Merge pull request #78 from mutablelogic/dev

Upgraded postgresql server

Author: djthorpe

README.md

@@ -112,7 +112,6 @@ TODO:
 * [ ] Add TLS certificate support
 * [ ] Not sure how we can integrate with nomad services
 
-
 ## Ollama
 
 Ollama LLM service, with the Open WebUI.
@@ -139,10 +138,9 @@ TODO:
 
 * [ ] In progress
 * [ ] Add TLS support
-* [ ] Add replication support 
+* [ ] Add replication support
 * [ ] Add custom schema support
 
-
 ## OpenLDAP Administation
 
 OpenLDAP administration, for adding users and groups, and changing
@@ -162,18 +160,16 @@ TODO:
 PostgreSQL is a database server
 
 * [Documentation](https://www.postgresql.org/)
-* [Terraform Example](_examples/postgresql.tf)
-* [Nomad Job](postgresql/nomad/postgresql.hcl)
+* [Terraform Example](_examples/postgres.tf)
+* [Nomad Job](postgres/nomad/postgres.hcl)
 
 TODO:
 
 * [ ] LDAP integration
 * [ ] Add TLS support
-* [ ] Add replication support
 * [ ] Use volume instead when the data does not have '/' as prefix
 * [ ] Add users, databases and roles support on initialization
 
-
 ## Photoprism
 
 Photoprism is a photo library hosting service. It uses it's own

_examples/postgres.tf

@@ -0,0 +1,20 @@
+
+module "postgres" {
+  source = "github.com/mutablelogic/tf-nomad//postgres"
+
+  enabled    = true // If false, no-op
+  dc         = var.dc
+  namespace  = var.namespace
+  service_dns = ["192.168.86.11", "192.168.86.12", "192.168.86.13"]
+
+  root_user            = local.POSTGRESQL_ROOT_USER            // User for the 'root' user (default: postgres)
+  root_password        = local.POSTGRESQL_ROOT_PASSWORD        // Password for the 'root' user
+  replication_user     = local.POSTGRESQL_REPLICATION_USER     // User for the 'replication' user (default: replicator)
+  replication_password = local.POSTGRESQL_REPLICATION_PASSWORD // Password for the 'replication' user
+
+  primary = "cm2"                  // Primary server node
+  replicas = [ "cm3", "cm5" ]      // One or more read-only replica server nodes
+  port     = 5432                  // Port to expose (optional)
+  database = "postgres"            // Default database name (optional)
+  data     = "/var/lib/postgresql" // Persistence directory
+}

_examples/postgresql.tf

@@ -18,8 +18,8 @@ variable "enabled" {
 
 variable "docker_tag" {
   type        = string
-  description = "Version of the docker image to use, defaults to pg16"
-  default     = "pg16"
+  description = "Version of the docker image to use, defaults to 17-bookworm"
+  default     = "17-bookworm"
 }
 
 variable "service_provider" {
@@ -31,7 +31,7 @@ variable "service_provider" {
 variable "service_name" {
   description = "Service name"
   type        = string
-  default     = "postgresql"
+  default     = "postgres"
 }
 
 variable "service_dns" {
@@ -40,32 +40,37 @@ variable "service_dns" {
   default     = []
 }
 
-variable "service_type" {
-  description = "Run as a service or system"
+variable "primary" {
   type        = string
-  default     = "service"
+  description = "Host to deploy the primary database on"
 }
 
-variable "hosts" {
+variable "replicas" {
   type        = list(string)
-  description = "List of hosts to deploy on, if not specified deploys to one node"
+  description = "Hosts to deploy read-only replica databases on"
   default     = []
 }
 
 variable "port" {
   type        = number
-  description = "Port to expose service"
+  description = "Port to expose service for each database"
   default     = 5432
 }
 
+variable "database" {
+  description = "Default database name"
+  type        = string
+  default     = "postgres"
+}
+
 variable "data" {
   type        = string
   description = "Directory for data persistence"
   default     = ""
 }
 
 variable "root_user" {
-  description = "root user"
+  description = "root user name"
   type        = string
   default     = "postgres"
 }
@@ -76,7 +81,14 @@ variable "root_password" {
   sensitive   = true
 }
 
-variable "database" {
-  description = "Default database"
+variable "replication_user" {
+  description = "replication user name"
   type        = string
+  default     = "replicator"
+}
+
+variable "replication_password" {
+  description = "replication password (required)"
+  type        = string
+  sensitive   = true
 }

postgresql/input.tf renamed to postgres/input.tf

@@ -0,0 +1,5 @@
+
+locals {
+    docker_image = "ghcr.io/mutablelogic/docker-postgres:${var.docker_tag}"
+    docker_always_pull = false
+}

postgres/locals.tf

@@ -0,0 +1,27 @@
+
+resource "nomad_job" "postgres" {
+  count   = var.enabled ? 1 : 0
+  jobspec = file("${path.module}/nomad/postgres.hcl")
+
+  hcl2 {
+    vars = {
+      dc                 = jsonencode([var.dc])
+      namespace          = var.namespace
+      docker_image       = local.docker_image
+      docker_always_pull = jsonencode(local.docker_always_pull)
+      service_provider   = var.service_provider
+      service_name       = var.service_name
+      service_dns        = jsonencode(var.service_dns)
+
+      primary              = var.primary
+      replicas             = jsonencode(var.replicas)
+      port                 = var.port
+      database             = var.database
+      data                 = var.data
+      root_user            = var.root_user
+      root_password        = var.root_password
+      replication_user     = var.replication_user
+      replication_password = var.replication_password
+    }
+  }
+}