Even better this version of patch. It also sets https scheme for dcs
endpoints and configures cacert, cert and key in .vip file.
--
Peter.
--- /usr/bin/pg_createconfig_patroni 2023-12-01 10:16:15.000000000 +0000
+++ /root/pg_createconfig_patroni 2024-01-10 01:53:03.538645769 +0000
@@ -141,17 +141,19 @@
exit 1
fi
VIP_KEY="/postgresql-common/${VERSION}-${CLUSTER}/leader"
- DCS_TYPE="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep -v '[[:space:]]-' | egrep '(etcd|consul|zookeeper)' | sed s/:.*//)"
+ DCS_TYPE="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep -v '[[:space:]]-' | egrep '(etcd(3)?|consul|zookeeper):' | sed s/:.*//)"
if [ -z "$DCS_TYPE" ]; then
echo "DCS type could not be determined from /etc/patroni/dcs.yml, cannot write VIP file"
exit 1
fi
if [ -z "$DCS_ENDPOINT" ]; then
+ DCS_PROTOCOL="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep -v '[[:space:]]-' | egrep 'protocol:' | sed s/.*protocol:[[:space:]]*//)"
+ DCS_PROTOCOL=${DCS_PROTOCOL:-http}
# determine DCS_ENDPOINTS from dcs.yml. This currently assumes that DCS
# hosts are listed with their ip-addresses, while hostnames appear to
# be valid as well. If DCS servers are to be specified by hostname,
# they can be explicitly passed via the --endpoint option.
- DCS_ENDPOINT="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep '(host|-)' | egrep -v '^[[:space:]]*$' | egrep '[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+' | sed -r -e 's/.*(host|hosts)://' -e s/-// -e 's/ //g' | grep -v ^$ | sed -r -e 's/^([0-9])/http:\/\/\1/')"
+ DCS_ENDPOINT="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep '(host|-)' | egrep -v '^[[:space:]]*$' | egrep '[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+' | sed -r -e 's/.*(host|hosts)://' -e s/-// -e 's/ //g' | grep -v ^$ | sed -r -e 's/^([0-9])/'$DCS_PROTOCOL':\/\/\1/')"
if [ -z "$DCS_ENDPOINT" ]; then
echo "DCS endpoint URL could not be determined from /etc/patroni/dcs.yml and --endpoint not provided, cannot write VIP file"
exit 1
@@ -161,6 +163,13 @@
# sed -> remove trailing comma
DCS_ENDPOINT=$( echo "$DCS_ENDPOINT" | tr '\n' ',' | sed 's/,$//' )
fi
+ COMMENT="#"
+ if [ $DCS_PROTOCOL = "https" ]; then
+ COMMENT=""
+ VIP_ETCD_CA_FILE="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep -v '[[:space:]]-' | egrep '^[[:space:]]*cacert:' | sed s/.*cacert:[[:space:]]*//)"
+ VIP_ETCD_CERT_FILE="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep -v '[[:space:]]-' | egrep '^[[:space:]]*cert:' | sed s/.*cert:[[:space:]]*//)"
+ VIP_ETCD_KEY_FILE="$(egrep -v '^[[:space:]]*$|^ *#' /etc/patroni/dcs.yml | egrep -v '[[:space:]]-' | egrep '^[[:space:]]*key:' | sed s/.*key:[[:space:]]*//)"
+ fi
fi
LISTEN_VIP=",$VIP_IP"
else
@@ -215,7 +224,7 @@
-e "s#@NETWORK@#${NETWORK}#g" \
-e "s/@API_PORT@/${API_PORT}/g" \
-e "s/@PORT@/${PORT}/g" \
- -e "s/@DCS_CONFIG@/${DCS_CONFIG}/g" \
+ -e "s#@DCS_CONFIG@#${DCS_CONFIG}#g" \
>> $CONFIG_FILE
# write vip configuration, if requested
@@ -228,6 +237,9 @@
-e "s/@VIP_HOST@/${HOSTNAME}/g" \
-e "s/@VIP_TYPE@/${DCS_TYPE}/g" \
-e "s#@VIP_ENDPOINT@#${DCS_ENDPOINT}#g" \
+ -e "s:^#\?\(VIP_ETCD_CA_FILE=\).*:${COMMENT}\1${VIP_ETCD_CA_FILE}:" \
+ -e "s:^#\?\(VIP_ETCD_CERT_FILE=\).*:${COMMENT}\1${VIP_ETCD_CERT_FILE}:" \
+ -e "s:^#\?\(VIP_ETCD_KEY_FILE=\).*:${COMMENT}\1${VIP_ETCD_KEY_FILE}:" \
>> $VIP_FILE
fi
