Skip to content

Commit

Permalink
Use dnf_module resource from yum cookbook (sous-chefs#698)
Browse files Browse the repository at this point in the history 
* Use dnf_module resource from yum cookbook instead of manually shelling out

Signed-off-by: Robert Detjens <[email protected]>

* move documentation out of README

Signed-off-by: Robert Detjens <[email protected]>

* appease mdl

Signed-off-by: Robert Detjens <[email protected]>

* use inline code blocks for default values

Signed-off-by: Robert Detjens <[email protected]>

* remove unneeded dependencies

Signed-off-by: Robert Detjens <[email protected]>
  • Loading branch information
@detjensrobert
detjensrobert authored Oct 7, 2021
1 parent 109d342 commit 7ceec4f
Show file tree
Hide file tree
Showing 15 changed files with 447 additions and 417 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ This file is used to list changes made in the last 3 major versions of the postg

## Unreleased

- Use `dnf_module` resource from yum cookbook instead of manually shelling out
- requires new dependency on `yum` >= 7.2.0
- Remove unneeded `apt` & `yum-epel` dependencies
- Move resource documentation out of README

## 9.0.3 - *2021-08-30*

- Standardise files with files in sous-chefs/repo-management
Expand Down
383 changes: 13 additions & 370 deletions README.md
View file

Large diffs are not rendered by default.

51 changes: 51 additions & 0 deletions documentation/access.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
[Back to resource list](../README.md#Resources)

# postgresql_access

This resource uses the accumulator pattern to build up the `pg_hba.conf` file to make this cookbook more reusable. It directly mirrors the configuration options of the Postgres hba file in the resource and by default notifies the server with a reload to avoid a full restart (and potential outage of service). To revoke access, simply remove the resource and the access change won't be present in the final `pg_hba.conf` on subsequent Chef runs.

## Actions

- `grant` - (default) Creates an access line inside of `pg_hba.conf`

## Properties

| Name | Types | Description | Default | Required? |
| --------------- | ------ | ----------------------------------------------------------------------------------------- | ----------------- | --------- |
| `name` | String | Name of the access resource, this is left as a comment inside the `pg_hba` config | Resource name | yes |
| `source` | String | The cookbook template filename if using a custom template | `pg_hba.conf.erb` | yes |
| `cookbook` | String | The cookbook to look in for the template source | `postgresql` | yes |
| `comment` | String | A comment to leave above the entry in `pg_hba` | | no |
| `access_type` | String | The type of access, e.g. local or host | `local` | yes |
| `access_db` | String | The database to access. Can use `all` for all databases | `all` | yes |
| `access_user` | String | The user accessing the database. Can use `all` for any user | `all` | yes |
| `access_addr` | String | The address(es) allowed access. Not needed if method ident is used since it is local then | | no |
| `access_method` | String | Authentication method to use | `ident` | yes |

## Examples

To grant access to the PostgreSQL user with ident authentication:

```ruby
postgresql_access `local_postgres_superuser` do
comment `Local postgres superuser access`
access_type `local`
access_db `all`
access_user `postgres`
access_method `ident`
end
```

This generates the following line in the `pg_hba.conf`:

```config
# Local postgres superuser access
local all postgres ident
```

**Note**: The template by default generates a local access for Unix domain sockets only to support running the SQL execute resources. In Postgres version 9.1 and higher, the method is `peer` instead of `ident` which is identical. It looks like this:

```config
# "local" is for Unix domain socket connections only
local all all peer
```
30 changes: 30 additions & 0 deletions documentation/client_install.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
[Back to resource list](../README.md#Resources)

# postgresql_client_install

This resource installs PostgreSQL client packages.

## Actions

- `install` - (default) Install client packages

## Properties

| Name | Types | Description | Default | Required? |
| ------------------- | ----------- | ------------------------------------------------------------- | ----------------------------------------- | --------- |
| `version` | String | Version of PostgreSQL to install | `'12'` | no |
| `setup_repo` | Boolean | whether to add the PostgreSQL repo | `true` | no |
| `hba_file` | String | | `#{conf_dir}/main/pg_hba.conf` | no |
| `ident_file` | String | | `#{conf_dir}/main/pg_ident.conf` | no |
| `external_pid_file` | String | | `/var/run/postgresql/#{version}-main.pid` | no |
| `password` | String, nil | Pass in a password, or have the cookbook generate one for you | Random string | no |

## Examples

To install version 9.5:

```ruby
postgresql_client_install 'My PostgreSQL Client install' do
version '9.5'
end
```
38 changes: 38 additions & 0 deletions documentation/database.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
[Back to resource list](../README.md#Resources)

# postgresql_database

This resource manages PostgreSQL databases.

## Actions

- `create` - (default) Creates the given database.
- `drop` - Drops the given database.

## Properties

| Name | Types | Description | Default | Required? |
| ---------- | ------- | ------------------------------------------------------------------- | ------------------- | --------- |
| `database` | String | Name of the database to create | Resource name | yes |
| `user` | String | User which run psql command | `'postgres'` | no |
| `template` | String | Template used to create the new database | `'template1'` | no |
| `host` | String | Define the host server where the database creation will be executed | Not set (localhost) | no |
| `port` | Integer | Define the port of PostgreSQL server | `5432` | no |
| `encoding` | String | Define database encoding | Not set | no |
| `locale` | String | Define database locale | Not set | no |
| `owner` | String | Define the owner of the database | Not set | no |

## Examples

To create database named 'my_app' with owner 'user1':

```ruby
postgresql_database 'my_app' do
owner 'user1'
end
```

## Known issues

On some platforms (e.g. Ubuntu 18.04), your `initdb_locale` should be set to the
same as the template database [GH-555](https://github.com/sous-chefs/postgresql/issues/555).
34 changes: 34 additions & 0 deletions documentation/extension.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
[Back to resource list](../README.md#Resources)

# postgresql_extension

This resource manages PostgreSQL extensions for a given database.

## Actions

- `create` - (default) Creates an extension in a given database
- `drop` - Drops an extension from the database

## Properties

| Name | Types | Description | Default | Required? |
| ------------- | ------ | -------------------------------------------------------------------------------- | ------------- | --------- |
| `database` | String | Name of the database to install the extension into | | yes |
| `extension` | String | Name of the extension to install the database | Resource name | yes |
| `version` | String | Version of the extension to install | | no |
| `old_version` | String | Older module name for new extension replacement. Appends FROM to extension query | | no |

## Examples

To install the `adminpack` extension:

```ruby
# Add the contrib package in Ubuntu/Debian
package 'postgresql-contrib12'

# Install adminpack extension
postgresql_extension 'postgres adminpack' do
database 'postgres'
extension 'adminpack'
end
```
62 changes: 62 additions & 0 deletions documentation/ident.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
[Back to resource list](../README.md#Resources)

# postgresql_ident

This resource generate `pg_ident.conf` configuration file to manage user mapping between system and PostgreSQL users.

## Actions

- `create` - (default) Creates an mapping line inside of `pg_ident.conf`

## Properties

| Name | Types | Description | Default | Required? |
| ------------- | ----------- | -------------------------------------------------------------------------- | --------------------- | --------- |
| `mapname` | String | Name of the user mapping | Resource name | yes |
| `source` | String | The cookbook template filename if you want to use your own custom template | `'pg_ident.conf.erb'` | no |
| `cookbook` | String | The cookbook to look in for the template source | `'postgresql'` | no |
| `comment` | String, nil | A comment to leave above the entry in `pg_ident` | | no |
| `system_user` | String | System user or regexp used for the mapping | | yes |
| `pg_user` | String | Pg user or regexp used for the mapping | | yes |

## Examples

Creates a `mymapping` mapping that map `john` system user to `user1` PostgreSQL user:

```ruby
postgresql_ident 'Map john to user1' do
comment 'John Mapping'
mapname 'mymapping'
system_user 'john'
pg_user 'user1'
end
```

This generates the following line in the `pg_ident.conf`:

```config
# MAPNAME SYSTEM-USERNAME PG-USERNAME
# John Mapping
mymapping john user1
```

To grant access to the foo user with password authentication:

```ruby
postgresql_access 'local_foo_user' do
comment 'Foo user access'
access_type 'host'
access_db 'all'
access_user 'foo'
access_addr '127.0.0.1/32'
access_method 'md5'
end
```

This generates the following line in the `pg_hba.conf`:

```config
# Local postgres superuser access
host all foo 127.0.0.1/32 ident
```
36 changes: 36 additions & 0 deletions documentation/server_conf.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
[Back to resource list](../README.md#Resources)

# postgresql_server_conf

This resource manages the postgresql.conf configuration file.

## Actions

- `modify` - (default) Manage PostgreSQL configuration file (postgresql.conf)

## Properties

| Name | Types | Description | Default | Required? |
| ---------------------- | ------- | --------------------------------------- | --------------------------------------------------- | --------- |
| `additional_config` | Hash | Extra configuration for the config file | `{}` | no |
| `port` | Integer | Set listen port of PostgreSQL service | `5432` | no |
| `version` | String | Version of PostgreSQL to install | `'12'` | no |
| `data_directory` | String | Path of PostgreSQL data directory | `<default_os_data_path>` | no |
| `hba_file` | String | Path of pg_hba.conf file | `<default_os_conf_path>/pg_hba.conf` | no |
| `ident_file` | String | Path of pg_ident.conf file | `<default_os_conf_path>/pg_ident.conf` | no |
| `external_pid_file` | String | Path of PID file | `/var/run/postgresql/<postgresql_version>-main.pid` | no |
| `stats_temp_directory` | String | Path of stats file | `/var/run/postgresql/version>-main.pg_stat_tmp` | no |

## Examples

Setup the PostgreSQL configuration with a specific data directory:

> Note: If you have installed a specific version of PostgreSQL (different from the default version), you must specify that version in this resource too
```ruby
postgresql_server_conf 'My PostgreSQL Config' do
version '9.5'
data_directory '/data/postgresql/9.5/main'
notifies :reload, 'service[postgresql]'
end
```
48 changes: 48 additions & 0 deletions documentation/server_install.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
[Back to resource list](../README.md#Resources)

# postgresql_server_install

This resource installs PostgreSQL client and server packages.

## Actions

- `install` - (default) Install client and server packages
- `create` - Initialize the database

## Properties

| Name | Types | Description | Default | Required? |
| ------------------- | ----------- | -------------------------------------- | -------------------------------------------------- | --------- |
| `version` | String | Version of PostgreSQL to install | `'12'` | no |
| `setup_repo` | Boolean | Whether to add the PostgreSQL repo | `true` | no |
| `hba_file` | String | Path of pg_hba.conf file | `<default_os_path>/pg_hba.conf'` | no |
| `ident_file` | String | Path of pg_ident.conf file | `<default_os_path>/pg_ident.conf` | no |
| `external_pid_file` | String | Path of PID file | `/var/run/postgresql/<version>-main.pid</version>` | no |
| `password` | String, nil | Set PostgreSQL user password | `generate` | no |
| `port` | Integer | Set listen port of PostgreSQL service | `5432` | no |
| `initdb_locale` | String | Locale to initialize the database with | `C` | no |

## Examples

To install PostgreSQL server with default options:

```ruby
postgresql_server_install 'My PostgreSQL Server install' do
action :install
end
```

Install PostgreSQL with a custom password and service port:

```ruby
postgresql_server_install 'Setup my PostgreSQL 9.6 server' do
password 'MyP4ssw0rd'
port 5433
action :create
end
```

## Known issues

On some platforms (e.g. Ubuntu 18.04), your `initdb_locale` should be set to the
same as the template database [GH-555](https://github.com/sous-chefs/postgresql/issues/555).
80 changes: 80 additions & 0 deletions documentation/user.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
[Back to resource list](../README.md#Resources)

# postgresql_user

This resource manage PostgreSQL users.

## Actions

- `create` - (default) Creates the given user with default or given privileges.
- `update` - Update user privileges.
- `drop` - Deletes the given user.

## Properties

| Name | Types | Description | Default | Required?
| -------------------- | ------- | ----------------------------------------------- | ---------- | ---------
| `create_user` | String | User to create (defaults to the resource name) | | yes
| `superuser` | Boolean | Define if user needs superuser role | `false` | no
| `createdb` | Boolean | Define if user needs createdb role | `false` | no
| `createrole` | Boolean | Define if user needs createrole role | `false` | no
| `inherit` | Boolean | Define if user inherits the privileges of roles | `true` | no
| `replication` | Boolean | Define if user needs replication role | `false` | no
| `login` | Boolean | Define if user can login | `true` | no
| `password` | String | Set user's password | | no
| `encrypted_password` | String | Set user's password with an hashed password | | no
| `valid_until` | String | Define an account expiration date | | no
| `attributes` | Hash | Additional attributes for :update action | `{}` | no
| `user` | String | User for command | `postgres` | no
| `database` | String | Database for command | | no
| `host` | String | Hostname for command | | no
| `port` | Integer | Port number to connect to postgres | `5432` | no

## Examples

Create a user `user1` with a password, with `createdb` role and set an expiration date to 2018, Dec 21.

```ruby
postgresql_user 'user1' do
password 'UserP4ssword'
createdb true
valid_until '2018-12-31'
end
```

Create a user `user1` with a password, with `createdb` role and set an expiration date to 2018, Dec 21.

```ruby
postgresql_user 'user1' do
password 'UserP4ssword'
createdb true
valid_until '2018-12-31'
end
```

## Usage

To install and configure your PostgreSQL instance you need to create your own cookbook and call needed resources with your own parameters.

More examples can be found in the test cookbook (`test/cookbooks/test/recipes`)

## Example Usage

```ruby
# cookbooks/my_postgresql/recipes/default.rb

postgresql_client_install 'PostgreSQL Client' do
setup_repo false
version '10.6'
end

postgresql_server_install 'PostgreSQL Server' do
version '10.6'
setup_repo false
password 'P0stgresP4ssword'
end

postgresql_server_conf 'PostgreSQL Config' do
notifies :reload, 'service[postgresql]'
end
```
Loading

0 comments on commit 7ceec4f

Please sign in to comment.