From 07ab014ddc490b2ecbb121cad3fdd32065ce3cb0 Mon Sep 17 00:00:00 2001 From: Douglas J Hunley Date: Mon, 6 Oct 2025 11:23:41 -0400 Subject: [PATCH 1/7] refactor(postgresql.conf): configure postgresql.conf to use 'include_dir' directive and move logging.conf into the postgresql-customer dir --- ansible/files/postgresql_config/postgresql.conf.j2 | 4 +--- ansible/tasks/finalize-ami.yml | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/ansible/files/postgresql_config/postgresql.conf.j2 b/ansible/files/postgresql_config/postgresql.conf.j2 index 5d4237068..e22a2199b 100644 --- a/ansible/files/postgresql_config/postgresql.conf.j2 +++ b/ansible/files/postgresql_config/postgresql.conf.j2 @@ -428,8 +428,6 @@ effective_cache_size = 128MB # REPORTING AND LOGGING #------------------------------------------------------------------------------ -include = '/etc/postgresql/logging.conf' - # These are relevant when logging to syslog: #syslog_facility = 'LOCAL0' #syslog_ident = 'postgres' @@ -750,7 +748,7 @@ jit_provider = 'llvmjit' # JIT library to use # default postgresql.conf. Note that these are directives, not variable # assignments, so they can usefully be given more than once. -#include_dir = '...' # include files ending in '.conf' from +include_dir = '/etc/postgresql-custom' # include files ending in '.conf' from # a directory, e.g., 'conf.d' #include_if_exists = '...' # include file only if it exists #include = '...' # include file diff --git a/ansible/tasks/finalize-ami.yml b/ansible/tasks/finalize-ami.yml index 7f0de3ac8..0e4210dc2 100644 --- a/ansible/tasks/finalize-ami.yml +++ b/ansible/tasks/finalize-ami.yml @@ -1,7 +1,7 @@ - name: PG logging conf template: src: files/postgresql_config/postgresql-csvlog.conf - dest: /etc/postgresql/logging.conf + dest: /etc/postgresql-custom/logging.conf group: postgres - name: UFW - Allow SSH connections From e0426ee4bbfac762ae41e6b6af193658b030b82f Mon Sep 17 00:00:00 2001 From: Douglas J Hunley Date: Mon, 6 Oct 2025 13:03:59 -0400 Subject: [PATCH 2/7] refactor(ansible): rename all conf files in /etc/postgresql-custom to preserve ordering --- Dockerfile-15 | 11 +- Dockerfile-17 | 13 +- Dockerfile-orioledb-17 | 13 +- .../pg_upgrade_scripts/initiate.sh | 2 +- .../files/database-optimizations.service.j2 | 2 +- ansible/files/postgres_prestart.sh.j2 | 4 +- .../postgresql_config/postgresql.conf.j2 | 633 +----------------- ansible/tasks/finalize-ami.yml | 2 +- ansible/tasks/internal/supautils.yml | 11 +- ansible/tasks/setup-docker.yml | 12 +- ansible/tasks/setup-postgres.yml | 10 +- ansible/tasks/setup-supabase-internal.yml | 14 - ansible/tasks/setup-wal-g.yml | 12 +- ansible/tasks/stage2-setup-postgres.yml | 6 +- nix/packages/lib.nix | 13 +- nix/tools/run-server.sh.in | 22 +- 16 files changed, 64 insertions(+), 716 deletions(-) diff --git a/Dockerfile-15 b/Dockerfile-15 index f1b0f4558..865fca330 100644 --- a/Dockerfile-15 +++ b/Dockerfile-15 @@ -162,20 +162,19 @@ COPY --from=walg /tmp/wal-g /usr/local/bin/ COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh -COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/04-read-replica.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/03-wal-g.conf COPY --chown=postgres:postgres ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh COPY ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh RUN sed -i \ -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \ - -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \ - -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \ + /etc/postgresql/postgresql.conf && \ echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \ #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \ echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ diff --git a/Dockerfile-17 b/Dockerfile-17 index 7db870ad8..ef41f93b1 100644 --- a/Dockerfile-17 +++ b/Dockerfile-17 @@ -162,20 +162,19 @@ COPY --from=walg /tmp/wal-g /usr/local/bin/ COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh -COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/04-read-replica.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/03-wal-g.conf COPY --chown=postgres:postgres ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh COPY ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh RUN sed -i \ -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \ - -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \ - -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \ + /etc/postgresql/postgresql.conf && \ echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \ #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \ echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ @@ -189,7 +188,7 @@ RUN sed -i \ RUN sed -i 's/ timescaledb,//g;' "/etc/postgresql/postgresql.conf" #as of pg 16.4 + this db_user_namespace totally deprecated and will break the server if setting is present RUN sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "/etc/postgresql/postgresql.conf" -RUN sed -i 's/ timescaledb,//g; s/ plv8,//g' "/etc/postgresql-custom/supautils.conf" +RUN sed -i 's/ timescaledb,//g; s/ plv8,//g' "/etc/postgresql-custom/05-supautils.conf" diff --git a/Dockerfile-orioledb-17 b/Dockerfile-orioledb-17 index 0df0b9df0..ff35a42c7 100644 --- a/Dockerfile-orioledb-17 +++ b/Dockerfile-orioledb-17 @@ -162,20 +162,19 @@ COPY --from=walg /tmp/wal-g /usr/local/bin/ COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh -COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/04-read-replica.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/03-wal-g.conf COPY --chown=postgres:postgres ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh COPY ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh RUN sed -i \ -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \ - -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \ - -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \ + /etc/postgresql/postgresql.conf && \ echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \ #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \ echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ @@ -189,7 +188,7 @@ RUN sed -i \ RUN sed -i 's/ timescaledb,//g;' "/etc/postgresql/postgresql.conf" #as of pg 16.4 + this db_user_namespace totally deprecated and will break the server if setting is present RUN sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "/etc/postgresql/postgresql.conf" -RUN sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ postgis,//g; s/ pgrouting,//g' "/etc/postgresql-custom/supautils.conf" +RUN sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ postgis,//g; s/ pgrouting,//g' "/etc/postgresql-custom/05-supautils.conf" RUN sed -i 's/\(shared_preload_libraries.*\)'\''\(.*\)$/\1, orioledb'\''\2/' "/etc/postgresql/postgresql.conf" RUN echo "default_table_access_method = 'orioledb'" >> "/etc/postgresql/postgresql.conf" diff --git a/ansible/files/admin_api_scripts/pg_upgrade_scripts/initiate.sh b/ansible/files/admin_api_scripts/pg_upgrade_scripts/initiate.sh index 71016a294..5f1e7ed87 100755 --- a/ansible/files/admin_api_scripts/pg_upgrade_scripts/initiate.sh +++ b/ansible/files/admin_api_scripts/pg_upgrade_scripts/initiate.sh @@ -515,7 +515,7 @@ EOF mkdir -p "$MOUNT_POINT/conf" cp -R /etc/postgresql-custom/* "$MOUNT_POINT/conf/" # removing supautils config as to allow the latest one provided by the latest image to be used - rm -f "$MOUNT_POINT/conf/supautils.conf" || true + rm -f "$MOUNT_POINT/conf/05-supautils.conf" || true rm -rf "$MOUNT_POINT/conf/extension-custom-scripts" || true # removing wal-g config as to allow it to be explicitly enabled on the new instance diff --git a/ansible/files/database-optimizations.service.j2 b/ansible/files/database-optimizations.service.j2 index f25fc09c6..f2ad41ead 100644 --- a/ansible/files/database-optimizations.service.j2 +++ b/ansible/files/database-optimizations.service.j2 @@ -4,7 +4,7 @@ Description=Postgresql optimizations [Service] Type=oneshot # we do not want failures from these commands to cause downstream service startup to fail -ExecStart=-/opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/generated-optimizations.conf +ExecStart=-/opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/01-generated-optimizations.conf ExecStart=-/opt/supabase-admin-api optimize pgbouncer --destination-config-file-path /etc/pgbouncer-custom/generated-optimizations.ini User=adminapi diff --git a/ansible/files/postgres_prestart.sh.j2 b/ansible/files/postgres_prestart.sh.j2 index cc8ff53c6..da722cb3c 100644 --- a/ansible/files/postgres_prestart.sh.j2 +++ b/ansible/files/postgres_prestart.sh.j2 @@ -15,7 +15,7 @@ check_orioledb_enabled() { } get_shared_buffers() { - local opt_conf="/etc/postgresql-custom/generated-optimizations.conf" + local opt_conf="/etc/postgresql-custom/01-generated-optimizations.conf" if [ ! -f "$opt_conf" ]; then return 0 fi @@ -134,4 +134,4 @@ if [ $(locale -a | grep -c en_US.utf8) -eq 0 ]; then locale-gen fi -main \ No newline at end of file +main diff --git a/ansible/files/postgresql_config/postgresql.conf.j2 b/ansible/files/postgresql_config/postgresql.conf.j2 index e22a2199b..1652aeb00 100644 --- a/ansible/files/postgresql_config/postgresql.conf.j2 +++ b/ansible/files/postgresql_config/postgresql.conf.j2 @@ -1,55 +1,15 @@ # ----------------------------- # PostgreSQL configuration file # ----------------------------- -# -# This file consists of lines of the form: -# -# name = value -# -# (The "=" is optional.) Whitespace may be used. Comments are introduced with -# "#" anywhere on a line. The complete list of parameter names and allowed -# values can be found in the PostgreSQL documentation. -# -# The commented-out settings shown in this file represent the default values. -# Re-commenting a setting is NOT sufficient to revert it to the default value; -# you need to reload the server. -# -# This file is read on server startup and when the server receives a SIGHUP -# signal. If you edit the file on a running system, you have to SIGHUP the -# server for the changes to take effect, run "pg_ctl reload", or execute -# "SELECT pg_reload_conf()". Some parameters, which are marked below, -# require a server shutdown and restart to take effect. -# -# Any parameter can also be given as a command-line option to the server, e.g., -# "postgres -c log_connections=on". Some parameters can be changed at run time -# with the "SET" SQL command. -# -# Memory units: B = bytes Time units: us = microseconds -# kB = kilobytes ms = milliseconds -# MB = megabytes s = seconds -# GB = gigabytes min = minutes -# TB = terabytes h = hours -# d = days #------------------------------------------------------------------------------ # FILE LOCATIONS #------------------------------------------------------------------------------ -# The default values of these variables are driven from the -D command-line -# option or PGDATA environment variable, represented here as ConfigDir. - -data_directory = '/var/lib/postgresql/data' # use data in another directory - # (change requires restart) -hba_file = '/etc/postgresql/pg_hba.conf' # host-based authentication file - # (change requires restart) -ident_file = '/etc/postgresql/pg_ident.conf' # ident configuration file - # (change requires restart) - -# If external_pid_file is not explicitly set, no extra PID file is written. -#external_pid_file = '' # write an extra PID file - # (change requires restart) - +data_directory = '/var/lib/postgresql/data' # use data in another directory (change requires restart) +hba_file = '/etc/postgresql/pg_hba.conf' # host-based authentication file (change requires restart) +ident_file = '/etc/postgresql/pg_ident.conf' # ident configuration file (change requires restart) #------------------------------------------------------------------------------ # CONNECTIONS AND AUTHENTICATION @@ -57,48 +17,12 @@ ident_file = '/etc/postgresql/pg_ident.conf' # ident configuration file # - Connection Settings - -listen_addresses = '*' # what IP address(es) to listen on; - # comma-separated list of addresses; - # defaults to 'localhost'; use '*' for all - # (change requires restart) -#port = 5432 # (change requires restart) -#max_connections = 100 # (change requires restart) -#superuser_reserved_connections = 3 # (change requires restart) -#unix_socket_directories = '/tmp' # comma-separated list of directories - # (change requires restart) -#unix_socket_group = '' # (change requires restart) -#unix_socket_permissions = 0777 # begin with 0 to use octal notation - # (change requires restart) -#bonjour = off # advertise server via Bonjour - # (change requires restart) -#bonjour_name = '' # defaults to the computer name - # (change requires restart) - -# - TCP settings - -# see "man tcp" for details - -#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; - # 0 selects the system default -#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; - # 0 selects the system default -#tcp_keepalives_count = 0 # TCP_KEEPCNT; - # 0 selects the system default -#tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds; - # 0 selects the system default - -#client_connection_check_interval = 0 # time between checks for client - # disconnection while running queries; - # 0 for never +listen_addresses = '*' # what IP address(es) to listen on; comma-separated list of addresses; defaults to 'localhost'; use '*' for all (change requires restart) # - Authentication - authentication_timeout = 1min # 1s-600s password_encryption = scram-sha-256 # scram-sha-256 or md5 -db_user_namespace = off - -# GSSAPI using Kerberos -#krb_server_keyfile = 'FILE:${sysconfdir}/krb5.keytab' -#krb_caseins_users = off # - SSL - @@ -124,77 +48,7 @@ ssl_passphrase_command_supports_reload = off # - Memory - -shared_buffers = 128MB # min 128kB - # (change requires restart) -#huge_pages = try # on, off, or try - # (change requires restart) -#huge_page_size = 0 # zero for system default - # (change requires restart) -#temp_buffers = 8MB # min 800kB -#max_prepared_transactions = 0 # zero disables the feature - # (change requires restart) -# Caution: it is not advisable to set max_prepared_transactions nonzero unless -# you actively intend to use prepared transactions. -#work_mem = 4MB # min 64kB -#hash_mem_multiplier = 1.0 # 1-1000.0 multiplier on hash table work_mem -#maintenance_work_mem = 64MB # min 1MB -#autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem -#logical_decoding_work_mem = 64MB # min 64kB -#max_stack_depth = 2MB # min 100kB -#shared_memory_type = mmap # the default is the first option - # supported by the operating system: - # mmap - # sysv - # windows - # (change requires restart) -#dynamic_shared_memory_type = posix # the default is the first option - # supported by the operating system: - # posix - # sysv - # windows - # mmap - # (change requires restart) -#min_dynamic_shared_memory = 0MB # (change requires restart) - -# - Disk - - -#temp_file_limit = -1 # limits per-process temp file space - # in kilobytes, or -1 for no limit - -# - Kernel Resources - - -#max_files_per_process = 1000 # min 64 - # (change requires restart) - -# - Cost-Based Vacuum Delay - - -#vacuum_cost_delay = 0 # 0-100 milliseconds (0 disables) -#vacuum_cost_page_hit = 1 # 0-10000 credits -#vacuum_cost_page_miss = 2 # 0-10000 credits -#vacuum_cost_page_dirty = 20 # 0-10000 credits -#vacuum_cost_limit = 200 # 1-10000 credits - -# - Background Writer - - -#bgwriter_delay = 200ms # 10-10000ms between rounds -#bgwriter_lru_maxpages = 100 # max buffers written/round, 0 disables -#bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round -#bgwriter_flush_after = 0 # measured in pages, 0 disables - -# - Asynchronous Behavior - - -#backend_flush_after = 0 # measured in pages, 0 disables -#effective_io_concurrency = 1 # 1-1000; 0 disables prefetching -#maintenance_io_concurrency = 10 # 1-1000; 0 disables prefetching -#max_worker_processes = 8 # (change requires restart) -#max_parallel_workers_per_gather = 2 # taken from max_parallel_workers -#max_parallel_maintenance_workers = 2 # taken from max_parallel_workers -#max_parallel_workers = 8 # maximum number of max_worker_processes that - # can be used in parallel operations -#parallel_leader_participation = on -#old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate - # (change requires restart) - +shared_buffers = 128MB # min 128kB (change requires restart) #------------------------------------------------------------------------------ # WRITE-AHEAD LOG @@ -202,90 +56,12 @@ shared_buffers = 128MB # min 128kB # - Settings - -wal_level = logical # minimal, replica, or logical - # (change requires restart) -#fsync = on # flush data to disk for crash safety - # (turning this off can cause - # unrecoverable data corruption) -#synchronous_commit = on # synchronization level; - # off, local, remote_write, remote_apply, or on -#wal_sync_method = fsync # the default is the first option - # supported by the operating system: - # open_datasync - # fdatasync (default on Linux and FreeBSD) - # fsync - # fsync_writethrough - # open_sync -#full_page_writes = on # recover from partial page writes -#wal_log_hints = off # also do full page writes of non-critical updates - # (change requires restart) -#wal_compression = off # enable compression of full-page writes -#wal_init_zero = on # zero-fill new WAL files -#wal_recycle = on # recycle WAL files -#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers - # (change requires restart) -#wal_writer_delay = 200ms # 1-10000 milliseconds -#wal_writer_flush_after = 1MB # measured in pages, 0 disables -#wal_skip_threshold = 2MB - -#commit_delay = 0 # range 0-100000, in microseconds -#commit_siblings = 5 # range 1-1000 +wal_level = logical # minimal, replica, or logical (change requires restart) # - Checkpoints - -#checkpoint_timeout = 5min # range 30s-1d checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 -checkpoint_flush_after = 256kB # measured in pages, 0 disables -#checkpoint_warning = 30s # 0 disables -#max_wal_size = 1GB -#min_wal_size = 80MB - -# - Archiving - - -#archive_mode = off # enables archiving; off, on, or always - # (change requires restart) -#archive_command = '' # command to use to archive a logfile segment - # placeholders: %p = path of file to archive - # %f = file name only - # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' -#archive_timeout = 0 # force a logfile segment switch after this - # number of seconds; 0 disables - -# - Archive Recovery - - -# These are only used in recovery mode. - -#restore_command = '' # command to use to restore an archived logfile segment - # placeholders: %p = path of file to restore - # %f = file name only - # e.g. 'cp /mnt/server/archivedir/%f %p' -#archive_cleanup_command = '' # command to execute at every restartpoint -#recovery_end_command = '' # command to execute at completion of recovery - -# - Recovery Target - - -# Set these only when performing a targeted recovery. - -#recovery_target = '' # 'immediate' to end recovery as soon as a - # consistent state is reached - # (change requires restart) -#recovery_target_name = '' # the named restore point to which recovery will proceed - # (change requires restart) -#recovery_target_time = '' # the time stamp up to which recovery will proceed - # (change requires restart) -#recovery_target_xid = '' # the transaction ID up to which recovery will proceed - # (change requires restart) -#recovery_target_lsn = '' # the WAL LSN up to which recovery will proceed - # (change requires restart) -#recovery_target_inclusive = on # Specifies whether to stop: - # just after the specified recovery target (on) - # just before the recovery target (off) - # (change requires restart) -#recovery_target_timeline = 'latest' # 'current', 'latest', or timeline ID - # (change requires restart) -#recovery_target_action = 'pause' # 'pause', 'promote', 'shutdown' - # (change requires restart) - +checkpoint_flush_after = 32 # measured in 8k pages, 0 disables #------------------------------------------------------------------------------ # REPLICATION @@ -295,216 +71,24 @@ checkpoint_flush_after = 256kB # measured in pages, 0 disables # Set these on the primary and on any standby that will send replication data. -max_wal_senders = 10 # max number of walsender processes - # (change requires restart) -max_replication_slots = 5 # max number of replication slots - # (change requires restart) -#wal_keep_size = 0 # in megabytes; 0 disables +max_wal_senders = 10 # max number of walsender processes (change requires restart) +max_replication_slots = 5 # max number of replication slots (change requires restart) max_slot_wal_keep_size = 4096 # in megabytes; -1 disables -#wal_sender_timeout = 60s # in milliseconds; 0 disables -#track_commit_timestamp = off # collect timestamp of transaction commit - # (change requires restart) - -# - Primary Server - - -# These settings are ignored on a standby server. - -#synchronous_standby_names = '' # standby servers that provide sync rep - # method to choose sync standbys, number of sync standbys, - # and comma-separated list of application_name - # from standby(s); '*' = all -#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed - -# - Standby Servers - - -# These settings are ignored on a primary server. - -#primary_conninfo = '' # connection string to sending server -#primary_slot_name = '' # replication slot on sending server -#promote_trigger_file = '' # file name whose presence ends recovery -#hot_standby = on # "off" disallows queries during recovery - # (change requires restart) -#max_standby_archive_delay = 30s # max delay before canceling queries - # when reading WAL from archive; - # -1 allows indefinite delay -#max_standby_streaming_delay = 30s # max delay before canceling queries - # when reading streaming WAL; - # -1 allows indefinite delay -#wal_receiver_create_temp_slot = off # create temp slot if primary_slot_name - # is not set -#wal_receiver_status_interval = 10s # send replies at least this often - # 0 disables -#hot_standby_feedback = off # send info from standby to prevent - # query conflicts -#wal_receiver_timeout = 60s # time that receiver waits for - # communication from primary - # in milliseconds; 0 disables -#wal_retrieve_retry_interval = 5s # time to wait before retrying to - # retrieve WAL after a failed attempt -#recovery_min_apply_delay = 0 # minimum delay for applying changes during recovery - -# - Subscribers - - -# These settings are ignored on a publisher. - -#max_logical_replication_workers = 4 # taken from max_worker_processes - # (change requires restart) -#max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers - #------------------------------------------------------------------------------ # QUERY TUNING #------------------------------------------------------------------------------ -# - Planner Method Configuration - - -#enable_async_append = on -#enable_bitmapscan = on -#enable_gathermerge = on -#enable_hashagg = on -#enable_hashjoin = on -#enable_incremental_sort = on -#enable_indexscan = on -#enable_indexonlyscan = on -#enable_material = on -#enable_resultcache = on -#enable_mergejoin = on -#enable_nestloop = on -#enable_parallel_append = on -#enable_parallel_hash = on -#enable_partition_pruning = on -#enable_partitionwise_join = off -#enable_partitionwise_aggregate = off -#enable_seqscan = on -#enable_sort = on -#enable_tidscan = on - # - Planner Cost Constants - -#seq_page_cost = 1.0 # measured on an arbitrary scale -#random_page_cost = 4.0 # same scale as above -#cpu_tuple_cost = 0.01 # same scale as above -#cpu_index_tuple_cost = 0.005 # same scale as above -#cpu_operator_cost = 0.0025 # same scale as above -#parallel_setup_cost = 1000.0 # same scale as above -#parallel_tuple_cost = 0.1 # same scale as above -#min_parallel_table_scan_size = 8MB -#min_parallel_index_scan_size = 512kB effective_cache_size = 128MB -#jit_above_cost = 100000 # perform JIT compilation if available - # and query more expensive than this; - # -1 disables -#jit_inline_above_cost = 500000 # inline small functions if query is - # more expensive than this; -1 disables -#jit_optimize_above_cost = 500000 # use expensive JIT optimizations if - # query is more expensive than this; - # -1 disables - -# - Genetic Query Optimizer - - -#geqo = on -#geqo_threshold = 12 -#geqo_effort = 5 # range 1-10 -#geqo_pool_size = 0 # selects default based on effort -#geqo_generations = 0 # selects default based on effort -#geqo_selection_bias = 2.0 # range 1.5-2.0 -#geqo_seed = 0.0 # range 0.0-1.0 - -# - Other Planner Options - - -#default_statistics_target = 100 # range 1-10000 -#constraint_exclusion = partition # on, off, or partition -#cursor_tuple_fraction = 0.1 # range 0.0-1.0 -#from_collapse_limit = 8 -#jit = on # allow JIT compilation -#join_collapse_limit = 8 # 1 disables collapsing of explicit - # JOIN clauses -#plan_cache_mode = auto # auto, force_generic_plan or - # force_custom_plan - - #------------------------------------------------------------------------------ # REPORTING AND LOGGING #------------------------------------------------------------------------------ -# These are relevant when logging to syslog: -#syslog_facility = 'LOCAL0' -#syslog_ident = 'postgres' -#syslog_sequence_numbers = on -#syslog_split_messages = on - -# This is only relevant when logging to eventlog (Windows): -# (change requires restart) -#event_source = 'PostgreSQL' - -# - When to Log - - -#log_min_messages = warning # values in order of decreasing detail: - # debug5 - # debug4 - # debug3 - # debug2 - # debug1 - # info - # notice - # warning - # error - # log - # fatal - # panic - -#log_min_error_statement = error # values in order of decreasing detail: - # debug5 - # debug4 - # debug3 - # debug2 - # debug1 - # info - # notice - # warning - # error - # log - # fatal - # panic (effectively off) - -#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements - # and their durations, > 0 logs only - # statements running at least this number - # of milliseconds - -#log_min_duration_sample = -1 # -1 is disabled, 0 logs a sample of statements - # and their durations, > 0 logs only a sample of - # statements running at least this number - # of milliseconds; - # sample fraction is determined by log_statement_sample_rate - -#log_statement_sample_rate = 1.0 # fraction of logged statements exceeding - # log_min_duration_sample to be logged; - # 1.0 logs all such statements, 0.0 never logs - - -#log_transaction_sample_rate = 0.0 # fraction of transactions whose statements - # are logged regardless of their duration; 1.0 logs all - # statements from all transactions, 0.0 never logs - # - What to Log - -#debug_print_parse = off -#debug_print_rewritten = off -#debug_print_plan = off -#debug_pretty_print = on -#log_autovacuum_min_duration = -1 # log autovacuum activity; - # -1 disables, 0 logs all actions and - # their durations, > 0 logs only - # actions running at least this number - # of milliseconds. -#log_checkpoints = off -#log_connections = off -#log_disconnections = off -#log_duration = off -#log_error_verbosity = default # terse, default, or verbose messages -#log_hostname = off log_line_prefix = '%h %m [%p] %q%u@%d ' # special values: # %a = application name # %u = user name @@ -529,86 +113,14 @@ log_line_prefix = '%h %m [%p] %q%u@%d ' # special values: # processes # %% = '%' # e.g. '<%u%%%d> ' -#log_lock_waits = off # log lock waits >= deadlock_timeout -#log_recovery_conflict_waits = off # log standby recovery conflict waits - # >= deadlock_timeout -#log_parameter_max_length = -1 # when logging statements, limit logged - # bind-parameter values to N bytes; - # -1 means print in full, 0 disables -#log_parameter_max_length_on_error = 0 # when logging an error, limit logged - # bind-parameter values to N bytes; - # -1 means print in full, 0 disables log_statement = 'ddl' # none, ddl, mod, all -#log_replication_commands = off -#log_temp_files = -1 # log temporary files equal or larger - # than the specified size in kilobytes; - # -1 disables, 0 logs all temp files log_timezone = 'UTC' #------------------------------------------------------------------------------ # PROCESS TITLE #------------------------------------------------------------------------------ -cluster_name = 'main' # added to process titles if nonempty - # (change requires restart) -#update_process_title = on - - -#------------------------------------------------------------------------------ -# STATISTICS -#------------------------------------------------------------------------------ - -# - Query and Index Statistics Collector - - -#track_activities = on -#track_activity_query_size = 1024 # (change requires restart) -#track_counts = on -#track_io_timing = off -#track_wal_io_timing = off -#track_functions = none # none, pl, all -#stats_temp_directory = 'pg_stat_tmp' - - -# - Monitoring - - -#compute_query_id = auto -#log_statement_stats = off -#log_parser_stats = off -#log_planner_stats = off -#log_executor_stats = off - - -#------------------------------------------------------------------------------ -# AUTOVACUUM -#------------------------------------------------------------------------------ - -#autovacuum = on # Enable autovacuum subprocess? 'on' - # requires track_counts to also be on. -#autovacuum_max_workers = 3 # max number of autovacuum subprocesses - # (change requires restart) -#autovacuum_naptime = 1min # time between autovacuum runs -#autovacuum_vacuum_threshold = 50 # min number of row updates before - # vacuum -#autovacuum_vacuum_insert_threshold = 1000 # min number of row inserts - # before vacuum; -1 disables insert - # vacuums -#autovacuum_analyze_threshold = 50 # min number of row updates before - # analyze -#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum -#autovacuum_vacuum_insert_scale_factor = 0.2 # fraction of inserts over table - # size before insert vacuum -#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze -#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum - # (change requires restart) -#autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age - # before forced vacuum - # (change requires restart) -#autovacuum_vacuum_cost_delay = 2ms # default vacuum cost delay for - # autovacuum, in milliseconds; - # -1 means use vacuum_cost_delay -#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for - # autovacuum, -1 means use - # vacuum_cost_limit +cluster_name = 'main' # added to process titles if nonempty (change requires restart) #------------------------------------------------------------------------------ @@ -617,63 +129,15 @@ cluster_name = 'main' # added to process titles if nonempty # - Statement Behavior - -#client_min_messages = notice # values in order of decreasing detail: - # debug5 - # debug4 - # debug3 - # debug2 - # debug1 - # log - # notice - # warning - # error -#search_path = '"$user", public' # schema names row_security = on -#default_table_access_method = 'heap' -#default_tablespace = '' # a tablespace name, '' uses the default -#default_toast_compression = 'pglz' # 'pglz' or 'lz4' -#temp_tablespaces = '' # a list of tablespace names, '' uses - # only default tablespace -#check_function_bodies = on -#default_transaction_isolation = 'read committed' -#default_transaction_read_only = off -#default_transaction_deferrable = off -#session_replication_role = 'origin' -#statement_timeout = 0 # in milliseconds, 0 is disabled -#lock_timeout = 0 # in milliseconds, 0 is disabled -#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled -#idle_session_timeout = 0 # in milliseconds, 0 is disabled -#vacuum_freeze_table_age = 150000000 -#vacuum_freeze_min_age = 50000000 -#vacuum_failsafe_age = 1600000000 -#vacuum_multixact_freeze_table_age = 150000000 -#vacuum_multixact_freeze_min_age = 5000000 -#vacuum_multixact_failsafe_age = 1600000000 -#bytea_output = 'hex' # hex, escape -#xmlbinary = 'base64' -#xmloption = 'content' -#gin_pending_list_limit = 4MB # - Locale and Formatting - -#datestyle = 'iso, mdy' -#intervalstyle = 'postgres' timezone = 'UTC' -#timezone_abbreviations = 'Default' # Select the set of available time zone - # abbreviations. Currently, there are - # Default - # Australia (historical usage) - # India - # You can create your own file in - # share/timezonesets/. -extra_float_digits = 0 # min -15, max 3; any value >0 actually - # selects precise output mode -#client_encoding = sql_ascii # actually, defaults to database - # encoding +extra_float_digits = 0 # min -15, max 3; any value >0 actually selects precise output mode # These settings are initialized by initdb, but they can be changed. -lc_messages = 'en_US.UTF-8' # locale for system error message - # strings +lc_messages = 'en_US.UTF-8' # locale for system error message strings lc_monetary = 'en_US.UTF-8' # locale for monetary formatting lc_numeric = 'en_US.UTF-8' # locale for number formatting lc_time = 'en_US.UTF-8' # locale for time formatting @@ -683,63 +147,9 @@ default_text_search_config = 'pg_catalog.english' # - Shared Library Preloading - -#local_preload_libraries = '' -#session_preload_libraries = '' - shared_preload_libraries = 'pg_stat_statements, pgaudit, plpgsql, plpgsql_check, pg_cron, pg_net, pgsodium, timescaledb, auto_explain, pg_tle, plan_filter, supabase_vault' # (change requires restart) jit_provider = 'llvmjit' # JIT library to use -# - Other Defaults - - -#dynamic_library_path = '$libdir' -#gin_fuzzy_search_limit = 0 - -#------------------------------------------------------------------------------ -# LOCK MANAGEMENT -#------------------------------------------------------------------------------ - -#deadlock_timeout = 1s -#max_locks_per_transaction = 64 # min 10 - # (change requires restart) -#max_pred_locks_per_transaction = 64 # min 10 - # (change requires restart) -#max_pred_locks_per_relation = -2 # negative values mean - # (max_pred_locks_per_transaction - # / -max_pred_locks_per_relation) - 1 -#max_pred_locks_per_page = 2 # min 0 - - -#------------------------------------------------------------------------------ -# VERSION AND PLATFORM COMPATIBILITY -#------------------------------------------------------------------------------ - -# - Previous PostgreSQL Versions - - -#array_nulls = on -#backslash_quote = safe_encoding # on, off, or safe_encoding -#escape_string_warning = on -#lo_compat_privileges = off -#quote_all_identifiers = off -#standard_conforming_strings = on -#synchronize_seqscans = on - -# - Other Platforms and Clients - - -#transform_null_equals = off - - -#------------------------------------------------------------------------------ -# ERROR HANDLING -#------------------------------------------------------------------------------ - -#exit_on_error = off # terminate session on any error? -#restart_after_crash = on # reinitialize after backend crash? -#data_sync_retry = off # retry or panic on failure to fsync - # data? - # (change requires restart) -#recovery_init_sync_method = fsync # fsync, syncfs (Linux 5.8+) - - #------------------------------------------------------------------------------ # CONFIG FILE INCLUDES #------------------------------------------------------------------------------ @@ -748,24 +158,7 @@ jit_provider = 'llvmjit' # JIT library to use # default postgresql.conf. Note that these are directives, not variable # assignments, so they can usefully be given more than once. -include_dir = '/etc/postgresql-custom' # include files ending in '.conf' from - # a directory, e.g., 'conf.d' -#include_if_exists = '...' # include file only if it exists -#include = '...' # include file - -# Automatically generated optimizations -#include = '/etc/postgresql-custom/generated-optimizations.conf' -# User-supplied custom parameters, override any automatically generated ones -#include = '/etc/postgresql-custom/custom-overrides.conf' - -# WAL-G specific configurations -#include = '/etc/postgresql-custom/wal-g.conf' - -# read replica specific configurations -include = '/etc/postgresql-custom/read-replica.conf' - -# supautils specific configurations -#include = '/etc/postgresql-custom/supautils.conf' +include_dir = '/etc/postgresql-custom' # include files ending in '.conf' from a directory, e.g., 'conf.d' #------------------------------------------------------------------------------ # CUSTOMIZED OPTIONS diff --git a/ansible/tasks/finalize-ami.yml b/ansible/tasks/finalize-ami.yml index 0e4210dc2..95d524f51 100644 --- a/ansible/tasks/finalize-ami.yml +++ b/ansible/tasks/finalize-ami.yml @@ -1,7 +1,7 @@ - name: PG logging conf template: src: files/postgresql_config/postgresql-csvlog.conf - dest: /etc/postgresql-custom/logging.conf + dest: /etc/postgresql-custom/00-logging.conf group: postgres - name: UFW - Allow SSH connections diff --git a/ansible/tasks/internal/supautils.yml b/ansible/tasks/internal/supautils.yml index 33811b5ac..38e911f52 100644 --- a/ansible/tasks/internal/supautils.yml +++ b/ansible/tasks/internal/supautils.yml @@ -39,10 +39,10 @@ regexp: "#session_preload_libraries = ''" replace: session_preload_libraries = 'supautils' -- name: supautils - write custom supautils.conf +- name: supautils - write custom 05-supautils.conf template: src: "files/postgresql_config/supautils.conf.j2" - dest: /etc/postgresql-custom/supautils.conf + dest: /etc/postgresql-custom/05-supautils.conf mode: 0664 owner: postgres group: postgres @@ -62,13 +62,6 @@ recurse: yes become: yes -- name: supautils - include /etc/postgresql-custom/supautils.conf in postgresql.conf - become: yes - replace: - path: /etc/postgresql/postgresql.conf - regexp: "#include = '/etc/postgresql-custom/supautils.conf'" - replace: "include = '/etc/postgresql-custom/supautils.conf'" - - name: supautils - remove build dependencies apt: pkg: diff --git a/ansible/tasks/setup-docker.yml b/ansible/tasks/setup-docker.yml index 7b37f70cc..beb862e2b 100644 --- a/ansible/tasks/setup-docker.yml +++ b/ansible/tasks/setup-docker.yml @@ -39,10 +39,10 @@ replace: session_preload_libraries = 'supautils' when: debpkg_mode or stage2_nix -- name: supautils - write custom supautils.conf +- name: supautils - write custom 05-supautils.conf template: src: "files/postgresql_config/supautils.conf.j2" - dest: /etc/postgresql-custom/supautils.conf + dest: /etc/postgresql-custom/05-supautils.conf mode: 0664 owner: postgres group: postgres @@ -65,14 +65,6 @@ become: yes when: debpkg_mode or stage2_nix -- name: supautils - include /etc/postgresql-custom/supautils.conf in postgresql.conf - become: yes - replace: - path: /etc/postgresql/postgresql.conf - regexp: "#include = '/etc/postgresql-custom/supautils.conf'" - replace: "include = '/etc/postgresql-custom/supautils.conf'" - when: debpkg_mode or stage2_nix - - name: Cleanup - extension packages file: path: /tmp/extensions diff --git a/ansible/tasks/setup-postgres.yml b/ansible/tasks/setup-postgres.yml index 2fe302488..691c24da4 100644 --- a/ansible/tasks/setup-postgres.yml +++ b/ansible/tasks/setup-postgres.yml @@ -126,8 +126,8 @@ group: postgres mode: 0664 with_items: - - 'generated-optimizations.conf' - - 'custom-overrides.conf' + - '01-generated-optimizations.conf' + - '02-custom-overrides.conf' when: debpkg_mode or nixpkg_mode # Move Postgres configuration files into /etc/postgresql @@ -156,10 +156,10 @@ when: debpkg_mode or nixpkg_mode # Add custom config for read replicas set up -- name: Move custom read-replica.conf file to /etc/postgresql-custom/read-replica.conf +- name: Move custom read-replica.conf file to /etc/postgresql-custom/04-read-replica.conf template: src: "files/postgresql_config/custom_read_replica.conf.j2" - dest: /etc/postgresql-custom/read-replica.conf + dest: /etc/postgresql-custom/04-read-replica.conf mode: 0664 owner: postgres group: postgres @@ -212,7 +212,7 @@ group: postgres when: nixpkg_mode -- name: Check psql_version and modify supautils.conf and postgresql.conf if necessary +- name: Check psql_version and modify 05-supautils.conf and postgresql.conf if necessary block: - name: Check if psql_version is psql_orioledb set_fact: diff --git a/ansible/tasks/setup-supabase-internal.yml b/ansible/tasks/setup-supabase-internal.yml index d63f3abad..74327911a 100644 --- a/ansible/tasks/setup-supabase-internal.yml +++ b/ansible/tasks/setup-supabase-internal.yml @@ -84,20 +84,6 @@ state: directory owner: vector -- name: Include file for generated optimizations in postgresql.conf - become: true - replace: - path: /etc/postgresql/postgresql.conf - regexp: "#include = '/etc/postgresql-custom/generated-optimizations.conf'" - replace: "include = '/etc/postgresql-custom/generated-optimizations.conf'" - -- name: Include file for custom overrides in postgresql.conf - become: true - replace: - path: /etc/postgresql/postgresql.conf - regexp: "#include = '/etc/postgresql-custom/custom-overrides.conf'" - replace: "include = '/etc/postgresql-custom/custom-overrides.conf'" - - name: Install Postgres exporter import_tasks: internal/postgres-exporter.yml diff --git a/ansible/tasks/setup-wal-g.yml b/ansible/tasks/setup-wal-g.yml index a05106ede..28fda91af 100644 --- a/ansible/tasks/setup-wal-g.yml +++ b/ansible/tasks/setup-wal-g.yml @@ -60,10 +60,10 @@ mode: '0664' when: stage2_nix -- name: Move custom wal-g.conf file to /etc/postgresql-custom/wal-g.conf +- name: Move custom wal-g.conf file to /etc/postgresql-custom/03-wal-g.conf template: src: "files/postgresql_config/custom_walg.conf.j2" - dest: /etc/postgresql-custom/wal-g.conf + dest: /etc/postgresql-custom/03-wal-g.conf mode: 0664 owner: postgres group: postgres @@ -85,11 +85,3 @@ mode: 0700 owner: root when: stage2_nix - -- name: Include /etc/postgresql-custom/wal-g.conf in postgresql.conf - become: yes - replace: - path: /etc/postgresql/postgresql.conf - regexp: "#include = '/etc/postgresql-custom/wal-g.conf'" - replace: "include = '/etc/postgresql-custom/wal-g.conf'" - when: stage2_nix diff --git a/ansible/tasks/stage2-setup-postgres.yml b/ansible/tasks/stage2-setup-postgres.yml index d3209fc04..ad021860a 100644 --- a/ansible/tasks/stage2-setup-postgres.yml +++ b/ansible/tasks/stage2-setup-postgres.yml @@ -4,7 +4,7 @@ # sudo -u postgres bash -c ". /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh && nix profile install nixpkgs#openjdk11" # It was decided to leave pljava disabled at https://github.com/supabase/postgres/pull/690 therefore removing this task -- name: Check psql_version and modify supautils.conf and postgresql.conf if necessary +- name: Check psql_version and modify 05-supautils.conf and postgresql.conf if necessary block: - name: Check if psql_version is psql_orioledb-17 set_fact: @@ -26,11 +26,11 @@ when: is_psql_oriole or is_psql_17 and stage2_nix become: yes - - name: Remove specified extensions from supautils.conf if orioledb-17 or 17 build + - name: Remove specified extensions from 05-supautils.conf if orioledb-17 or 17 build ansible.builtin.command: cmd: > sed -i 's/ timescaledb,//g; s/ plv8,//g' - /etc/postgresql-custom/supautils.conf + /etc/postgresql-custom/05-supautils.conf when: is_psql_oriole or is_psql_17 and stage2_nix become: yes diff --git a/nix/packages/lib.nix b/nix/packages/lib.nix index 971909162..7b259d0a3 100644 --- a/nix/packages/lib.nix +++ b/nix/packages/lib.nix @@ -41,7 +41,7 @@ path = ../../ansible/files/postgresql_config/supautils.conf.j2; }; loggingConfigFile = builtins.path { - name = "logging.conf"; + name = "00-logging.conf"; path = ../../ansible/files/postgresql_config/postgresql-csvlog.conf; }; readReplicaConfigFile = builtins.path { @@ -110,19 +110,16 @@ mkdir -p $out/bin $out/etc/postgresql-custom $out/etc/postgresql $out/extension-custom-scripts # Copy config files with error handling - cp ${paths.supautilsConfigFile} $out/etc/postgresql-custom/supautils.conf || { echo "Failed to copy supautils.conf"; exit 1; } + cp ${paths.supautilsConfigFile} $out/etc/postgresql-custom/05-supautils.conf || { echo "Failed to copy supautils.conf"; exit 1; } cp ${paths.pgconfigFile} $out/etc/postgresql/postgresql.conf || { echo "Failed to copy postgresql.conf"; exit 1; } - cp ${paths.loggingConfigFile} $out/etc/postgresql-custom/logging.conf || { echo "Failed to copy logging.conf"; exit 1; } - cp ${paths.readReplicaConfigFile} $out/etc/postgresql-custom/read-replica.conf || { echo "Failed to copy read-replica.conf"; exit 1; } + cp ${paths.loggingConfigFile} $out/etc/postgresql-custom/00-logging.conf || { echo "Failed to copy logging.conf"; exit 1; } + cp ${paths.readReplicaConfigFile} $out/etc/postgresql-custom/04-read-replica.conf || { echo "Failed to copy read-replica.conf"; exit 1; } cp ${paths.pgHbaConfigFile} $out/etc/postgresql/pg_hba.conf || { echo "Failed to copy pg_hba.conf"; exit 1; } cp ${paths.pgIdentConfigFile} $out/etc/postgresql/pg_ident.conf || { echo "Failed to copy pg_ident.conf"; exit 1; } cp -r ${paths.postgresqlExtensionCustomScriptsPath}/* $out/extension-custom-scripts/ || { echo "Failed to copy custom scripts"; exit 1; } echo "Copy operation completed" - chmod 644 $out/etc/postgresql-custom/supautils.conf - chmod 644 $out/etc/postgresql/postgresql.conf - chmod 644 $out/etc/postgresql-custom/logging.conf - chmod 644 $out/etc/postgresql/pg_hba.conf + chmod 644 $out/etc/postgresql-custom/05-supautils.conf $out/etc/postgresql/postgresql.conf $out/etc/postgresql-custom/00-logging.conf $out/etc/postgresql/pg_hba.conf substitute ${../tools/run-server.sh.in} $out/bin/start-postgres-server \ ${ diff --git a/nix/tools/run-server.sh.in b/nix/tools/run-server.sh.in index 182cbe554..d25ab3add 100644 --- a/nix/tools/run-server.sh.in +++ b/nix/tools/run-server.sh.in @@ -215,16 +215,16 @@ fi echo "NOTE: patching postgresql.conf files" cp "$PG_HBA_FILE" "$DATDIR/pg_hba.conf" cp "$PG_IDENT_FILE" "$DATDIR/pg_ident.conf" -cp "$READREPL_CONFIG_FILE" "$DATDIR/read-replica.conf" +cp "$READREPL_CONFIG_FILE" "$DATDIR/04-read-replica.conf" mkdir -p "$DATDIR/extension-custom-scripts" cp -r "$EXTENSION_CUSTOM_SCRIPTS"/* "$DATDIR/extension-custom-scripts" # Configure supautils -sed "s|supautils.extension_custom_scripts_path = '/etc/postgresql-custom/extension-custom-scripts'|supautils.extension_custom_scripts_path = '$DATDIR/extension-custom-scripts'|" "$SUPAUTILS_CONFIG_FILE" > "$DATDIR/supautils.conf" +sed "s|supautils.extension_custom_scripts_path = '/etc/postgresql-custom/extension-custom-scripts'|supautils.extension_custom_scripts_path = '$DATDIR/extension-custom-scripts'|" "$SUPAUTILS_CONFIG_FILE" > "$DATDIR/05-supautils.conf" # Configure PostgreSQL sed -e "1i\\ -include = '$DATDIR/supautils.conf'" \ +include = '$DATDIR/05-supautils.conf'" \ -e "\$a\\ pgsodium.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ -e "\$a\\ @@ -232,8 +232,6 @@ vault.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ -e "s|data_directory = '/var/lib/postgresql/data'|data_directory = '$DATDIR'|" \ -e "s|hba_file = '/etc/postgresql/pg_hba.conf'|hba_file = '$DATDIR/pg_hba.conf'|" \ -e "s|ident_file = '/etc/postgresql/pg_ident.conf'|ident_file = '$DATDIR/pg_ident.conf'|" \ --e "s|include = '/etc/postgresql/logging.conf'|#&|" \ --e "s|include = '/etc/postgresql-custom/read-replica.conf'|include = '$DATDIR/read-replica.conf'|" \ -e "\$a\\ session_preload_libraries = 'supautils'" \ "$PSQL_CONF_FILE" > "$DATDIR/postgresql.conf" @@ -245,7 +243,7 @@ orioledb_config_items() { echo "non-macos oriole conf" sed -i 's/ timescaledb,//g;' "$DATDIR/postgresql.conf" sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" - sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g;' "$DATDIR/supautils.conf" + sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g;' "$DATDIR/05-supautils.conf" sed -i 's/\(shared_preload_libraries.*\)'\''\(.*\)$/\1, orioledb'\''\2/' "$DATDIR/postgresql.conf" echo "default_table_access_method = 'orioledb'" >> "$DATDIR/postgresql.conf" elif [[ "$1" = "orioledb-17" && "$CURRENT_SYSTEM" = "aarch64-darwin" ]]; then @@ -257,9 +255,9 @@ orioledb_config_items() { perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql.conf" perl -pi -e 's/db_user_namespace = off/#db_user_namespace = off/g' "$DATDIR/postgresql.conf" - perl -pi -e 's/ timescaledb,//g' "$DATDIR/supautils.conf" - perl -pi -e 's/ plv8,//g' "$DATDIR/supautils.conf" - perl -pi -e 's/ pgjwt,//g' "$DATDIR/supautils.conf" + perl -pi -e 's/ timescaledb,//g' "$DATDIR/05-supautils.conf" + perl -pi -e 's/ plv8,//g' "$DATDIR/05-supautils.conf" + perl -pi -e 's/ pgjwt,//g' "$DATDIR/05-supautils.conf" perl -pi -e 's/(shared_preload_libraries\s*=\s*'\''.*?)'\''/\1, orioledb'\''/' "$DATDIR/postgresql.conf" echo "default_table_access_method = 'orioledb'" >> "$DATDIR/postgresql.conf" @@ -267,12 +265,12 @@ orioledb_config_items() { echo "non-macos pg 17 conf" sed -i 's/ timescaledb,//g;' "$DATDIR/postgresql.conf" sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" - sed -i 's/ timescaledb,//g; s/ plv8,//g;' "$DATDIR/supautils.conf" + sed -i 's/ timescaledb,//g; s/ plv8,//g;' "$DATDIR/05-supautils.conf" elif [[ "$VERSION" == "17" && "$CURRENT_SYSTEM" = "aarch64-darwin" ]]; then perl -pi -e 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql.conf" - perl -pi -e 's/ timescaledb,//g' "$DATDIR/supautils.conf" - perl -pi -e 's/ plv8,//g;' "$DATDIR/supautils.conf" + perl -pi -e 's/ timescaledb,//g' "$DATDIR/05-supautils.conf" + perl -pi -e 's/ plv8,//g;' "$DATDIR/05-supautils.conf" fi } From 7876920d40c9dccfb748e44c29b995ceab33c955 Mon Sep 17 00:00:00 2001 From: Douglas J Hunley Date: Mon, 6 Oct 2025 13:28:03 -0400 Subject: [PATCH 3/7] refactor(postgresql): split auto_explain and pg_cron out into their own config files --- Dockerfile-15 | 2 ++ Dockerfile-17 | 2 ++ Dockerfile-orioledb-17 | 2 ++ ansible/files/postgresql_config/autoexplain.conf | 3 +++ ansible/files/postgresql_config/pgcron.conf | 3 +++ ansible/files/postgresql_config/postgresql.conf.j2 | 8 -------- ansible/tasks/finalize-ami.yml | 11 +++++++++++ nix/packages/lib.nix | 10 ++++++++++ 8 files changed, 33 insertions(+), 8 deletions(-) create mode 100644 ansible/files/postgresql_config/autoexplain.conf create mode 100644 ansible/files/postgresql_config/pgcron.conf diff --git a/Dockerfile-15 b/Dockerfile-15 index 865fca330..1cc0d588c 100644 --- a/Dockerfile-15 +++ b/Dockerfile-15 @@ -163,6 +163,8 @@ COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/autoexplain.conf /etc/postgresql-custom/auto_explain.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pgcron.conf /etc/postgresql-custom/pg_cron.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh diff --git a/Dockerfile-17 b/Dockerfile-17 index ef41f93b1..a53f8db7a 100644 --- a/Dockerfile-17 +++ b/Dockerfile-17 @@ -163,6 +163,8 @@ COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/autoexplain.conf /etc/postgresql-custom/auto_explain.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_cron.conf /etc/postgresql-custom/pg_cron.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh diff --git a/Dockerfile-orioledb-17 b/Dockerfile-orioledb-17 index ff35a42c7..d74432bd6 100644 --- a/Dockerfile-orioledb-17 +++ b/Dockerfile-orioledb-17 @@ -163,6 +163,8 @@ COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/autoexplain.conf /etc/postgresql-custom/auto_explain.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_cron.conf /etc/postgresql-custom/pg_cron.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh diff --git a/ansible/files/postgresql_config/autoexplain.conf b/ansible/files/postgresql_config/autoexplain.conf new file mode 100644 index 000000000..3495fb141 --- /dev/null +++ b/ansible/files/postgresql_config/autoexplain.conf @@ -0,0 +1,3 @@ +# auto_explain + +auto_explain.log_min_duration = 10s diff --git a/ansible/files/postgresql_config/pgcron.conf b/ansible/files/postgresql_config/pgcron.conf new file mode 100644 index 000000000..56c909431 --- /dev/null +++ b/ansible/files/postgresql_config/pgcron.conf @@ -0,0 +1,3 @@ +# pg_cron + +cron.database_name = 'postgres' diff --git a/ansible/files/postgresql_config/postgresql.conf.j2 b/ansible/files/postgresql_config/postgresql.conf.j2 index 1652aeb00..edcf2142a 100644 --- a/ansible/files/postgresql_config/postgresql.conf.j2 +++ b/ansible/files/postgresql_config/postgresql.conf.j2 @@ -159,11 +159,3 @@ jit_provider = 'llvmjit' # JIT library to use # assignments, so they can usefully be given more than once. include_dir = '/etc/postgresql-custom' # include files ending in '.conf' from a directory, e.g., 'conf.d' - -#------------------------------------------------------------------------------ -# CUSTOMIZED OPTIONS -#------------------------------------------------------------------------------ - -# Add settings for extensions here -auto_explain.log_min_duration = 10s -cron.database_name = 'postgres' diff --git a/ansible/tasks/finalize-ami.yml b/ansible/tasks/finalize-ami.yml index 95d524f51..ff2c8312a 100644 --- a/ansible/tasks/finalize-ami.yml +++ b/ansible/tasks/finalize-ami.yml @@ -4,6 +4,17 @@ dest: /etc/postgresql-custom/00-logging.conf group: postgres +- name: auto_explain and pg_cron confs + ansible.builtin.template: + dest: "/etc/postgresql-custom/{{ ext_item }}.conf" + group: 'postgres' + src: "files/postgresql_config/{{ ext_item | split('_') | join('') }}.conf" + loop: + - auto_explain + - pg_cron + loop_control: + loop_var: 'ext_item' + - name: UFW - Allow SSH connections ufw: rule: allow diff --git a/nix/packages/lib.nix b/nix/packages/lib.nix index 7b259d0a3..f6595630f 100644 --- a/nix/packages/lib.nix +++ b/nix/packages/lib.nix @@ -44,6 +44,14 @@ name = "00-logging.conf"; path = ../../ansible/files/postgresql_config/postgresql-csvlog.conf; }; + autoexplainConfigFile = builtins.path { + name = "auto_explain.conf"; + path = ../../ansible/files/postgresql_config/autoexplain.conf; + }; + pgcronConfigFile = builtins.path { + name = "pg_cron.conf"; + path = ../../ansible/files/postgresql_config/pg_cron.conf; + }; readReplicaConfigFile = builtins.path { name = "readreplica.conf"; path = ../../ansible/files/postgresql_config/custom_read_replica.conf.j2; @@ -113,6 +121,8 @@ cp ${paths.supautilsConfigFile} $out/etc/postgresql-custom/05-supautils.conf || { echo "Failed to copy supautils.conf"; exit 1; } cp ${paths.pgconfigFile} $out/etc/postgresql/postgresql.conf || { echo "Failed to copy postgresql.conf"; exit 1; } cp ${paths.loggingConfigFile} $out/etc/postgresql-custom/00-logging.conf || { echo "Failed to copy logging.conf"; exit 1; } + cp ${paths.autoexplainConfigFile} $out/etc/postgresql-custom/auto_explain.conf || { echo "Failed to copy auto_explain.conf"; exit 1; } + cp ${paths.pgcronConfigFile} $out/etc/postgresql-custom/pg_cron.conf || { echo "Failed to copy pg_cron.conf"; exit 1; } cp ${paths.readReplicaConfigFile} $out/etc/postgresql-custom/04-read-replica.conf || { echo "Failed to copy read-replica.conf"; exit 1; } cp ${paths.pgHbaConfigFile} $out/etc/postgresql/pg_hba.conf || { echo "Failed to copy pg_hba.conf"; exit 1; } cp ${paths.pgIdentConfigFile} $out/etc/postgresql/pg_ident.conf || { echo "Failed to copy pg_ident.conf"; exit 1; } From 0c932e9f714e4b03511648b6a197ed667536a3c6 Mon Sep 17 00:00:00 2001 From: Douglas J Hunley Date: Mon, 6 Oct 2025 13:47:39 -0400 Subject: [PATCH 4/7] fix(nix): it helps to use the correct filename everywhere --- Dockerfile-17 | 2 +- Dockerfile-orioledb-17 | 2 +- nix/packages/lib.nix | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile-17 b/Dockerfile-17 index 3d22b9850..dcd80bcb1 100644 --- a/Dockerfile-17 +++ b/Dockerfile-17 @@ -164,7 +164,7 @@ COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /e COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/autoexplain.conf /etc/postgresql-custom/auto_explain.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_cron.conf /etc/postgresql-custom/pg_cron.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pgcron.conf /etc/postgresql-custom/pg_cron.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh diff --git a/Dockerfile-orioledb-17 b/Dockerfile-orioledb-17 index 4c40ac037..0c6bc299f 100644 --- a/Dockerfile-orioledb-17 +++ b/Dockerfile-orioledb-17 @@ -164,7 +164,7 @@ COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /e COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql-custom/00-logging.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/autoexplain.conf /etc/postgresql-custom/auto_explain.conf -COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_cron.conf /etc/postgresql-custom/pg_cron.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pgcron.conf /etc/postgresql-custom/pg_cron.conf COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/05-supautils.conf COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh diff --git a/nix/packages/lib.nix b/nix/packages/lib.nix index f6595630f..9287cfddc 100644 --- a/nix/packages/lib.nix +++ b/nix/packages/lib.nix @@ -50,7 +50,7 @@ }; pgcronConfigFile = builtins.path { name = "pg_cron.conf"; - path = ../../ansible/files/postgresql_config/pg_cron.conf; + path = ../../ansible/files/postgresql_config/pgcron.conf; }; readReplicaConfigFile = builtins.path { name = "readreplica.conf"; From 6ce9f8bc33fead5c6939d4b1388e70fec4d2b4ab Mon Sep 17 00:00:00 2001 From: Douglas J Hunley Date: Mon, 6 Oct 2025 15:13:09 -0400 Subject: [PATCH 5/7] refactor(postgresql.conf): use relative path to include_dir --- ansible/files/postgresql_config/postgresql.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/files/postgresql_config/postgresql.conf.j2 b/ansible/files/postgresql_config/postgresql.conf.j2 index edcf2142a..4771d2f9c 100644 --- a/ansible/files/postgresql_config/postgresql.conf.j2 +++ b/ansible/files/postgresql_config/postgresql.conf.j2 @@ -158,4 +158,4 @@ jit_provider = 'llvmjit' # JIT library to use # default postgresql.conf. Note that these are directives, not variable # assignments, so they can usefully be given more than once. -include_dir = '/etc/postgresql-custom' # include files ending in '.conf' from a directory, e.g., 'conf.d' +include_dir = '../postgresql-custom' # include files ending in '.conf' from a directory, e.g., 'conf.d' From b2a64fdd2d9e9bf873c96f1a9e9ef1d4c3528a30 Mon Sep 17 00:00:00 2001 From: Douglas J Hunley Date: Mon, 6 Oct 2025 15:23:53 -0400 Subject: [PATCH 6/7] fix(postgresql.conf): revert the location of include_dir back to absolute path --- ansible/files/postgresql_config/postgresql.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/files/postgresql_config/postgresql.conf.j2 b/ansible/files/postgresql_config/postgresql.conf.j2 index 4771d2f9c..edcf2142a 100644 --- a/ansible/files/postgresql_config/postgresql.conf.j2 +++ b/ansible/files/postgresql_config/postgresql.conf.j2 @@ -158,4 +158,4 @@ jit_provider = 'llvmjit' # JIT library to use # default postgresql.conf. Note that these are directives, not variable # assignments, so they can usefully be given more than once. -include_dir = '../postgresql-custom' # include files ending in '.conf' from a directory, e.g., 'conf.d' +include_dir = '/etc/postgresql-custom' # include files ending in '.conf' from a directory, e.g., 'conf.d' From 5f3c7e1b2d18bcc63f96bb145793e4674cfb68d6 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Mon, 6 Oct 2025 16:13:22 -0400 Subject: [PATCH 7/7] fix: need to account for new config handling in test utils --- nix/packages/lib.nix | 2 ++ nix/tools/run-server.sh.in | 38 +++++++++++++++++++++++--------------- 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/nix/packages/lib.nix b/nix/packages/lib.nix index 9287cfddc..5e4d38753 100644 --- a/nix/packages/lib.nix +++ b/nix/packages/lib.nix @@ -91,6 +91,8 @@ PGSODIUM_GETKEY = "${paths.getkeyScript}"; READREPL_CONF_FILE = "${paths.readReplicaConfigFile}"; LOGGING_CONF_FILE = "${paths.loggingConfigFile}"; + AUTOEXPLAIN_CONF_FILE = "${paths.autoexplainConfigFile}"; + PGCRON_CONF_FILE = "${paths.pgcronConfigFile}"; SUPAUTILS_CONF_FILE = "${paths.supautilsConfigFile}"; PG_HBA = "${paths.pgHbaConfigFile}"; PG_IDENT = "${paths.pgIdentConfigFile}"; diff --git a/nix/tools/run-server.sh.in b/nix/tools/run-server.sh.in index d25ab3add..2191ff686 100644 --- a/nix/tools/run-server.sh.in +++ b/nix/tools/run-server.sh.in @@ -165,6 +165,8 @@ PSQL_CONF_FILE=@PSQL_CONF_FILE@ PORTNO="${PORTNO:-@PGSQL_DEFAULT_PORT@}" SUPAUTILS_CONFIG_FILE=@SUPAUTILS_CONF_FILE@ LOGGING_CONFIG_FILE=@LOGGING_CONF_FILE@ +AUTOEXPLAIN_CONFIG_FILE=@AUTOEXPLAIN_CONF_FILE@ +PGCRON_CONFIG_FILE=@PGCRON_CONF_FILE@ READREPL_CONFIG_FILE=@READREPL_CONF_FILE@ PG_HBA_FILE=@PG_HBA@ PG_IDENT_FILE=@PG_IDENT@ @@ -215,23 +217,29 @@ fi echo "NOTE: patching postgresql.conf files" cp "$PG_HBA_FILE" "$DATDIR/pg_hba.conf" cp "$PG_IDENT_FILE" "$DATDIR/pg_ident.conf" -cp "$READREPL_CONFIG_FILE" "$DATDIR/04-read-replica.conf" +mkdir -p "$DATDIR/postgresql-custom" +mkdir -p "$DATDIR/pg_log" +cp "$READREPL_CONFIG_FILE" "$DATDIR/postgresql-custom/04-read-replica.conf" +cp "$AUTOEXPLAIN_CONFIG_FILE" "$DATDIR/postgresql-custom/auto_explain.conf" +cp "$PGCRON_CONFIG_FILE" "$DATDIR/postgresql-custom/pg_cron.conf" mkdir -p "$DATDIR/extension-custom-scripts" cp -r "$EXTENSION_CUSTOM_SCRIPTS"/* "$DATDIR/extension-custom-scripts" +# Configure logging with correct log directory +sed "s|log_directory = '/var/log/postgresql'|log_directory = '$DATDIR/pg_log'|" "$LOGGING_CONFIG_FILE" > "$DATDIR/postgresql-custom/00-logging.conf" + # Configure supautils -sed "s|supautils.extension_custom_scripts_path = '/etc/postgresql-custom/extension-custom-scripts'|supautils.extension_custom_scripts_path = '$DATDIR/extension-custom-scripts'|" "$SUPAUTILS_CONFIG_FILE" > "$DATDIR/05-supautils.conf" +sed "s|supautils.extension_custom_scripts_path = '/etc/postgresql-custom/extension-custom-scripts'|supautils.extension_custom_scripts_path = '$DATDIR/extension-custom-scripts'|" "$SUPAUTILS_CONFIG_FILE" > "$DATDIR/postgresql-custom/05-supautils.conf" # Configure PostgreSQL -sed -e "1i\\ -include = '$DATDIR/05-supautils.conf'" \ --e "\$a\\ +sed -e "\$a\\ pgsodium.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ -e "\$a\\ vault.getkey_script = '$PGSODIUM_GETKEY_SCRIPT'" \ -e "s|data_directory = '/var/lib/postgresql/data'|data_directory = '$DATDIR'|" \ -e "s|hba_file = '/etc/postgresql/pg_hba.conf'|hba_file = '$DATDIR/pg_hba.conf'|" \ -e "s|ident_file = '/etc/postgresql/pg_ident.conf'|ident_file = '$DATDIR/pg_ident.conf'|" \ +-e "s|include_dir = '/etc/postgresql-custom'|include_dir = '$DATDIR/postgresql-custom'|" \ -e "\$a\\ session_preload_libraries = 'supautils'" \ "$PSQL_CONF_FILE" > "$DATDIR/postgresql.conf" @@ -243,34 +251,34 @@ orioledb_config_items() { echo "non-macos oriole conf" sed -i 's/ timescaledb,//g;' "$DATDIR/postgresql.conf" sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" - sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g;' "$DATDIR/05-supautils.conf" + sed -i 's/ timescaledb,//g; s/ plv8,//g; s/ pgjwt,//g;' "$DATDIR/postgresql-custom/05-supautils.conf" sed -i 's/\(shared_preload_libraries.*\)'\''\(.*\)$/\1, orioledb'\''\2/' "$DATDIR/postgresql.conf" echo "default_table_access_method = 'orioledb'" >> "$DATDIR/postgresql.conf" elif [[ "$1" = "orioledb-17" && "$CURRENT_SYSTEM" = "aarch64-darwin" ]]; then # macOS specific configuration echo "macOS detected, applying macOS specific configuration" ls -la "$DATDIR" - + # Use perl instead of sed for macOS perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql.conf" perl -pi -e 's/db_user_namespace = off/#db_user_namespace = off/g' "$DATDIR/postgresql.conf" - - perl -pi -e 's/ timescaledb,//g' "$DATDIR/05-supautils.conf" - perl -pi -e 's/ plv8,//g' "$DATDIR/05-supautils.conf" - perl -pi -e 's/ pgjwt,//g' "$DATDIR/05-supautils.conf" + + perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql-custom/05-supautils.conf" + perl -pi -e 's/ plv8,//g' "$DATDIR/postgresql-custom/05-supautils.conf" + perl -pi -e 's/ pgjwt,//g' "$DATDIR/postgresql-custom/05-supautils.conf" perl -pi -e 's/(shared_preload_libraries\s*=\s*'\''.*?)'\''/\1, orioledb'\''/' "$DATDIR/postgresql.conf" - + echo "default_table_access_method = 'orioledb'" >> "$DATDIR/postgresql.conf" elif [[ "$VERSION" == "17" && "$CURRENT_SYSTEM" != "aarch64-darwin" ]]; then echo "non-macos pg 17 conf" sed -i 's/ timescaledb,//g;' "$DATDIR/postgresql.conf" sed -i 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" - sed -i 's/ timescaledb,//g; s/ plv8,//g;' "$DATDIR/05-supautils.conf" + sed -i 's/ timescaledb,//g; s/ plv8,//g;' "$DATDIR/postgresql-custom/05-supautils.conf" elif [[ "$VERSION" == "17" && "$CURRENT_SYSTEM" = "aarch64-darwin" ]]; then perl -pi -e 's/db_user_namespace = off/#db_user_namespace = off/g;' "$DATDIR/postgresql.conf" perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql.conf" - perl -pi -e 's/ timescaledb,//g' "$DATDIR/05-supautils.conf" - perl -pi -e 's/ plv8,//g;' "$DATDIR/05-supautils.conf" + perl -pi -e 's/ timescaledb,//g' "$DATDIR/postgresql-custom/05-supautils.conf" + perl -pi -e 's/ plv8,//g;' "$DATDIR/postgresql-custom/05-supautils.conf" fi }