From 8bd3097832a08778018b3a0dabcaca1d880e7b78 Mon Sep 17 00:00:00 2001
From: ghe0 <gheorghe@gheo.tech>
Date: Mon, 10 Mar 2025 05:15:00 +0200
Subject: [PATCH] added ansible postgres example

---
 ansible-postgres/README.md            |  20 ++++
 ansible-postgres/create_vms.sh        |  21 ++++
 ansible-postgres/deploy_postgres.yaml | 156 ++++++++++++++++++++++++++
 wireguard-bastion/create_vms.sh       |   1 +
 4 files changed, 198 insertions(+)
 create mode 100644 ansible-postgres/README.md
 create mode 100755 ansible-postgres/create_vms.sh
 create mode 100644 ansible-postgres/deploy_postgres.yaml

diff --git a/ansible-postgres/README.md b/ansible-postgres/README.md
new file mode 100644
index 0000000..ef21a84
--- /dev/null
+++ b/ansible-postgres/README.md
@@ -0,0 +1,20 @@
+# Ansible PostgreSQL example
+
+This example will deploy two nodes: a writer in the US and a reader in Canada.
+
+## Steps
+
+To create VMs, run:
+```
+./create_vms.sh
+```
+
+After that, deploy the ansible playbook by running:
+```
+ansible-playbook -i tmp/inventory.ini deploy_postgres.yaml
+```
+
+You can inspect the VMs that got created by running:
+```
+detee-cli vm list
+```
diff --git a/ansible-postgres/create_vms.sh b/ansible-postgres/create_vms.sh
new file mode 100755
index 0000000..ed538ae
--- /dev/null
+++ b/ansible-postgres/create_vms.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -e
+export FORMAT=YAML
+mkdir -p tmp
+
+detee-cli vm deploy --location US --hostname postgres-writer --public-ip \
+  --distro ubuntu --memory 2000 --vcpus 2 --disk 15 > tmp/writer.yaml &&
+  echo "Postgres writer created in the US" &
+detee-cli vm deploy --location Canada --hostname postgres-reader --public-ip \
+  --distro ubuntu --memory 2000 --vcpus 2 --disk 15 > tmp/reader.yaml &&
+  echo "Postgres reader created in Canada" &
+
+wait
+
+echo "
+[master]
+master_host ansible_host=$(cat tmp/writer.yaml | grep ip | awk '{ print $2 }')
+
+[replica]
+replica_host ansible_host=$(cat tmp/reader.yaml | grep ip | awk '{ print $2 }')
+" > tmp/inventory.ini
diff --git a/ansible-postgres/deploy_postgres.yaml b/ansible-postgres/deploy_postgres.yaml
new file mode 100644
index 0000000..0dfeed7
--- /dev/null
+++ b/ansible-postgres/deploy_postgres.yaml
@@ -0,0 +1,156 @@
+---
+- name: Configure PostgreSQL master on Ubuntu 24
+  hosts: master
+  become: yes
+  vars:
+    postgres_version: 16
+    replication_user: replicator
+    replication_password: "your_password"
+  tasks:
+    - name: Install software-properties-common
+      apt:
+        name: software-properties-common
+        state: present
+        update_cache: yes
+
+    - name: Add Universe repository on master
+      command: add-apt-repository universe -y
+      args:
+        creates: /etc/apt/sources.list.d/universe.list
+      register: add_universe_master
+      changed_when: add_universe_master.stdout != ""
+
+    - name: Update apt cache after adding Universe repository on master
+      apt:
+        update_cache: yes
+      when: add_universe_master is changed
+
+    - name: Install PostgreSQL 16 on master
+      apt:
+        name: "postgresql-{{ postgres_version }}"
+        state: present
+
+    - name: Install python3-psycopg2 for PostgreSQL modules on master
+      apt:
+        name: python3-psycopg2
+        state: present
+
+    - name: Ensure listen_addresses is removed (cleanup) in postgresql.conf
+      lineinfile:
+        path: "/etc/postgresql/{{ postgres_version }}/main/postgresql.conf"
+        regexp: '^(#\s*)?listen_addresses'
+        state: absent
+      notify: Restart PostgreSQL
+
+    - name: Set listen_addresses to '*' in postgresql.conf
+      blockinfile:
+        path: "/etc/postgresql/{{ postgres_version }}/main/postgresql.conf"
+        marker: "# {mark} ANSIBLE MANAGED LISTEN ADDRESSES"
+        block: |
+          listen_addresses = '*'
+      notify: Restart PostgreSQL
+
+    - name: Set wal_level to replica
+      lineinfile:
+        path: "/etc/postgresql/{{ postgres_version }}/main/postgresql.conf"
+        regexp: '^(#\s*)?wal_level'
+        line: "wal_level = replica"
+      notify: Restart PostgreSQL
+
+    - name: Set max_wal_senders to 3
+      lineinfile:
+        path: "/etc/postgresql/{{ postgres_version }}/main/postgresql.conf"
+        regexp: '^(#\s*)?max_wal_senders'
+        line: "max_wal_senders = 3"
+      notify: Restart PostgreSQL
+
+    - name: Allow replication connections in pg_hba.conf on master
+      lineinfile:
+        path: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
+        line: "host replication {{ replication_user }} 0.0.0.0/0 md5"
+        create: yes
+      notify: Restart PostgreSQL
+
+    - name: Create replication user on master
+      postgresql_user:
+        name: "{{ replication_user }}"
+        password: "{{ replication_password }}"
+        role_attr_flags: "REPLICATION"
+        login_user: postgres
+        state: present
+      become_user: postgres
+
+  handlers:
+    - name: Restart PostgreSQL
+      service:
+        name: postgresql
+        state: restarted
+
+- name: Configure PostgreSQL replica on Ubuntu 24
+  hosts: replica
+  become: yes
+  vars:
+    postgres_version: 16
+    replication_user: replicator
+    replication_password: "your_password"
+    master_ip: "{{ hostvars['master_host']['ansible_host'] | default('149.36.48.100') }}"
+  tasks:
+    - name: Install software-properties-common on replica
+      apt:
+        name: software-properties-common
+        state: present
+        update_cache: yes
+
+    - name: Add Universe repository on replica
+      command: add-apt-repository universe -y
+      args:
+        creates: /etc/apt/sources.list.d/universe.list
+      register: add_universe_replica
+      changed_when: add_universe_replica.stdout != ""
+
+    - name: Update apt cache after adding Universe repository on replica
+      apt:
+        update_cache: yes
+      when: add_universe_replica is changed
+
+    - name: Install PostgreSQL 16 on replica
+      apt:
+        name: "postgresql-{{ postgres_version }}"
+        state: present
+
+    - name: Stop PostgreSQL service on replica
+      service:
+        name: postgresql
+        state: stopped
+
+    - name: Remove old PostgreSQL data directory on replica
+      file:
+        path: "/var/lib/postgresql/{{ postgres_version }}/main"
+        state: absent
+
+    - name: Use pg_basebackup to clone master data
+      command: >
+        pg_basebackup -h {{ master_ip }}
+        -D /var/lib/postgresql/{{ postgres_version }}/main
+        -U {{ replication_user }} -v -P --wal-method=stream
+      become_user: postgres
+      environment:
+        PGPASSWORD: "{{ replication_password }}"
+
+    - name: Create standby.signal file (for PostgreSQL 12+)
+      file:
+        path: "/var/lib/postgresql/{{ postgres_version }}/main/standby.signal"
+        state: touch
+
+    - name: Set primary connection info for replica
+      lineinfile:
+        path: "/var/lib/postgresql/{{ postgres_version }}/main/postgresql.auto.conf"
+        line: "primary_conninfo = 'host={{ master_ip }} port=5432 user={{ replication_user }} password={{ replication_password }}'"
+      notify: Restart PostgreSQL
+
+  handlers:
+    - name: Restart PostgreSQL
+      service:
+        name: postgresql
+        state: started
+
diff --git a/wireguard-bastion/create_vms.sh b/wireguard-bastion/create_vms.sh
index e32c150..d0005c1 100755
--- a/wireguard-bastion/create_vms.sh
+++ b/wireguard-bastion/create_vms.sh
@@ -1,6 +1,7 @@
 #!/bin/bash
 set -e
 export FORMAT=YAML
+mkdir -p tmp
 
 detee-cli vm deploy --from-yaml cali-bastion.yaml > tmp/cali-bastion-install.yaml &&
   echo "Bastion created in California." &