Cleanup and replace supercronic with minit
This commit is contained in:
parent
5124031188
commit
a1987e1910
|
@ -12,12 +12,10 @@ RUN set -eux &&\
|
||||||
chown root:root ldap2pg &&\
|
chown root:root ldap2pg &&\
|
||||||
chmod 755 ldap2pg
|
chmod 755 ldap2pg
|
||||||
|
|
||||||
FROM danielberteaud/alpine:24.1-5
|
FROM danielberteaud/alpine:24.1-7
|
||||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||||
|
|
||||||
ENV LANG=fr_FR.utf8 \
|
ENV PGHOST=localhost \
|
||||||
TZ=Europe/Paris \
|
|
||||||
PGHOST=localhost \
|
|
||||||
PGPORT=5432 \
|
PGPORT=5432 \
|
||||||
PGUSER=postgres \
|
PGUSER=postgres \
|
||||||
LDAP2PG_MODE=dry \
|
LDAP2PG_MODE=dry \
|
||||||
|
@ -26,7 +24,7 @@ ENV LANG=fr_FR.utf8 \
|
||||||
COPY --from=ldap2pg /tmp/ldap2pg /usr/local/bin/ldap2pg
|
COPY --from=ldap2pg /tmp/ldap2pg /usr/local/bin/ldap2pg
|
||||||
RUN set -eux &&\
|
RUN set -eux &&\
|
||||||
apk --no-cache upgrade &&\
|
apk --no-cache upgrade &&\
|
||||||
apk --no-cache add postgresql15-client ca-certificates supercronic
|
apk --no-cache add postgresql16-client ca-certificates
|
||||||
COPY root/ /
|
COPY root/ /
|
||||||
|
|
||||||
CMD ["run.sh"]
|
CMD ["run.sh"]
|
||||||
|
|
|
@ -14,7 +14,10 @@ if [ -e "${LDAP2PG_CONFIG}" ]; then
|
||||||
# Run cron if needed
|
# Run cron if needed
|
||||||
if [ -n "${LDAP2PG_CRON}" ]; then
|
if [ -n "${LDAP2PG_CRON}" ]; then
|
||||||
echo "Running ldap2pg as a cron job (${LDAP2PG_CRON})"
|
echo "Running ldap2pg as a cron job (${LDAP2PG_CRON})"
|
||||||
echo "${LDAP2PG_CRON} ldap2pg --real --config ${LDAP2PG_CONFIG}" > /dev/shm/cron
|
export MINIT_MAIN="ldap2pg --real --config ${LDAP2PG_CONFIG}"
|
||||||
supercronic /dev/shm/cron
|
export MINIT_MAIN_NAME=ldap2pg
|
||||||
|
export MINIT_MAIN_KIND=cron
|
||||||
|
export MINIT_MAIN_CRON="${LDAP2PG_CRON}"
|
||||||
|
minit
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
FROM danielberteaud/postgres:15.24.1-2
|
FROM danielberteaud/postgres:15.24.1-3
|
||||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||||
|
|
||||||
ARG PATRONI_VERSION=3.2.2
|
ARG PATRONI_VERSION=3.2.2
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
FROM danielberteaud/alpine:24.1-5
|
FROM danielberteaud/alpine:24.1-7
|
||||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||||
|
|
||||||
ARG PG_FROM= \
|
ARG PG_FROM= \
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
FROM danielberteaud/alma:9.24.1-3
|
FROM danielberteaud/alma:9.24.1-5
|
||||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||||
|
|
||||||
ENV PG_BASE_DATA=/data/db/
|
ENV PG_BASE_DATA=/data/db/
|
||||||
|
|
|
@ -74,17 +74,19 @@ job "postgres-manage" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "danielberteaud/ldap2pg:6.0-8"
|
image = "danielberteaud/ldap2pg:6.0-9"
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
pids_limit = 20
|
pids_limit = 20
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
vault {
|
vault {
|
||||||
policies = ["postgres"]
|
policies = ["postgres"]
|
||||||
env = false
|
env = false
|
||||||
disable_file = true
|
disable_file = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
env {
|
env {
|
||||||
LDAP2PG_CONFIG = "/secrets/ldap2pg.yml"
|
LDAP2PG_CONFIG = "/secrets/ldap2pg.yml"
|
||||||
LDAP2PG_MODE = "dry"
|
LDAP2PG_MODE = "dry"
|
||||||
|
|
|
@ -124,7 +124,7 @@ job "postgres" {
|
||||||
kill_timeout = "10m"
|
kill_timeout = "10m"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "danielberteaud/patroni:15.24.1-1"
|
image = "danielberteaud/patroni:15.24.1-2"
|
||||||
# Set shm_size to half of the total size
|
# Set shm_size to half of the total size
|
||||||
shm_size = 536870912
|
shm_size = 536870912
|
||||||
volumes = ["local/mkdir-socket.sh:/entrypoint.d/70-mkdir-socket.sh"]
|
volumes = ["local/mkdir-socket.sh:/entrypoint.d/70-mkdir-socket.sh"]
|
||||||
|
|
|
@ -15,9 +15,7 @@ RUN set -eux &&\
|
||||||
FROM [[ .docker.repo ]][[ .docker.base_images.alpine.image ]]
|
FROM [[ .docker.repo ]][[ .docker.base_images.alpine.image ]]
|
||||||
MAINTAINER [[ .docker.maintainer ]]
|
MAINTAINER [[ .docker.maintainer ]]
|
||||||
|
|
||||||
ENV LANG=[[ .locale.lang ]] \
|
ENV PGHOST=localhost \
|
||||||
TZ=[[ .locale.tz ]] \
|
|
||||||
PGHOST=localhost \
|
|
||||||
PGPORT=5432 \
|
PGPORT=5432 \
|
||||||
PGUSER=postgres \
|
PGUSER=postgres \
|
||||||
LDAP2PG_MODE=dry \
|
LDAP2PG_MODE=dry \
|
||||||
|
@ -26,7 +24,7 @@ ENV LANG=[[ .locale.lang ]] \
|
||||||
COPY --from=ldap2pg /tmp/ldap2pg /usr/local/bin/ldap2pg
|
COPY --from=ldap2pg /tmp/ldap2pg /usr/local/bin/ldap2pg
|
||||||
RUN set -eux &&\
|
RUN set -eux &&\
|
||||||
apk --no-cache upgrade &&\
|
apk --no-cache upgrade &&\
|
||||||
apk --no-cache add postgresql15-client ca-certificates supercronic
|
apk --no-cache add postgresql16-client ca-certificates
|
||||||
COPY root/ /
|
COPY root/ /
|
||||||
|
|
||||||
CMD ["run.sh"]
|
CMD ["run.sh"]
|
||||||
|
|
|
@ -14,7 +14,10 @@ if [ -e "${LDAP2PG_CONFIG}" ]; then
|
||||||
# Run cron if needed
|
# Run cron if needed
|
||||||
if [ -n "${LDAP2PG_CRON}" ]; then
|
if [ -n "${LDAP2PG_CRON}" ]; then
|
||||||
echo "Running ldap2pg as a cron job (${LDAP2PG_CRON})"
|
echo "Running ldap2pg as a cron job (${LDAP2PG_CRON})"
|
||||||
echo "${LDAP2PG_CRON} ldap2pg --real --config ${LDAP2PG_CONFIG}" > /dev/shm/cron
|
export MINIT_MAIN="ldap2pg --real --config ${LDAP2PG_CONFIG}"
|
||||||
supercronic /dev/shm/cron
|
export MINIT_MAIN_NAME=ldap2pg
|
||||||
|
export MINIT_MAIN_KIND=cron
|
||||||
|
export MINIT_MAIN_CRON="${LDAP2PG_CRON}"
|
||||||
|
minit
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[[ $c := merge .pg.manage . -]]
|
job "[[ .instance ]]-manage" {
|
||||||
|
|
||||||
job "[[ .instance ]]-manage[[ $c.consul.suffix ]]" {
|
[[- $c := merge .pg.manage .pg . ]]
|
||||||
|
|
||||||
[[- if and (has $c "cron") (ne $c.cron "") ]]
|
[[- if and (has $c "cron") (ne $c.cron "") ]]
|
||||||
type = "service"
|
type = "service"
|
||||||
|
@ -32,19 +32,15 @@ job "[[ .instance ]]-manage[[ $c.consul.suffix ]]" {
|
||||||
[[ template "common/task.wait_for" $c ]]
|
[[ template "common/task.wait_for" $c ]]
|
||||||
|
|
||||||
task "postgres-manage" {
|
task "postgres-manage" {
|
||||||
driver = [[ $c.nomad.driver | toJSON ]]
|
driver = "[[ $c.nomad.driver ]]"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = [[ $c.image | toJSON ]]
|
image = "[[ $c.image ]]"
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
pids_limit = 20
|
pids_limit = 20
|
||||||
}
|
}
|
||||||
|
|
||||||
vault {
|
[[ template "common/vault.policies" $c ]]
|
||||||
policies = ["[[ .instance ]][[ $c.consul.suffix ]]"]
|
|
||||||
env = false
|
|
||||||
disable_file = true
|
|
||||||
}
|
|
||||||
|
|
||||||
env {
|
env {
|
||||||
[[- range $idx, $db := $c.databases ]]
|
[[- range $idx, $db := $c.databases ]]
|
||||||
|
@ -101,7 +97,7 @@ _EOF
|
||||||
perms = 0400
|
perms = 0400
|
||||||
}
|
}
|
||||||
|
|
||||||
[[ template "common/resources" $c.resources ]]
|
[[ template "common/resources" $c ]]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -280,8 +280,7 @@ _EOT
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "[[ $c.image ]]"
|
image = "[[ $c.image ]]"
|
||||||
command = "supercronic"
|
command = "minit"
|
||||||
args = ["/secrets/backup.cron"]
|
|
||||||
readonly_rootfs = true
|
readonly_rootfs = true
|
||||||
pids_limit = 100
|
pids_limit = 100
|
||||||
}
|
}
|
||||||
|
@ -293,16 +292,17 @@ _EOT
|
||||||
|
|
||||||
env {
|
env {
|
||||||
# Use the socket from the shared dir
|
# Use the socket from the shared dir
|
||||||
PGHOST = "/alloc/data/postgres"
|
PGHOST = "/alloc/data/postgres"
|
||||||
|
MINIT_UNIT_DIR = "/local/minit.d"
|
||||||
}
|
}
|
||||||
|
|
||||||
[[- template "common/file_env" $c ]]
|
[[- template "common/file_env" $c ]]
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data =<<_EOT
|
data =<<_EOT
|
||||||
[[ template "postgres/backup.cron.tpl" . ]]
|
[[ template "postgres/backup.minit.yml.tpl" . ]]
|
||||||
_EOT
|
_EOT
|
||||||
destination = "secrets/backup.cron"
|
destination = "local/minit.d/backup.yml"
|
||||||
}
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
[[- if ne .pg.backup.pgbackrest.cron.full "" ]]
|
|
||||||
[[ .pg.backup.pgbackrest.cron.full ]] run-if-master.sh pgbackrest backup --delta --type=full
|
|
||||||
[[- end ]]
|
|
||||||
[[- if ne .pg.backup.pgbackrest.cron.incr "" ]]
|
|
||||||
[[ .pg.backup.pgbackrest.cron.incr ]] run-if-master.sh pgbackrest backup --delta --type=incr
|
|
||||||
[[- end ]]
|
|
||||||
[[- if ne .pg.backup.pgbackrest.cron.diff "" ]]
|
|
||||||
[[ .pg.backup.pgbackrest.cron.diff ]] run-if-master.sh pgbackrest backup --delta --type=diff
|
|
||||||
[[- end ]]
|
|
||||||
[[- if ne .pg.backup.dumps.cron "" ]]
|
|
||||||
[[ .pg.backup.dumps.cron ]] run-if-master.sh /local/dump.sh
|
|
||||||
[[- end ]]
|
|
32
templates/backup.minit.yml.tpl
Normal file
32
templates/backup.minit.yml.tpl
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
[[- if ne .pg.backup.pgbackrest.cron.full "" ]]
|
||||||
|
---
|
||||||
|
kind: cron
|
||||||
|
name: pgbackrest-full
|
||||||
|
command: ["run-if-master.sh", "pgbackrest", "backup", "--delta", "--type=full"]
|
||||||
|
cron: '[[ .pg.backup.pgbackrest.cron.full ]]'
|
||||||
|
[[- end ]]
|
||||||
|
|
||||||
|
[[- if ne .pg.backup.pgbackrest.cron.incr "" ]]
|
||||||
|
|
||||||
|
---
|
||||||
|
kind: cron
|
||||||
|
name: pgbackrest-incr
|
||||||
|
command: ["run-if-master.sh", "pgbackrest", "backup", "--delta", "--type=incr"]
|
||||||
|
cron: '[[ .pg.backup.pgbackrest.cron.incr ]]'
|
||||||
|
[[- end ]]
|
||||||
|
|
||||||
|
[[- if ne .pg.backup.pgbackrest.cron.diff "" ]]
|
||||||
|
---
|
||||||
|
kind: cron
|
||||||
|
name: pgbackrest-diff
|
||||||
|
command: ["run-if-master.sh", "pgbackrest", "backup", "--delta", "--type=diff"]
|
||||||
|
cron: '[[ .pg.backup.pgbackrest.cron.diff ]]'
|
||||||
|
[[- end ]]
|
||||||
|
|
||||||
|
[[- if ne .pg.backup.dumps.cron "" ]]
|
||||||
|
---
|
||||||
|
kind: cron
|
||||||
|
name: dump
|
||||||
|
command: ["run-if-master.sh", "/local/dump.sh"]
|
||||||
|
cron: '[[ .pg.backup.dumps.cron ]]'
|
||||||
|
[[- end ]]
|
|
@ -12,10 +12,14 @@ pg:
|
||||||
ou: Postgres
|
ou: Postgres
|
||||||
issuer: '[[ .vault.prefix ]]pki/root'
|
issuer: '[[ .vault.prefix ]]pki/root'
|
||||||
|
|
||||||
|
# List of vault policies to attach to the task
|
||||||
|
policies:
|
||||||
|
- '[[ .instance ]][[ .consul.suffix ]]'
|
||||||
|
|
||||||
# Postgres server settings
|
# Postgres server settings
|
||||||
server:
|
server:
|
||||||
# The image to use
|
# The image to use
|
||||||
image: '[[ .docker.repo ]]patroni:15.24.1-1'
|
image: '[[ .docker.repo ]]patroni:15.24.1-2'
|
||||||
|
|
||||||
# Number of postgres instance. Patroni will handle leader election and replication
|
# Number of postgres instance. Patroni will handle leader election and replication
|
||||||
count: 1
|
count: 1
|
||||||
|
@ -38,11 +42,6 @@ pg:
|
||||||
env:
|
env:
|
||||||
PGBACKREST_STANZA: '[[ .instance ]]'
|
PGBACKREST_STANZA: '[[ .instance ]]'
|
||||||
|
|
||||||
vault:
|
|
||||||
# List of vault policies to attach to the task
|
|
||||||
policies:
|
|
||||||
- '[[ .instance ]][[ .consul.suffix ]]'
|
|
||||||
|
|
||||||
# Set higher priority for the postgres job
|
# Set higher priority for the postgres job
|
||||||
nomad:
|
nomad:
|
||||||
priority: 100
|
priority: 100
|
||||||
|
@ -183,7 +182,7 @@ pg:
|
||||||
# manage can create database, users and sync permissions from LDAP (using ldap2pg)
|
# manage can create database, users and sync permissions from LDAP (using ldap2pg)
|
||||||
manage:
|
manage:
|
||||||
# Image to use
|
# Image to use
|
||||||
image: '[[ .docker.repo ]]ldap2pg:6.0-8'
|
image: '[[ .docker.repo ]]ldap2pg:6.0-9'
|
||||||
|
|
||||||
# Resource allocation
|
# Resource allocation
|
||||||
resources:
|
resources:
|
||||||
|
|
Loading…
Reference in New Issue
Block a user