=== Multiple clusters/compatibility mode ===
-If there is potentially more than one cluster, we cannot use the puppet
-{{{postgresql::server}}} class. We also use this for clusters that were
-initially set up without puppet.
+Since we often have more than one cluster, we cannot use the puppet
+{{{postgresql::server}}} class for most things.
* Add the server to the roles::postgresql::server class role in hiera.
This will cause some scripts to be installed on the host, as well as an ssh
* Run puppet on the postgresql server,
-==== ssh authkeys ====
+* If the server is a replication receiver, it needs read access to the sender's WALs
+ on the backup host (to recover from situations where the source might no longer
+ have the WALs.) This can be configured via hiera as well. Example:
+{{{
+[git|master] weasel@orinoco:~/projects/debian/d-a/dsa-puppet$ cat data/nodes/snapshotdb-manda-01.debian.org.yaml
+classes:
+ - roles::snapshot_db
+ - roles::postgresql::server
-* If you need extra options in the {{{debbackup-ssh-wrap}}} call on the backup server
- (for instance of the host should be allowed to fetch files), manually copy
- {{{~postgres/.ssh/id_rsa.pub}}} to
- {{{puppet:modules/postgres/templates/backup_server/sshkeys-manual.erb}}}.
+postgres::backup_server::register_backup_clienthost::allow_read_hosts: ['sallinen']
+}}}
==== base backup config ====
-* Run puppet on the backup hosts (storace and backuphost as of 2018).
+* Run puppet on the backup hosts (storace and backuphost as of 2019).
* On the db server, create a role. Find the password to use on the backup host in {{{~debbackup/.pgpass}}}:\\
{{{sudo -u postgres createuser -D -E -P -R -S debian-backup}}}