iklim.co/Environment_Infrastructure
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Environment_Infrastructure/ansible/prod/roles/db_stack/templates/patroni.yml.j2
Murat ÖZDEMİR e3787d80f6 docs(infra): align DB stack and APISIX production guidance 
Update Environment_Infrastructure to match the current root stack conventions for database images, shared secret names, and APISIX real IP handling.

- update test Ansible DB image defaults to PostGIS 18/PostGIS 3.6 and MongoDB 8.3.2

- align Patroni configuration with DATABASE_POSTGRES_* secret variable names

- document APISIX real IP template configuration and Harbor rebuild workflow

- replace the separate DB stack env file guidance with the shared .env.secrets.shared flow

- update production setup and roadmap snippets to use current PostGIS, MongoDB, and APISIX rebuild commands
2026-05-20 19:55:49 +03:00

67 lines
1.5 KiB
Django/Jinja
Raw Blame History

scope: iklim-postgres
namespace: /db/
name: postgresql-{{ inventory_hostname.split('-')[-1] }}
restapi:
listen: 0.0.0.0:8008
connect_address: patroni-{{ inventory_hostname.split('-')[-1] }}:8008
etcd3:
hosts:
- etcd-01:2379
- etcd-02:2379
- etcd-03:2379
bootstrap:
dcs:
ttl: 30
loop_wait: 10
retry_timeout: 10
maximum_lag_on_failover: 1048576
postgresql:
use_pg_rewind: true
parameters:
wal_level: replica
hot_standby: "on"
wal_keep_size: 512
max_wal_senders: 5
max_replication_slots: 5
shared_preload_libraries: 'pg_stat_statements'
pg_stat_statements.track: 'all'
initdb:
- encoding: UTF8
- data-checksums
pg_hba:
- host replication replicator 10.20.20.0/24 scram-sha-256
- host all all 10.20.10.0/24 scram-sha-256
- host all all 10.20.20.0/24 scram-sha-256
users:
postgres:
password: "${DATABASE_POSTGRES_ROOT_PASSWD}"
options:
- superuser
postgresql:
listen: 0.0.0.0:5432
connect_address: patroni-{{ inventory_hostname.split('-')[-1] }}:5432
data_dir: /var/lib/postgresql/data/pgdata
pgpass: /tmp/pgpass0
authentication:
replication:
username: replicator
password: "${DATABASE_POSTGRES_REPLICATOR_PASSWORD}"
superuser:
username: postgres
password: "${DATABASE_POSTGRES_ROOT_PASSWD}"
parameters:
unix_socket_directories: "/var/run/postgresql"
tags:
nofailover: false
noloadbalance: false
clonefrom: false
nosync: false
Reference in New Issue View Git Blame Copy Permalink