feat: Added optional postgres replication

2025-12-06 02:49:55 +00:00 · 2024-11-19 16:11:28 +01:00
parent dde435ca95
commit 2bf98e9273
4 changed files with 33 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -56,6 +56,10 @@ postgres_arguments:
  - max_parallel_maintenance_workers=4
  - -c
  - checkpoint_timeout=1800
+enable_postgres_replication: false
+# IP address of the interface replication
+postgres_replication_bind_address: ""
+postgres_replica_address: ""

 # Enable TLS for traefik
 enable_tls: false
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@ -57,6 +57,15 @@
    destination_port: "{{ consensus_port }}"
    jump: ACCEPT

+- name: Allow postgres replication traffic from replica only
+  when: enable_postgres_replication
+  ansible.builtin.iptables:
+    chain: INPUT
+    protocol: tcp
+    destination_port: 5432
+    source: "{{ postgres_replication_bind_address }}"
+    jump: ACCEPT
+
 - name: Set default policy to DROP
  ansible.builtin.iptables:
    chain: INPUT
--- a/tasks/provision.yml
+++ b/tasks/provision.yml
@ -32,6 +32,20 @@
    - l2_chain_id
    - l1_chain_id

+- name: "Verify that required variables for replication is set"
+  when: enable_postgres_replication
+  ansible.builtin.assert:
+    that:
+      - required_var != ""
+    fail_msg: "{{ postgress_replication_required_var }} needs to be set for the role for postgres replication to work"
+    success_msg: "Required variable for postgres replication {{ postgress_replication_required_var }} isn't empty"
+  loop_control:
+    loop_var: postgress_replication_required_var
+  with_items:
+    - enable_postgres_replication
+    - postgres_replication_bind_address
+    - postgres_replica_address
+
 - name: Check required en vars empty
  ansible.builtin.fail:
    msg: "Variable '{{ item }}' is empty"
--- a/templates/docker-compose.yaml.j2
+++ b/templates/docker-compose.yaml.j2
@ -43,6 +43,12 @@ services:
      - ./restore_dump.sh:/docker-entrypoint-initdb.d/restore_dump.sh
    env_file:
      - postgres.env
+{% if enable_postgres_replication %}
+    environment:
+      POSTGRES_HOST_AUTH_METHOD: "host replication replicator {{ postgres_replica_address }}/32 md5"
+    ports:
+      - "{{ postgres_replication_interface }}:5432:5432"
+{% endif %}
    command:
      - postgres
      - -c