From 2ce211b5eae3a78296f7bb5e7bc7d6b117bcc949 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sat, 29 Jun 2024 08:00:29 -0500
Subject: [PATCH] hosts: Add db0.p.b

*db0.pyrocufflink.blue* will be the primary server in the new PostgreSQL
database cluster.  We're starting with Fedora 39 so we can have
PostgreSQL 15, to match the version managed by the Postgres Operator in
the Kubernetes cluster right now.
---
 certs/postgresql/db0.pyrocufflink.blue/ca.crt | 16 ++++++++
 deploy/db0.sh                                 | 38 +++++++++++++++++++
 host_vars/db0.pyrocufflink.blue.yml           |  1 +
 hosts                                         |  2 +
 4 files changed, 57 insertions(+)
 create mode 100644 certs/postgresql/db0.pyrocufflink.blue/ca.crt
 create mode 100644 deploy/db0.sh
 create mode 100644 host_vars/db0.pyrocufflink.blue.yml

diff --git a/certs/postgresql/db0.pyrocufflink.blue/ca.crt b/certs/postgresql/db0.pyrocufflink.blue/ca.crt
new file mode 100644
index 0000000..0f6d60e
--- /dev/null
+++ b/certs/postgresql/db0.pyrocufflink.blue/ca.crt
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICdDCCAdWgAwIBAgIUL1+Cb4fApX4aH+ua79i6SHR6TvswCgYIKoZIzj0EAwQw
+VDELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD0R1c3RpbiBDLiBIYXRjaDETMBEGA1UE
+CwwKUG9zdGdyZVNRTDEWMBQGA1UEAwwNUG9zdGdyZVNRTCBDQTAeFw0yNDA2Mjgw
+MTA5MTZaFw0zNDA2MjkwMTA5MTZaMFQxCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9E
+dXN0aW4gQy4gSGF0Y2gxEzARBgNVBAsMClBvc3RncmVTUUwxFjAUBgNVBAMMDVBv
+c3RncmVTUUwgQ0EwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABABCAL2pjV64hEfA
+v5m+ha6mDarYGtVtriPJ8LORdZMyMgO23F30Qp/m7vv+l4zcPFz1+Vb6jZ5gGRVk
+FoesbjFNCwFAAJib5sKFQDPP/vN62FSa43tV6gFSaOVWr88RMafMWtC+RYV8jRXn
+Lyl/TV7r3NBopM+Ug+JcLJ+QFsH656qoXKNCMEAwHQYDVR0OBBYEFPZf0QwZ8K9d
++fwg1SUrRU07NOuYMBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMAoG
+CCqGSM49BAMEA4GMADCBiAJCAOapyvYWl/iVtl9ME7ZAXCxSsBfDkHcBCt89XsGj
+en35pbCtAdkC4MmqMU05kQ6GOrqhgI94nABeMpE0NBGp98eZAkIBu3d8s10RVRNQ
+b5F+CzIhISJLGXbQ5qrCHBL5eMTmr3vpRVl2E5ACD7j8ZX+oXmrkSXpaVztsXAbV
+ilT+dheQSeM=
+-----END CERTIFICATE-----
diff --git a/deploy/db0.sh b/deploy/db0.sh
new file mode 100644
index 0000000..94999c5
--- /dev/null
+++ b/deploy/db0.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+# vim: set ts=4 :
+
+if ! virsh list --all --name | grep -qF db0; then
+	./newvm.sh db0 \
+		--fedora 39 \
+		--memory 8192,currentMemory=2048 \
+		--vcpus 4 \
+		--no-console \
+		-- \
+		--disk pool=default,size=128,cache=none \
+		|| exit
+	sleep 15
+fi
+
+nameserver=$(
+		dig +short -t srv _ldap._tcp.pdc._msdcs.pyrocufflink.blue \
+		| awk '{print $4}'
+) || exit
+nsupdate -g <<EOF || exit
+server ${nameserver%.}
+delete postgresql.pyrocufflink.blue
+add postgresql.pyrocufflink.blue 300 CNAME db0.pyrocufflink.blue.
+send
+EOF
+
+ANSIBLE_HOST_KEY_CHECKING=false \
+ansible-playbook \
+	-l db0.pyrocufflink.blue \
+	wait-for-host.yml \
+	bootstrap.yml \
+	datavol.yml \
+	pyrocufflink.yml \
+	postgresql.yml \
+	-u root \
+	-e ansible_host=db0.local \
+	-e @join.creds \
+	|| exit
diff --git a/host_vars/db0.pyrocufflink.blue.yml b/host_vars/db0.pyrocufflink.blue.yml
new file mode 100644
index 0000000..924929b
--- /dev/null
+++ b/host_vars/db0.pyrocufflink.blue.yml
@@ -0,0 +1 @@
+postgresql_standby: true
diff --git a/hosts b/hosts
index ef263d3..0c83d2a 100644
--- a/hosts
+++ b/hosts
@@ -90,6 +90,7 @@ cloud0.pyrocufflink.blue
 burp1.pyrocufflink.blue
 
 [postgresql]
+db0.pyrocufflink.blue
 
 [public-web]
 web0.pyrocufflink.blue
@@ -101,6 +102,7 @@ pxe0.pyrocufflink.blue
 burp1.pyrocufflink.blue
 bw0.pyrocufflink.blue
 cloud0.pyrocufflink.blue
+db0.pyrocufflink.blue
 dc-grumbly.pyrocufflink.blue
 dc-headphone.pyrocufflink.blue
 file0.pyrocufflink.blue