active_postgres 0.7.0 → 0.9.0

data/templates/pgbackrest.conf.erb

@@ -16,6 +16,21 @@ repo1-s3-endpoint=s3.<%= pgbackrest_config[:s3_region] || 'us-east-1' %>.amazona
 repo1-s3-key=<%= secrets_obj.resolve('s3_access_key') %>
 repo1-s3-key-secret=<%= secrets_obj.resolve('s3_secret_key') %>
 <% end %>
+<% elsif pgbackrest_config[:repo_type] == 'gcs' %>
+repo1-type=gcs
+repo1-path=<%= pgbackrest_config[:repo_path] || '/backups' %>
+repo1-gcs-bucket=<%= pgbackrest_config[:gcs_bucket] %>
+<% if secrets_obj.resolve('gcs_key_file') %>
+repo1-gcs-key=<%= secrets_obj.resolve('gcs_key_file') %>
+<% end %>
+<% elsif pgbackrest_config[:repo_type] == 'azure' %>
+repo1-type=azure
+repo1-path=<%= pgbackrest_config[:repo_path] || '/backups' %>
+repo1-azure-container=<%= pgbackrest_config[:azure_container] %>
+<% if secrets_obj.resolve('azure_account') %>
+repo1-azure-account=<%= secrets_obj.resolve('azure_account') %>
+repo1-azure-key=<%= secrets_obj.resolve('azure_key') %>
+<% end %>
 <% else %>
 # Local storage
 repo1-path=<%= pgbackrest_config[:repo_path] || '/var/lib/pgbackrest' %>
@@ -35,9 +50,22 @@ repo1-cipher-type=aes-256-cbc
 repo1-cipher-pass=<%= secrets_obj.resolve('backup_encryption_key') %>
 <% end %>
 
+# Logging
+log-level-console=info
+log-level-file=detail
+log-path=/var/log/pgbackrest
+
+# Process settings
+process-max=<%= pgbackrest_config[:process_max] || 2 %>
+
+# Start/Stop (for consistent backups)
+start-fast=y
+stop-auto=y
+
 [main]
 pg1-path=/var/lib/postgresql/<%= config.version %>/main
 pg1-port=5432
 pg1-socket-path=/var/run/postgresql
+pg1-user=<%= config.postgres_user %>
 
 

data/templates/pgbouncer-follow-primary.service.erb

@@ -0,0 +1,8 @@
+[Unit]
+Description=Update PgBouncer target to current PostgreSQL primary
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/pgbouncer-follow-primary

data/templates/pgbouncer-follow-primary.timer.erb

@@ -0,0 +1,11 @@
+[Unit]
+Description=Run pgbouncer-follow-primary periodically
+
+[Timer]
+OnBootSec=10s
+OnUnitActiveSec=<%= interval %>s
+AccuracySec=1s
+Unit=pgbouncer-follow-primary.service
+
+[Install]
+WantedBy=timers.target

data/templates/pgbouncer.ini.erb

@@ -49,8 +49,10 @@ log_pooler_errors = <%= pgbouncer_config[:log_pooler_errors] || 1 %>
 client_tls_sslmode = require
 client_tls_key_file = /etc/pgbouncer/server.key
 client_tls_cert_file = /etc/pgbouncer/server.crt
+<% if has_ca_cert %>
 client_tls_ca_file = /etc/pgbouncer/ca.crt
 <% end %>
+<% end %>
 
 # Process management
 <% if pgbouncer_config[:pidfile] %>

data/templates/pgbouncer_follow_primary.sh.erb

@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+REPMGR_CONF="<%= repmgr_conf %>"
+PGBOUNCER_INI="/etc/pgbouncer/pgbouncer.ini"
+PGBOUNCER_SERVICE="pgbouncer"
+LOG_TAG="pgbouncer-follow-primary"
+
+cluster_csv=$(/usr/bin/sudo -u <%= postgres_user %> env HOME=/var/lib/postgresql \
+  repmgr -f "$REPMGR_CONF" cluster show --csv 2>/dev/null || true)
+if [[ -z "$cluster_csv" ]]; then
+  exit 0
+fi
+
+primary_conninfo=$(printf "%s\n" "$cluster_csv" | awk -F',' 'NR>1 && tolower($3) ~ /primary/ {print $NF; exit}')
+if [[ -z "$primary_conninfo" ]]; then
+  exit 0
+fi
+
+primary_host=$(printf "%s" "$primary_conninfo" | sed -n 's/.*host=\\([^ ]*\\).*/\\1/p')
+if [[ -z "$primary_host" ]]; then
+  exit 0
+fi
+
+current_host=$(awk -F'host=' '/^\\* = host=/{print $2}' "$PGBOUNCER_INI" | awk '{print $1}')
+if [[ -z "$current_host" ]]; then
+  exit 0
+fi
+
+if [[ "$current_host" != "$primary_host" ]]; then
+  /usr/bin/sed -i -E "s/^(\\* = host=)[^ ]+/\\1${primary_host}/" "$PGBOUNCER_INI"
+  /usr/bin/systemctl reload "$PGBOUNCER_SERVICE"
+  /usr/bin/logger -t "$LOG_TAG" "Updated PgBouncer primary target to ${primary_host}"
+fi

data/templates/postgresql.conf.erb

@@ -44,9 +44,13 @@ wal_compression = <%= pg_config[:wal_compression] %>
 <% end %>
 <% if pg_config[:archive_mode] %>
 archive_mode = <%= pg_config[:archive_mode] %>
+<% elsif config.component_enabled?(:pgbackrest) %>
+archive_mode = on
 <% end %>
 <% if pg_config[:archive_command] %>
 archive_command = '<%= pg_config[:archive_command] %>'
+<% elsif config.component_enabled?(:pgbackrest) %>
+archive_command = 'pgbackrest --stanza=main archive-push %p'
 <% end %>
 <% if pg_config[:shared_memory_type] %>
 shared_memory_type = <%= pg_config[:shared_memory_type] %>

data/templates/repmgr.conf.erb

@@ -15,14 +15,14 @@ node_name='<%= node_label %>'
   # conninfo describes how OTHER nodes connect to THIS node
   repmgr_host = config.replication_host_for(host)
 %>
-conninfo='host=<%= repmgr_host %> user=<%= config.repmgr_user %> dbname=<%= config.repmgr_database %> password=<%= secrets_obj.resolve('repmgr_password') %> connect_timeout=2'
+conninfo='host=<%= repmgr_host %> user=<%= config.repmgr_user %> dbname=<%= config.repmgr_database %> connect_timeout=2'
 data_directory='/var/lib/postgresql/<%= config.version %>/main'
 
 <% if host == config.primary_host %>
-failover=automatic
+failover=<%= repmgr_config[:auto_failover] == false ? 'manual' : 'automatic' %>
 priority=<%= repmgr_config[:priority] || 100 %>
 <% else %>
-failover=automatic
+failover=<%= repmgr_config[:auto_failover] == false ? 'manual' : 'automatic' %>
 priority=<%= repmgr_config[:priority] || 100 %>
 promote_command='repmgr standby promote -f /etc/repmgr.conf'
 follow_command='repmgr standby follow -f /etc/repmgr.conf --upstream-node-id=%n'
@@ -38,3 +38,7 @@ log_file='/var/log/postgresql/repmgr.log'
 monitoring_history=yes
 monitor_interval_secs=5
 
+<% if repmgr_config[:dns_failover] && repmgr_config[:dns_failover][:enabled] %>
+event_notification_command='/usr/local/bin/active-postgres-dns-failover'
+event_notifications='<%= repmgr_config[:dns_failover][:events] || 'repmgrd_failover_promote,standby_promote,standby_switchover,standby_follow' %>'
+<% end %>

data/templates/repmgr_dns_failover.sh.erb

@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+REPMGR_CONF="/etc/repmgr.conf"
+DNS_USER="<%= dns_user %>"
+DNS_SERVERS=(<%= dns_servers.map(&:to_s).join(' ') %>)
+DNS_SSH_KEY="<%= dns_ssh_key_path %>"
+DNSMASQ_FILE="/etc/dnsmasq.d/active_postgres.conf"
+PRIMARY_RECORD="<%= primary_record %>"
+REPLICA_RECORD="<%= replica_record %>"
+SSH_STRICT_HOST_KEY="<%= ssh_strict_host_key %>"
+SSH_KNOWN_HOSTS="/var/lib/postgresql/.ssh/known_hosts"
+LOG_TAG="active_postgres_dns"
+
+cluster_csv=$(repmgr -f "$REPMGR_CONF" cluster show --csv 2>/dev/null || true)
+if [[ -z "$cluster_csv" ]]; then
+  exit 0
+fi
+
+primary_host=$(printf "%s\n" "$cluster_csv" | awk -F',' 'NR>1 && tolower($3) ~ /primary/ {print $NF; exit}' | sed -n 's/.*host=\\([^ ]*\\).*/\\1/p')
+standby_hosts=$(printf "%s\n" "$cluster_csv" | awk -F',' 'NR>1 && tolower($3) ~ /standby/ {print $NF}' | sed -n 's/.*host=\\([^ ]*\\).*/\\1/p' | sort -u)
+
+if [[ -z "$primary_host" ]]; then
+  exit 0
+fi
+
+content=$'# Managed by active_postgres\n'
+printf -v content '%saddress=/%s/%s\n' "$content" "$PRIMARY_RECORD" "$primary_host"
+
+if [[ -n "$standby_hosts" ]]; then
+  for host in $standby_hosts; do
+    printf -v content '%saddress=/%s/%s\n' "$content" "$REPLICA_RECORD" "$host"
+  done
+fi
+
+ssh_opts=(-i "$DNS_SSH_KEY" -o BatchMode=yes -o StrictHostKeyChecking="$SSH_STRICT_HOST_KEY" -o UserKnownHostsFile="$SSH_KNOWN_HOSTS")
+
+for server in "${DNS_SERVERS[@]}"; do
+  if [[ -z "$server" ]]; then
+    continue
+  fi
+
+  if ! /usr/bin/ssh "${ssh_opts[@]}" "${DNS_USER}@${server}" \
+    "sudo bash -c 'cat > ${DNSMASQ_FILE} << \"EOF\"\\n${content}EOF\\n' && (sudo systemctl reload dnsmasq || sudo systemctl restart dnsmasq)"; then
+    /usr/bin/logger -t "$LOG_TAG" "Failed updating dnsmasq on ${server}"
+  fi
+done
+
+/usr/bin/logger -t "$LOG_TAG" "Updated DNS records for ${PRIMARY_RECORD} and ${REPLICA_RECORD} (primary=${primary_host})"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: active_postgres
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.9.0
 platform: ruby
 authors:
 - BoringCache
@@ -169,6 +169,7 @@ files:
 - lib/active_postgres/connection_pooler.rb
 - lib/active_postgres/credentials.rb
 - lib/active_postgres/deployment_flow.rb
+- lib/active_postgres/direct_executor.rb
 - lib/active_postgres/error_handler.rb
 - lib/active_postgres/failover.rb
 - lib/active_postgres/generators/active_postgres/install_generator.rb
@@ -194,9 +195,13 @@ files:
 - lib/tasks/rotate_credentials.rake
 - templates/pg_hba.conf.erb
 - templates/pgbackrest.conf.erb
+- templates/pgbouncer-follow-primary.service.erb
+- templates/pgbouncer-follow-primary.timer.erb
 - templates/pgbouncer.ini.erb
+- templates/pgbouncer_follow_primary.sh.erb
 - templates/postgresql.conf.erb
 - templates/repmgr.conf.erb
+- templates/repmgr_dns_failover.sh.erb
 homepage: https://github.com/boringcache/active_postgres
 licenses:
 - MIT
@@ -220,7 +225,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.7.2
+rubygems_version: 3.6.9
 specification_version: 4
 summary: PostgreSQL High Availability for Rails, made simple
 test_files: []