From dbb81296d7f73d5bc740efc5c8051a351307c7b8 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Tue, 6 Apr 2021 14:15:37 +0200
Subject: [PATCH] Basic config support of streaming replication.

---
 defaults/main.yml                          | 31 +++++++++---
 tasks/main.yml                             |  3 ++
 tasks/postgresql-streaming-replication.yml | 56 ++++++++++++++++++++++
 3 files changed, 83 insertions(+), 7 deletions(-)
 create mode 100644 tasks/postgresql-streaming-replication.yml

diff --git a/defaults/main.yml b/defaults/main.yml
index aa0cf8a..f4a9156 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,16 +1,15 @@
 ---
 psql_enabled: True
-pg_use_postgresql_org_repo: True
-psql_postgresql_install: True
-psql_pkg_state: present
-postgresql_enabled: True
-psql_pgpool_install: False
-psql_pgpool_service_install: False
-psql_pgpool_pkg_state: present
 # I prefer to use the postgresql.org repositories
 #
 # See the features matrix here: http://www.postgresql.org/about/featurematrix/
 #
+pg_use_postgresql_org_repo: True
+psql_postgresql_install: True
+psql_pkg_state: present
+postgresql_enabled: True
+postgresql_streaming_replication: False
+postgresql_streaming_replication_primary_node: 'localhost'
 psql_version: 13
 psql_db_host: localhost
 psql_db_port: 5432
@@ -97,6 +96,24 @@ psql_autovacuum_configuration:
   - { name: 'autovacuum_max_workers', value: '10', set: 'True' }
   - { name: 'autovacuum_naptime', value: '10', set: 'True' }
 
+# Streaming replication settings
+postgresql_streaming_replication_primary_node: 'localhost'
+psql_streaming_replication_hosts:
+  - 'localhost'
+psql_streaming_replication_user: psql_replica
+#psql_streaming_replication_pwd: 'use a vault'
+psql_streaming_replication_config:
+  - { name: 'wal_level', value: 'replica' }
+  - { name: 'max_wal_senders', value: '10' }
+  - { name: 'wal_keep_segments', value: '8' }
+  - { name: 'wal_keep_size', value: '1GB' }
+  - { name: 'wal_compression', value: 'on' }
+  - { name: 'wal_log_hints', value: 'on' }
+  - { name: 'hot_standby', value: 'on' }
+  - { name: 'archive_mode', value: 'always' }
+  - { name: 'archive_command', value: "cp %p {{ psql_wal_archiving_log_dir }}/%f" }
+  - { name: 'restore_command', value: "cp {{ psql_wal_archiving_log_dir }}/%f %p" }
+
 # SSL as a special case
 psql_enable_ssl: False
 psql_force_ssl_client_connection: False
diff --git a/tasks/main.yml b/tasks/main.yml
index 88da328..d3a2069 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -22,6 +22,9 @@
   when:
     - psql_postgresql_install
     - psql_db_data is defined
+- import_tasks: postgresql-streaming-replication.yml
+  when:
+    - postgresql_streaming_replication
 - import_tasks: postgresql-backup.yml
   when: psql_postgresql_install
 - import_tasks: postgresql-letsencrypt-acmetool.yml
diff --git a/tasks/postgresql-streaming-replication.yml b/tasks/postgresql-streaming-replication.yml
new file mode 100644
index 0000000..707a777
--- /dev/null
+++ b/tasks/postgresql-streaming-replication.yml
@@ -0,0 +1,56 @@
+---
+- name: Configuration of the streaming replication
+  block:
+  - name: Create the replication user
+    become: True
+    become_user: postgres
+    postgresql_user:
+      name: '{{ psql_streaming_replication_user }}'
+      role_attr_flags: "REPLICATION"
+      password: '{{ psql_streaming_replication_pwd }}'
+      encrypted: yes
+      state: present
+    notify: Reload postgresql
+
+  - name: Setup the streaming replication on the primary
+    become: True
+    become_user: postgres
+    postgresql_set:
+      name: '{{ item.name }}'
+      value: "{{ item.value }}"
+    loop: '{{ psql_streaming_replication_config }}'
+    #when: postgresql_streaming_replication_primary_node == '{{ ansible_fqdn }}'
+    notify: Reload postgresql
+  tags: [ 'postgresql', 'postgres', 'pg_conf', 'postgresql_replication' ]
+
+- name: Configure the streaming replication user on deb systems
+  block:
+  - name: Configure the replication user permissions
+    postgresql_pg_hba:
+      dest: '{{ psql_conf_dir }}/pg_hba.conf'
+      contype: host
+      users: '{{ psql_streaming_replication_user }}'
+      address: '{{ item }}'
+      method: 'scram-sha-256'
+      state: present
+    loop:
+      - '{{ psql_streaming_replication_hosts }}'
+    notify: Reload postgresql
+  when: ansible_distribution_file_variety == "Debian"
+  tags: [ 'postgresql', 'postgres', 'pg_conf', 'pg_hba,' 'postgresql_replication' ]
+
+- name: Configure the streaming replication user on EL
+  block:
+  - name: Configure the replication user permissions
+    postgresql_pg_hba:
+      dest: '{{ psql_el_conf_dir }}/pg_hba.conf'
+      contype: host
+      users: '{{ psql_streaming_replication_user }}'
+      address: '{{ item }}'
+      method: 'scram-sha-256'
+      state: present
+    loop:
+      - '{{ psql_streaming_replication_hosts }}'
+    notify: Reload postgresql
+  when: ansible_distribution_file_variety == "RedHat"
+  tags: [ 'postgresql', 'postgres', 'pg_conf', 'pg_hba', 'postgresql_replication' ]