more settings of systemd for postgress

lib/data/templates/postgresql/postgresql.conf.erb

@@ -1,17 +1,19 @@
 
-data_directory = '/var/lib/postgresql/15/main'
+#data_directory = '/var/lib/postgresql/15/main'
-hba_file = '/etc/postgresql/15/main/pg_hba.conf'
+#hba_file = '/etc/postgresql/15/main/pg_hba.conf'
-ident_file = '/etc/postgresql/15/main/pg_ident.conf'
+#ident_file = '/etc/postgresql/15/main/pg_ident.conf'
 
 
 #listen_addresses = 'localhost'
 listen_addresses = '*'
 port = 5432
 max_connections = 100
-unix_socket_directories = '/var/run/postgresql'
+unix_socket_directories = '<%= unix_socket %>'
 password_encryption = scram-sha-256
 
-ssl = on
+## TODO Add support for ssl
+#ssl = on
+
 #ssl_ca_file = ''
 ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
 #ssl_crl_file = ''
@@ -36,7 +38,7 @@ log_line_prefix = '%m [%p] %q%u@%d '
 log_timezone = 'Etc/UTC'
 
 
-cluster_name = '15/main'
+#cluster_name = '15/main'
 
 datestyle = 'iso, mdy'
 timezone = 'Etc/UTC'
@@ -48,5 +50,5 @@ lc_time = 'C.UTF-8'
 default_text_search_config = 'pg_catalog.english'
 
 # include files ending in '.conf' from
-include_dir = 'conf.d'
+# include_dir = 'conf.d'
 

lib/data/templates/postgresql/postgresql.service.erb

@@ -3,12 +3,17 @@ Description=PostgreSQL <%= version %>
 After=network.target
 
 [Service]
-Type=notify
+# Type=notify
+Type=simple
 
 User=postgresql
-Group=servicesql
+Group=services
+
+ExecStart=<%= postgres_bin %> -D <%= database_dir %>
+
+StandardOutput=journal
+StandardError=journal
 
-ExecStart=<%= postgres_bin %> -D <%= database_dir %>/data
 ExecReload=/bin/kill -HUP $MAINPID
 KillMode=mixed
 TimeoutSec=300
@@ -16,8 +21,10 @@ Restart=on-failure
 NotifyAccess=all
 
 # Security
-ProtectSystem=full
+#ProtectSystem=full
-ProtectHome=true
+#ProtectHome=true
+#ReadWritePaths=<%= database_dir %>
+
 PrivateTmp=true
 NoNewPrivileges=true
 

lib/execute.rb

@@ -79,8 +79,6 @@ module Execute
     pdata = Make.context(name)
     bin_dir = pdata.get_prefix
     data_dir = "/data/#{pdata.name}/#{pdata.version.split(".").first}" 
-    puts data_dir
-    exit -1
     service_install_context = ServiceInstallContext.new(
       bin_dir, data_dir, name, pdata.version, @options.forced
     )
@@ -109,7 +107,6 @@ module Execute
     executor = get_install_executor(name)
     #executor.call(service_install_context)
     executor.call
-    exit -1
 
     if block_given?
       context = OpenStruct.new

lib/setup/postgresql.rb

@@ -41,7 +41,15 @@ module Setup
       pg_hba_path = "#{File.join(context.data_dir, "pg_hba.conf")}"
       write_as(context.user_name, pg_hba_path, pg_hba)
 
-      postgresql_conf = render("postgresql.conf")
+      # TODO: move this to user module
+      uid = Etc.getpwnam(context.user_name.to_s).uid
+      socket_path = "/run/user/#{uid}"
+      system("sudo mkdir -p #{socket_path}")
+      system("sudo chown #{context.user_name}:services #{socket_path}")
+      system("sudo chmod 700 #{socket_path}")
+
+      postgresql_conf = render("postgresql.conf", unix_socket: socket_path)
+
       postgresql_conf_path = "#{File.join(context.data_dir, "postgresql.conf")}"
       write_as(context.user_name, postgresql_conf_path, postgresql_conf)
 
@@ -53,11 +61,13 @@ module Setup
       )
       postgres_service_path = "/etc/systemd/system/postgresql.service" 
       write_as("root", postgres_service_path, postgres_service)
-
+      system("sudo systemctl daemon-reexec")
       system("sudo systemctl daemon-reload")
       system("sudo systemctl enable postgresql")
       system("sudo systemctl start postgresql")
       
+      # debug service
+      # sudo systemctl daemon-reexec && sudo systemctl daemon-reload && sudo systemctl restart postgresql.service
     end
 
     def self.install(context)

recipes/postgresql/debian.yml

@@ -19,7 +19,7 @@ repository:
   version: 17.5
 
 steps:
-  - ./configure --prefix=$PREFIX
+  - ./configure --prefix=$PREFIX --with-openssl --with-systemd
   - make -j$CPUS
   - $SUDO mkdir -p $PREFIX
   - $SUDO make install