dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
995 Commits
14 Branches
0 Tags
7.3 MiB
Commit Graph

7 Commits (2d5f9e66c1c1c2b1db970b564ff0176273a1a727)

Author SHA1 Message Date
Dustin a0c5ffc869 postgresql: Collect Wal-G metrics with statsd_exporter 
_wal-g_ can send StatsD metrics when it completes an upload/backup/etc.
task.  Using the `statsd_exporter`, we can capture these metrics and
make them available to Victoria Metrics.
 2024-10-13 20:01:19 -05:00
Dustin 72936b3868 postgresql: Allow access by IPv6 
Since LAN clients have IPv6 addresses now, some may try to connect to
the database over IPv6, so we need to allow this in the host-based
authentication rules.
 2024-09-02 21:20:26 -05:00
Dustin e323324c54 postgresql: Switch wal-g to use new MinIO server 
Switching to the MinIO server on _chromie.pyrocufflink.blue_ as
_burp1.pyrocufflink.blue_ is being decommissioned.
 2024-09-01 09:01:04 -05:00
Dustin 4f202c55e4 r/postgres-exporter: Deploy postgres-exporter 
The [postgres-exporter][0] exposes PostgreSQL server statistics to
Prometheus.  It connects to a specified PostgreSQL server (in this
case, a server on the local machine via UNIX socket) and collects data
from the `pg_stat_activity`, et al. views.  It needs the `pg_monitor`
role in order to be allowed to read the relevant metrics.

Since we're setting up the exporter to connect via UNIX socket, it needs
a dedicated OS user to match the PostgreSQL user in order to
authenticate via the _peer_ method.

[0]: https://github.com/prometheus-community/postgres_exporter/
 2024-07-02 20:44:29 -05:00
Dustin 3f5550ee6c postgresql: wal-g: Set PGHOST 
By default, WAL-G tries to connect to the PostgreSQL server via TCP
socket on the loopback interface.  Our HBA configuration requires
certificate authentication for TCP sockets, so we need to configure
WAL-G to use the UNIX socket.
 2024-07-02 20:44:29 -05:00
Dustin 6caf28259e hosts: db0: Promote to primary 
All data have been migrated from the PostgreSQL server in Kubernetes and
the three applications that used it (Firefly-III, Authelia, and Home
Assistant) have been updated to point to the new server.

To avoid comingling the backups from the old server with those from the
new server, we're reconfiguring WAL-G to push and pull from a new S3
prefix.
 2024-07-02 20:44:29 -05:00
Dustin 208fadd2ba postgresql: Configure for dedicated DB servers 
I am going to use the *postgresql* group for the dedicated database
servers.  The configuration for those machines will be quite a bit
different than for the one existing machine that is a member of that
group already: the Nextcloud server.  Rather than undefine/override all
the group-level settings at the host level, I have removed the Nextcloud
server from the *postgresql* group, and updated the `nextcloud.yml`
playbook to apply the *postgresql-server* role itself.

Eventually, I want to move the Nextcloud database to the central
database servers.  At that point, I will remove the *postgresql-server*
role from the `nextcloud.yml` playbook.
 2024-07-02 20:44:29 -05:00