
     end
 
     def print_table_header(cols)
       fmt = "%-#{cols[:role]}s  %-#{cols[:host]}s  %-#{cols[:private_ip]}s  " \
             "%-#{cols[:label]}s  %-#{cols[:status]}s  %#{cols[:conn]}s  %#{cols[:lag]}s"
-      header = format(fmt, 'Role', 'Host', 'Private IP', 'Label', 'Status', 'Conn', 'Lag')
+      headers = %w[Role Host Private\ IP Label Status Conn Lag]
+
+      if cols[:pgbouncer]
+        fmt += "  %-#{cols[:pgbouncer]}s"
+        headers << 'PgBouncer'
+      end
+
+      header = format(fmt, *headers)
       puts header
       puts '-' * header.length
     end
@@ -150,8 +186,15 @@ module ActivePostgres
     def print_table_row(node, cols)
       fmt = "%-#{cols[:role]}s  %-#{cols[:host]}s  %-#{cols[:private_ip]}s  " \
             "%-#{cols[:label]}s  %-#{cols[:status]}s  %#{cols[:conn]}d  %#{cols[:lag]}s"
-      puts format(fmt, node[:role], node[:host], node[:private_ip], node[:label],
-                  node[:status], node[:connections], node[:lag])
+      values = [node[:role], node[:host], node[:private_ip], node[:label],
+                node[:status], node[:connections], node[:lag]]
+
+      if cols[:pgbouncer]
+        fmt += "  %-#{cols[:pgbouncer]}s"
+        values << node[:pgbouncer]
+      end
+
+      puts format(fmt, *values)
     end
 
     def print_components
@@ -240,5 +283,37 @@ module ActivePostgres
       mb = kb / 1024.0
       "#{mb.round(1)} MB"
     end
+
+    def check_pgbouncer_status(host)
+      return '-' unless config.component_enabled?(:pgbouncer)
+
+      ssh_executor.execute_on_host(host) do
+        result = capture(:sudo, 'systemctl', 'is-active', 'pgbouncer').strip
+        result == 'active' ? '✓ running' : '✗ down'
+      end
+    rescue StandardError
+      '✗ down'
+    end
+
+    def check_pgbouncer_running(host)
+      ssh_executor.execute_on_host(host) do
+        result = capture(:sudo, 'systemctl', 'is-active', 'pgbouncer').strip
+        result == 'active'
+      end
+    rescue StandardError
+      false
+    end
+
+    def check_pgbouncer_userlist(host)
+      app_user = config.app_user
+      return true unless app_user # No app user configured, skip check
+
+      ssh_executor.execute_on_host(host) do
+        userlist = capture(:sudo, 'cat', '/etc/pgbouncer/userlist.txt').strip
+        userlist.include?(app_user)
+      end
+    rescue StandardError
+      false
+    end
   end
 end

data/lib/active_postgres/ssh_executor.rb

@@ -280,7 +280,9 @@ module ActivePostgres
           keys_only: true,
           forward_agent: false,
           auth_methods: ['publickey'],
-          verify_host_key: :never
+          verify_host_key: :never,
+          timeout: 10,
+          number_of_password_prompts: 0
         }
       end
     end

data/lib/active_postgres/standby_deployment_flow.rb

@@ -95,7 +95,7 @@ module ActivePostgres
     def deploy_pgbouncer
       logger.task('Setting up pgbouncer on standby') do
         component = Components::PgBouncer.new(config, ssh_executor, secrets)
-        component.install_on_standby(standby_host) if component.respond_to?(:install_on_standby)
+        component.install_on_standby(standby_host)
       end
     end
 

data/lib/active_postgres/version.rb

@@ -1,3 +1,3 @@
 module ActivePostgres
-  VERSION = '0.4.0'.freeze
+  VERSION = '0.5.0'.freeze
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_postgres
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - BoringCache
@@ -172,6 +172,8 @@ files:
 - lib/active_postgres/error_handler.rb
 - lib/active_postgres/failover.rb
 - lib/active_postgres/generators/active_postgres/install_generator.rb
+- lib/active_postgres/generators/active_postgres/templates/database.active_postgres.yml.erb
+- lib/active_postgres/generators/active_postgres/templates/postgres.yml.erb
 - lib/active_postgres/health_checker.rb
 - lib/active_postgres/installer.rb
 - lib/active_postgres/log_sanitizer.rb
@@ -218,7 +220,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.7
+rubygems_version: 3.7.2
 specification_version: 4
 summary: PostgreSQL High Availability for Rails, made simple
 test_files: []