feat(ansible): add pgBackRest tasks and configurations #1878
Conversation
* origin/PSQL-773: fix(setup-pgbackrest.yml): errant indentation fix fix(setup-pgbackrest.yml): fix file module fix(setup-pgbackrest.yml): update nix install path feat(ansible): add pgBackRest tasks and configurations
The pgbackrest wrapper script now sanitizes arguments passed to it. This change removes potentially sensitive or command-injection-vulnerable arguments such as `--cmd`, `--repo-host-cmd`, and `--config` before executing the pgbackrest command. This enhances security by preventing accidental exposure of sensitive information.
Co-authored-by: Douglas J Hunley <doug.hunley@gmail.com>
Co-authored-by: Douglas J Hunley <doug.hunley@gmail.com>
Co-authored-by: Douglas J Hunley <doug.hunley@gmail.com>
* fix(multipooler): read cached copy of pooler topo follow up for: multigres/multigres#226 (comment) Also added some of the configs from the Supabase pgBackRest config supabase/postgres#1878 Signed-off-by: Cuong Do <cuongdo@users.noreply.github.com> * Remove "Cached" from state getter functions Signed-off-by: Cuong Do <cuongdo@users.noreply.github.com> * Make restore more resilient to stale PG conns Restore wasn't handling the dead DB connections left behind by its stopping/restarting Postgres. However, this raises the question of how resilient multipooler.Executor needs to be in this situation. Signed-off-by: Cuong Do <cuongdo@users.noreply.github.com> * do not start postgres if restore fails orch should detect this and initiate fix Signed-off-by: Cuong Do <cuongdo@users.noreply.github.com> --------- Signed-off-by: Cuong Do <cuongdo@users.noreply.github.com>
WalkthroughAdds pgBackRest support: new config files, an Ansible playbook task to install pgBackRest, a setup task that creates system user/group, updates sudoers, installs binaries (nix), provisions directories and configs, symlinks config, and installs a wrapper script. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant Ansible as Ansible (playbook)
participant Host as System
participant FS as Filesystem
participant Sudo as sudoers
participant Nix as nix/profile
participant PgBR as pgbackrest binary
note over Ansible,Host: tasks/setup-pgbackrest.yml runs (when conditions met)
Ansible->>Host: create group `pgbackrest` (nixpkg_mode)
Ansible->>Host: create user `pgbackrest` (nixpkg_mode)
Ansible->>Sudo: add sudoers entries and validate with visudo
Ansible->>Nix: install pgbackrest (stage2_nix)
Nix->>Host: place binaries
Ansible->>FS: create dirs (/var/lib/pgbackrest, /etc/pgbackrest) and set ownership
Ansible->>FS: deploy config files to /etc/pgbackrest
Ansible->>FS: symlink /etc/pgbackrest.conf -> /etc/pgbackrest/pgbackrest.conf
Ansible->>FS: install wrapper `/usr/bin/pgbackrest`
FS->>PgBR: wrapper sanitizes args and execs binary as `pgbackrest` user
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
📜 Review details
Configuration used: Repository UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
ansible/files/pgbackrest_config/computed_globals.conf(1 hunks)ansible/files/pgbackrest_config/pgbackrest.conf(1 hunks)ansible/files/pgbackrest_config/repo1.conf(1 hunks)ansible/files/pgbackrest_config/repo1_async.conf(1 hunks)ansible/files/pgbackrest_config/repo1_encrypted.conf(1 hunks)ansible/playbook.yml(1 hunks)ansible/tasks/setup-pgbackrest.yml(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: nix-eval / eval
🔇 Additional comments (10)
ansible/files/pgbackrest_config/repo1_async.conf (1)
1-2: LGTM - placeholder configuration.This placeholder configuration for async archiving is well-structured and ready for future activation when needed.
ansible/files/pgbackrest_config/computed_globals.conf (1)
1-8: LGTM - placeholder defaults documented.These commented placeholder defaults provide clear documentation for future tuning of process parallelism across different pgBackRest operations.
ansible/files/pgbackrest_config/pgbackrest.conf (1)
1-18: Configuration looks solid.The pgBackRest global settings are well-chosen:
zstcompression provides good balance of speed and ratiostart-fast = yensures quick archiving- Connection details are appropriate
Note that
resume = n(line 12) means interrupted backups will restart from scratch rather than resuming. This is a conservative choice that may be appropriate for your use case.ansible/playbook.yml (1)
43-48: LGTM - appropriate task placement.The pgBackRest installation task is logically positioned after WAL-G and uses consistent conditional patterns with the rest of the playbook.
ansible/files/pgbackrest_config/repo1.conf (1)
1-14: Verify WAL archive retention strategy.Line 8 sets
repo1-retention-history = 0, which means pgBackRest will not retain any WAL archives. This prevents point-in-time recovery (PITR) between backups.If PITR capability is required, consider setting this to a positive value. If WAL archiving is handled separately (e.g., via
archive_command), ensure that strategy is documented and coordinated with these backup retention settings.ansible/tasks/setup-pgbackrest.yml (4)
1-18: LGTM - secure user configuration.The pgBackRest user is properly configured as a system user with
/sbin/nologinshell, which follows security best practices for service accounts.
35-42: LGTM - installation approach is sound.Installing pgBackRest via Nix with a specific commit SHA ensures reproducible builds and version consistency.
44-59: LGTM - appropriate directory structure.The directory permissions (0770 with pgbackrest:postgres ownership) correctly allow both the pgBackRest daemon and PostgreSQL processes to access necessary files while restricting access from other users.
61-66: Symlink direction is backwards; reverse it to follow pgBackRest's expected hierarchy.The code creates a symlink at
/etc/pgbackrest/pgbackrest.confpointing to/etc/pgbackrest.conf. Since pgBackRest looks for configuration first at /etc/pgbackrest/pgbackrest.conf and falls back to /etc/pgbackrest.conf if the primary location doesn't exist, the symlink should point in the opposite direction: the main config file should be at/etc/pgbackrest/pgbackrest.confwith an optional symlink from the legacy location for backward compatibility.Likely an incorrect or invalid review comment.
ansible/files/pgbackrest_config/repo1_encrypted.conf (1)
1-3: Remove this comment.pgBackRest supports only two cipher types: none (no encryption) and aes-256-cbc. aes-256-cbc is recommended in the official pgBackRest documentation. No alternative or newer cipher types exist across different pgBackRest versions.
Likely an incorrect or invalid review comment.
What kind of change does this PR introduce?
Feature- pgBackRest backup solution
What is the current behavior?
pgBackRest tasks and configs are absent
What is the new behavior?
pgBackRest tasks and configs are missing are present
Additional context
NA
Summary by CodeRabbit
New Features
Chores / Install
✏️ Tip: You can customize this high-level summary in your review settings.