diff --git a/ansible/tasks/test-image.yml b/ansible/tasks/test-image.yml index a0d3b2b78..ea6e157b6 100644 --- a/ansible/tasks/test-image.yml +++ b/ansible/tasks/test-image.yml @@ -1,87 +1,104 @@ -# - name: Temporarily disable PG Sodium references in config -# become: yes -# become_user: postgres -# shell: -# cmd: sed -i.bak -e "s/pg_net,\ pgsodium,\ timescaledb/pg_net,\ timescaledb/g" -e "s/pgsodium.getkey_script=/#pgsodium.getkey_script=/g" /etc/postgresql/postgresql.conf -# when: debpkg_mode or stage2_nix +- name: Execute tasks when (debpkg_mode or stage2_nix) + when: + - (debpkg_mode or stage2_nix) + block: + - name: Make a backup of the /etc/postgresql/postgresql.conf file + ansible.builtin.copy: + dest: '/etc/postgresql/postgresql.conf.bak' + src: '/etc/postgresql/postgresql.conf' + become: true -- name: Temporarily disable PG Sodium and Supabase Vault references in config - become: yes - become_user: postgres - shell: - cmd: > - sed -i.bak - -e 's/\(shared_preload_libraries = '\''.*\)pgsodium,\(.*'\''\)/\1\2/' - -e 's/\(shared_preload_libraries = '\''.*\)supabase_vault,\(.*'\''\)/\1\2/' - -e 's/\(shared_preload_libraries = '\''.*\), *supabase_vault'\''/\1'\''/' - -e 's/pgsodium.getkey_script=/#pgsodium.getkey_script=/' - /etc/postgresql/postgresql.conf - when: debpkg_mode or stage2_nix + - name: Temporarily disable PG Sodium and Supabase Vault references in /etc/postgresql/postgresql.conf + ansible.builtin.replace: + path: '/etc/postgresql/postgresql.conf' + regexp: "{{ regx['in'] }}" + replace: "{{ regx['out'] }}" + become: true + become_user: 'postgres' + loop: + - { in: "^(shared_preload_libraries = '.*)pgsodium(.*')", out: '\1\2' } + - { in: "^(shared_preload_libraries = '.*)supabase_vault(.*')", out: '\1\2' } + - { in: "^(shared_preload_libraries = '.*)*supabase_vault(.*')", out: '\1\2' } + - { in: '^(pgsodium\.getkey_script=)', out: '#\1' } + loop_control: + loop_var: 'regx' -- name: Verify pgsodium and vault removal from config - become: yes - become_user: postgres - shell: - cmd: | - FOUND=$(grep -E "shared_preload_libraries.*pgsodium|shared_preload_libraries.*supabase_vault|^pgsodium\.getkey_script" /etc/postgresql/postgresql.conf) - if [ ! -z "$FOUND" ]; then - echo "Found unremoved references:" - echo "$FOUND" - exit 1 - fi - register: verify_result - failed_when: verify_result.rc != 0 - when: debpkg_mode or stage2_nix + - name: Make sure we disabled all the things + ansible.builtin.lineinfile: + path: '/etc/postgresql/postgresql.conf' + regexp: "{{ regx }}" + state: 'absent' + check_mode: true + failed_when: + - (pgconf is changed) or (pgconf is failed) + loop: + - "^shared_preload_libraries = '.*pgsodium.*'" + - "^shared_preload_libraries = '.*supabase_vault.*'" + - '^pgsodium\.getkey_script=' + loop_control: + loop_var: 'regx' + register: 'pgconf' - name: Start Postgres Database to load all extensions. - become: yes - become_user: postgres - shell: + ansible.builtin.command: cmd: /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data start "-o -c config_file=/etc/postgresql/postgresql.conf" - when: debpkg_mode + become: true + become_user: 'postgres' + when: + - debpkg_mode -- name: Stop Postgres Database in stage 2 - become: yes - become_user: postgres - shell: source /var/lib/postgresql/.bashrc && /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data stop - args: - executable: /bin/bash - environment: - LANG: en_US.UTF-8 - LANGUAGE: en_US.UTF-8 - LC_ALL: en_US.UTF-8 - LC_CTYPE: en_US.UTF-8 - LOCALE_ARCHIVE: /usr/lib/locale/locale-archive - when: stage2_nix +- name: Execute tasks when stage2_nix + when: + - stage2_nix + block: + - name: Restart Postgres Database in stage 2 to load all extensions + ansible.builtin.command: + cmd: "/usr/lib/postgresql/bin/pg_ctl --pgdata /var/lib/postgresql/data --mode fast --options '-c config_file=/etc/postgresql/postgresql.conf' {{ ctlcmd }}" + become: true + become_user: 'postgres' + environment: + LANG: 'en_US.UTF-8' + LANGUAGE: 'en_US.UTF-8' + LC_ALL: 'en_US.UTF-8' + LC_CTYPE: 'en_US.UTF-8' + LOCALE_ARCHIVE: '/usr/lib/locale/locale-archive' + loop: + - stop + - start + loop_control: + loop_var: 'ctlcmd' -- name: Start Postgres Database to load all extensions. - become: yes - become_user: postgres - shell: source /var/lib/postgresql/.bashrc && /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data start "-o -c config_file=/etc/postgresql/postgresql.conf" - args: - executable: /bin/bash - environment: - LANG: en_US.UTF-8 - LANGUAGE: en_US.UTF-8 - LC_ALL: en_US.UTF-8 - LC_CTYPE: en_US.UTF-8 - LOCALE_ARCHIVE: /usr/lib/locale/locale-archive - when: stage2_nix +- name: Execute tasks when (debpkg_mode or stage2_nix) + when: + - (debpkg_mode or stage2_nix) + block: + - name: Re-enable PG Sodium references in /etc/postgresql/postgresql.conf + ansible.builtin.command: + cmd: mv /etc/postgresql/postgresql.conf.bak /etc/postgresql/postgresql.conf + become: true + become_user: 'postgres' -- name: Re-enable PG Sodium references in config - become: yes - become_user: postgres - shell: - cmd: mv /etc/postgresql/postgresql.conf.bak /etc/postgresql/postgresql.conf - when: debpkg_mode or stage2_nix + - name: Install psycopg2 + ansible.builtin.apt: + name: 'python3-psycopg2' + state: 'present' + update_cache: true + become: true -- name: Reset db stats - shell: /usr/lib/postgresql/bin/psql --no-password --no-psqlrc -d postgres -h localhost -U supabase_admin -c 'SELECT pg_stat_statements_reset(); SELECT pg_stat_reset();' - when: debpkg_mode or stage2_nix + - name: Reset db stats + community.postgresql.postgresql_query: + login_db: 'postgres' + login_host: 'localhost' + login_user: 'supabase_admin' + query: "{{ stat_item }}" + loop: + # - 'SELECT pg_stat_statements_reset()' + - 'SELECT pg_stat_reset()' + loop_control: + loop_var: 'stat_item' -- name: Stop Postgres Database - become: yes - become_user: postgres - shell: - cmd: /usr/lib/postgresql/bin/pg_ctl -D /var/lib/postgresql/data stop - when: debpkg_mode or stage2_nix + - name: Restart Postgres Database in stage 2 to load all extensions + ansible.builtin.command: + cmd: /usr/lib/postgresql/bin/pg_ctl --pgdata /var/lib/postgresql/data --mode fast --options '-c config_file=/etc/postgresql/postgresql.conf' stop + become: true + become_user: 'postgres'