Add role for PgBouncer
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |4831|10|4821|5|:-1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/211//ansiblelint">Evolix » ansible-roles » unstable #211</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details

This commit is contained in:
Alexis Ben Miloud--Josselin 2023-03-16 17:14:16 +01:00
parent 65ee8c7e45
commit eae2eed7b0
6 changed files with 96 additions and 0 deletions

View File

@ -13,6 +13,8 @@ The **patch** part changes is incremented if multiple releases happen the same m
### Added
* pgbouncer: new role
### Changed
### Fixed

38
pgbouncer/README.md Normal file
View File

@ -0,0 +1,38 @@
# PgBouncer
Installation and basic configuration of PgBouncer.
## Tasks
Everything is in the `tasks/main.yml` file.
## Available variables
Main variables are :
* `pgbouncer_listen_addr`: the listen IP for PgBouncer (default: `127.0.0.1`),
* `pgbouncer_listen_port`: the listen post for PgBouncer (default: `6432`),
* `pgbouncer_databases`: the databases that clients of PgBouncer can connect to,
* `pgbouncer_account_list`: the accounts that clients of PgBouncer can connect to.
The variable `pgbouncer_databases` must have the `name`, `host` and `port` attributes. The variable can be defined like this:
```
pgbouncer_databases:
- { name: "db1", host: "192.168.3.14", port: "5432" }
- { name: "*", host: "192.168.2.71", port: "5432" }
```
The variable `pgbouncer_account_list` must have the `name` and `hash` attributes. The variable can be defined like this:
```
pgbouncer_account_list:
- { name: "account1", hash: "<hash>" }
- { name: "account2", hash: "<hash>" }
```
The value of `hash` can be obtained by running this command on the PostgreSQL server: `select passwd from pg_shadow where usename='account1';`
> These accounts must exist on the PostegreSQL server.
The full list of variables (with default values) can be found in `defaults/main.yml`.

View File

@ -0,0 +1,7 @@
---
pgbouncer_listen_addr: "127.0.0.1"
pgbouncer_listen_port: "6432"
pgbouncer_databases: []
pgbouncer_account_list: []

17
pgbouncer/tasks/main.yml Normal file
View File

@ -0,0 +1,17 @@
---
- name: PgBouncer is installed
apt:
name: pgbouncer
state: present
- name: Limit for PgBouncer is set
lineinfile:
path: /etc/default/pgbouncer
line: ulimit -n 65536
- name: Add config file for PgBouncer
template:
src: pgbouncer.ini.j2
dest: /etc/pgbouncer/pgbouncer.ini
- name: Populate userlist.txt
template:
src: userlist.txt.j2
dest: /etc/pgbouncer/userlist.txt

View File

@ -0,0 +1,29 @@
[databases]
{% for db in pgbouncer_databases %}
{{ db.name }} = host={{ db.host }} port={{ db.port }}
{% endfor %}
[pgbouncer]
logfile = /var/log/postgresql/pgbouncer.log
pidfile = /var/run/postgresql/pgbouncer.pid
listen_addr = {{ pgbouncer_listen_addr }}
listen_port = {{ pgbouncer_listen_port }}
unix_socket_dir =
auth_type = scram-sha-256
auth_file = /etc/pgbouncer/userlist.txt
# La connexion au serveur redevient libre lorsque le client termine une transaction
# Autres valeurs possibles : session (lorsque le client ferme la session), statement (lorsque la requête se termine)
pool_mode = transaction
# Nombre maximum de connexions entrantes
max_client_conn = 5000
# Nombre de connexion maintenues avec le serveur
default_pool_size = 20
# Ne pas enregistrer les connexions qui se passent bien
log_connections = 0
log_disconnections = 0

View File

@ -0,0 +1,3 @@
{% for account in pgbouncer_account_list %}
"{{ account.name }}" "{{ account.hash }}"
{% endfor %}