75 lines
2.2 KiB
YAML
75 lines
2.2 KiB
YAML
data_volumes:
|
|
- dev: /dev/vdb
|
|
fstype: ext4
|
|
mountpoint: /var/lib/pgsql
|
|
|
|
postgresql_cert_domain: postgresql.{{ ansible_domain }}
|
|
postgresql_cert_acme_email: '{{ ansible_hostname }}@pyrocufflink.net'
|
|
postgresql_cert_acme_server: https://ca.pyrocufflink.blue:32599/acme/acme/directory
|
|
postgresql_allow_remote: true
|
|
postgresql_allow_sameuser_peer: false
|
|
|
|
postgresql_config:
|
|
listen_addresses: '''*'''
|
|
ssl: 'on'
|
|
ssl_cert_file: '''{{ postgresql_config_dir }}/server.cer'''
|
|
ssl_key_file: '''{{ postgresql_config_dir }}/server.key'''
|
|
ssl_ca_file: '''{{ postgresql_config_dir }}/ca.crt'''
|
|
|
|
archive_mode: '''on'''
|
|
archive_timeout: 5min
|
|
archive_command: '''wal-g-pg --config /etc/postgresql/wal-g.yml wal-push %p'''
|
|
restore_command: '''wal-g-pg --config /etc/postgresql/wal-g.yml wal-fetch %f %p'''
|
|
hot_standby: 'on'
|
|
|
|
pg_hba_extra:
|
|
- type: local
|
|
database: all
|
|
user: postgres-exporter
|
|
address: ''
|
|
method: peer
|
|
- type: hostssl
|
|
database: sameuser
|
|
user: all
|
|
address: 0.0.0.0/0
|
|
method: cert
|
|
- type: hostssl
|
|
database: sameuser
|
|
user: all
|
|
address: '::/0'
|
|
method: cert
|
|
|
|
postgresql_restore_command: >-
|
|
runuser -u postgres --
|
|
wal-g-pg --config /etc/postgresql/wal-g.yml backup-fetch {{ pgdata_dir }} LATEST
|
|
|
|
wal_g_aws_access_key_id: fEbtYLSxFlqIcVtJQgnL
|
|
wal_g_aws_secret_access_key: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
61623564366563643739393364643030396263623537396136373361383735393037373531353435
|
|
6261613634363566633038383030316262336361653866330a363632356465323637356661303961
|
|
35303538323934383734303137336263346666633139343736353765373032333266373061326561
|
|
3232303964393663390a386463376166343032623139386530303631326165313962623738666265
|
|
38646664306637323336626264626339613363653139333439346231356664393330306235656162
|
|
3530393635306637336163663134626238396538373939383035
|
|
|
|
wal_g_pg_config:
|
|
AWS_ACCESS_KEY_ID: '{{ wal_g_aws_access_key_id }}'
|
|
AWS_SECRET_ACCESS_KEY: '{{ wal_g_aws_secret_access_key }}'
|
|
WALG_S3_PREFIX: s3://pgbackup/pyrocufflink/main/@PGVERSION@
|
|
AWS_ENDPOINT: https://s3.backups.pyrocufflink.blue
|
|
PGHOST: /run/postgresql
|
|
WALG_STATSD_ADDRESS: localhost:9125
|
|
|
|
postgresql_users:
|
|
- name: ara
|
|
- name: authelia
|
|
- name: firefly
|
|
- name: homeassistant
|
|
|
|
postgresql_dbs:
|
|
- name: ara
|
|
- name: authelia
|
|
- name: firefly
|
|
- name: homeassistant
|