From 6d1c9c43fb2133689d814cfc84a4942ceec5c1c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Sun, 13 May 2018 16:54:03 +0200 Subject: Add cryptoportfolio postgresql backup --- .../cryptoportfolio/pam_ldap_postgresql.conf.erb | 6 ++++ .../cryptoportfolio/postgresql_backup.conf.erb | 5 ++++ .../cryptoportfolio/postgresql_backup@.service.erb | 34 ++++++++++++++++++++++ 3 files changed, 45 insertions(+) create mode 100644 modules/role/templates/cryptoportfolio/pam_ldap_postgresql.conf.erb create mode 100644 modules/role/templates/cryptoportfolio/postgresql_backup.conf.erb create mode 100644 modules/role/templates/cryptoportfolio/postgresql_backup@.service.erb (limited to 'modules/role/templates/cryptoportfolio') diff --git a/modules/role/templates/cryptoportfolio/pam_ldap_postgresql.conf.erb b/modules/role/templates/cryptoportfolio/pam_ldap_postgresql.conf.erb new file mode 100644 index 0000000..f3d9674 --- /dev/null +++ b/modules/role/templates/cryptoportfolio/pam_ldap_postgresql.conf.erb @@ -0,0 +1,6 @@ +host <%= @ldap_server %> + +base <%= @ldap_base %> +binddn <%= @ldap_dn %> +bindpw <%= @ldap_password %> +pam_login_attribute <%= @ldap_attribute %> diff --git a/modules/role/templates/cryptoportfolio/postgresql_backup.conf.erb b/modules/role/templates/cryptoportfolio/postgresql_backup.conf.erb new file mode 100644 index 0000000..860089b --- /dev/null +++ b/modules/role/templates/cryptoportfolio/postgresql_backup.conf.erb @@ -0,0 +1,5 @@ +listen_addresses= '' +unix_socket_directories = '<%= @pg_path %>' +data_directory = '<%= @pg_path %>' +wal_level = logical + diff --git a/modules/role/templates/cryptoportfolio/postgresql_backup@.service.erb b/modules/role/templates/cryptoportfolio/postgresql_backup@.service.erb new file mode 100644 index 0000000..245a1cb --- /dev/null +++ b/modules/role/templates/cryptoportfolio/postgresql_backup@.service.erb @@ -0,0 +1,34 @@ +[Unit] +Description=PostgreSQL database server +After=network.target + +[Service] +Type=forking +TimeoutSec=120 +User=postgres +Group=postgres + +Environment=PGROOT=<%= @mountpoint %>/%i/postgresql + +SyslogIdentifier=postgres +PIDFile=<%= @mountpoint %>/%i/postgresql/postmaster.pid +RuntimeDirectory=postgresql +RuntimeDirectoryMode=755 + +ExecStartPre=/usr/bin/postgresql-check-db-dir ${PGROOT} +ExecStart= /usr/bin/pg_ctl -s -D ${PGROOT} start -w -t 120 +ExecReload=/usr/bin/pg_ctl -s -D ${PGROOT} reload +ExecStop= /usr/bin/pg_ctl -s -D ${PGROOT} stop -m fast + +# Due to PostgreSQL's use of shared memory, OOM killer is often overzealous in +# killing Postgres, so adjust it downward +OOMScoreAdjust=-200 + +# Additional security-related features +PrivateTmp=true +ProtectHome=true +ProtectSystem=full +NoNewPrivileges=true + +[Install] +WantedBy=multi-user.target -- cgit v1.2.3