--- #==============================================================# # File : meta.yml # Desc : Pigsty default 1-node online install config # Ctime : 2020-05-22 # Mtime : 2026-01-22 # Docs : https://pigsty.io/docs/conf/meta # License : Apache-2.0 @ https://pigsty.io/docs/about/license/ # Copyright : 2018-2026 Ruohang Feng / Vonng (rh@vonng.com) #==============================================================# # This is the default 1-node configuration template, with: # INFRA, NODE, PGSQL, ETCD, MINIO, DOCKER, APP (pgadmin) # with basic pg extensions: postgis, pgvector # # Work with PostgreSQL 14-18 on all supported platform # Usage: # curl https://repo.pigsty.io/get | bash # ./configure # ./deploy.yml all: #==============================================================# # Clusters, Nodes, and Modules #==============================================================# children: #----------------------------------------------# # PGSQL : https://pigsty.io/docs/pgsql #----------------------------------------------# # this is an example single-node postgres cluster with pgvector installed, with one biz database & two biz users pg-meta: hosts: 10.146.0.6: { pg_seq: 1, pg_role: primary } # <---- primary instance with read-write capability #x.xx.xx.xx: { pg_seq: 2, pg_role: replica } # <---- read only replica for read-only online traffic #x.xx.xx.xy: { pg_seq: 3, pg_role: offline } # <---- offline instance of ETL & interactive queries vars: pg_cluster: pg-meta # install, load, create pg extensions: https://pigsty.io/docs/pgsql/ext/ pg_extensions: [ postgis, pgvector ] # define business users/roles : https://pigsty.io/docs/pgsql/config/user pg_users: - { name: dbuser_meta ,password: DBUser.Meta ,pgbouncer: true ,roles: [dbrole_admin ] ,comment: pigsty admin user } - { name: dbuser_view ,password: DBUser.Viewer ,pgbouncer: true ,roles: [dbrole_readonly] ,comment: read-only viewer } # define business databases : https://pigsty.io/docs/pgsql/config/db pg_databases: - name: meta baseline: cmdb.sql comment: "pigsty meta database" schemas: [pigsty] # define extensions in database : https://pigsty.io/docs/pgsql/ext/create extensions: [ postgis, vector ] pg_hba_rules: # https://pigsty.io/docs/pgsql/config/hba - { user: all ,db: all ,addr: intra ,auth: pwd ,title: 'everyone intranet access with password' ,order: 800 } pg_crontab: # https://pigsty.io/docs/pgsql/admin/crontab - '00 01 * * * /pg/bin/pg-backup full' # define (OPTIONAL) L2 VIP that bind to primary #pg_vip_enabled: true #pg_vip_address: 10.10.10.2/24 #pg_vip_interface: eth1 #----------------------------------------------# # INFRA : https://pigsty.io/docs/infra #----------------------------------------------# infra: hosts: 10.146.0.6: { infra_seq: 1 } vars: repo_enabled: false # disable in 1-node mode : https://pigsty.io/docs/infra/admin/repo #repo_extra_packages: [ pg18-main ,pg18-time ,pg18-gis ,pg18-rag ,pg18-fts ,pg18-olap ,pg18-feat ,pg18-lang ,pg18-type ,pg18-util ,pg18-func ,pg18-admin ,pg18-stat ,pg18-sec ,pg18-fdw ,pg18-sim ,pg18-etl] #----------------------------------------------# # ETCD : https://pigsty.io/docs/etcd #----------------------------------------------# etcd: hosts: 10.146.0.6: { etcd_seq: 1 } vars: etcd_cluster: etcd etcd_safeguard: false # prevent purging running etcd instance? #----------------------------------------------# # MINIO : https://pigsty.io/docs/minio #----------------------------------------------# #minio: # hosts: # 10.146.0.6: { minio_seq: 1 } # vars: # minio_cluster: minio # minio_users: # list of minio user to be created # - { access_key: pgbackrest ,secret_key: S3User.Backup ,policy: pgsql } # - { access_key: s3user_meta ,secret_key: S3User.Meta ,policy: meta } # - { access_key: s3user_data ,secret_key: S3User.Data ,policy: data } #----------------------------------------------# # DOCKER : https://pigsty.io/docs/docker # APP : https://pigsty.io/docs/app #----------------------------------------------# # launch example pgadmin app with: ./app.yml (http://10.146.0.6:8885 admin@pigsty.cc / pigsty) app: hosts: { 10.146.0.6: {} } vars: docker_enabled: true # enabled docker with ./docker.yml #docker_registry_mirrors: ["https://docker.1panel.live","https://docker.1ms.run","https://docker.xuanyuan.me","https://registry-1.docker.io"] app: pgadmin # specify the default app name to be installed (in the apps) apps: # define all applications, appname: definition pgadmin: # pgadmin app definition (app/pgadmin -> /opt/pgadmin) conf: # override /opt/pgadmin/.env PGADMIN_DEFAULT_EMAIL: admin@pigsty.cc PGADMIN_DEFAULT_PASSWORD: pigsty #==============================================================# # Global Parameters #==============================================================# vars: #----------------------------------------------# # INFRA : https://pigsty.io/docs/infra #----------------------------------------------# version: v4.0.0 # pigsty version string admin_ip: 10.146.0.6 # admin node ip address region: default # upstream mirror region: default|china|europe proxy_env: # global proxy env when downloading packages no_proxy: "localhost,127.0.0.1,10.0.0.0/8,192.168.0.0/16,*.pigsty,*.aliyun.com,mirrors.*,*.myqcloud.com,*.tsinghua.edu.cn" # http_proxy: # set your proxy here: e.g http://user:pass@proxy.xxx.com # https_proxy: # set your proxy here: e.g http://user:pass@proxy.xxx.com # all_proxy: # set your proxy here: e.g http://user:pass@proxy.xxx.com infra_portal: # infra services exposed via portal home : { domain: i.pigsty } # default domain name pgadmin : { domain: adm.pigsty ,endpoint: "${admin_ip}:8885" } #minio : { domain: m.pigsty ,endpoint: "${admin_ip}:9001" ,scheme: https ,websocket: true } #----------------------------------------------# # NODE : https://pigsty.io/docs/node/param #----------------------------------------------# nodename_overwrite: false # do not overwrite node hostname on single node mode node_tune: oltp # node tuning specs: oltp,olap,tiny,crit node_etc_hosts: [ '${admin_ip} i.pigsty sss.pigsty' ] node_repo_modules: 'node,infra,pgsql' # add these repos directly to the singleton node #node_repo_modules: local # use this if you want to build & user local repo node_repo_remove: true # remove existing node repo for node managed by pigsty #node_packages: [openssh-server] # packages to be installed current nodes with the latest version #----------------------------------------------# # PGSQL : https://pigsty.io/docs/pgsql/param #----------------------------------------------# pg_version: 18 # default postgres version pg_locale: C.UTF-8 # overwrite default C local pg_lc_collate: C.UTF-8 # overwrite default C lc_collate pg_lc_ctype: C.UTF-8 # overwrite default C lc_ctype pg_conf: oltp.yml # pgsql tuning specs: {oltp,olap,tiny,crit}.yml pg_safeguard: false # prevent purging running postgres instance? pg_packages: [ pgsql-main, pgsql-common ] # pg kernel and common utils #pg_extensions: [ pg18-time ,pg18-gis ,pg18-rag ,pg18-fts ,pg18-olap ,pg18-feat ,pg18-lang ,pg18-type ,pg18-util ,pg18-func ,pg18-admin ,pg18-stat ,pg18-sec ,pg18-fdw ,pg18-sim ,pg18-etl] #----------------------------------------------# # BACKUP : https://pigsty.io/docs/pgsql/backup #----------------------------------------------# # if you want to use minio as backup repo instead of 'local' fs, uncomment this, and configure `pgbackrest_repo` # you can also use external object storage as backup repo #pgbackrest_method: minio # if you want to use minio as backup repo instead of 'local' fs, uncomment this #pgbackrest_repo: # pgbackrest repo: https://pgbackrest.org/configuration.html#section-repository # local: # default pgbackrest repo with local posix fs # path: /pg/backup # local backup directory, `/pg/backup` by default # retention_full_type: count # retention full backups by count # retention_full: 2 # keep 2, at most 3 full backup when using local fs repo # minio: # optional minio repo for pgbackrest # type: s3 # minio is s3-compatible, so s3 is used # s3_endpoint: sss.pigsty # minio endpoint domain name, `sss.pigsty` by default # s3_region: us-east-1 # minio region, us-east-1 by default, useless for minio # s3_bucket: pgsql # minio bucket name, `pgsql` by default # s3_key: pgbackrest # minio user access key for pgbackrest # s3_key_secret: S3User.Backup # minio user secret key for pgbackrest # s3_uri_style: path # use path style uri for minio rather than host style # path: /pgbackrest # minio backup path, default is `/pgbackrest` # storage_port: 9000 # minio port, 9000 by default # storage_ca_file: /etc/pki/ca.crt # minio ca file path, `/etc/pki/ca.crt` by default # block: y # Enable block incremental backup # bundle: y # bundle small files into a single file # bundle_limit: 20MiB # Limit for file bundles, 20MiB for object storage # bundle_size: 128MiB # Target size for file bundles, 128MiB for object storage # cipher_type: aes-256-cbc # enable AES encryption for remote backup repo # cipher_pass: pgBackRest # AES encryption password, default is 'pgBackRest' # retention_full_type: time # retention full backup by time on minio repo # retention_full: 14 # keep full backup for last 14 days # s3: # any s3 compatible service is fine # type: s3 # s3_endpoint: oss-cn-beijing-internal.aliyuncs.com # s3_region: oss-cn-beijing # s3_bucket: # s3_key: # s3_key_secret: # s3_uri_style: host # path: /pgbackrest # bundle: y # bundle small files into a single file # bundle_limit: 20MiB # Limit for file bundles, 20MiB for object storage # bundle_size: 128MiB # Target size for file bundles, 128MiB for object storage # cipher_type: aes-256-cbc # enable AES encryption for remote backup repo # cipher_pass: pgBackRest # AES encryption password, default is 'pgBackRest' # retention_full_type: time # retention full backup by time on minio repo # retention_full: 14 # keep full backup for last 14 days #----------------------------------------------# # PASSWORD : https://pigsty.io/docs/setup/security/ #----------------------------------------------# grafana_admin_password: pigsty grafana_view_password: DBUser.Viewer pg_admin_password: DBUser.DBA pg_monitor_password: DBUser.Monitor pg_replication_password: DBUser.Replicator patroni_password: Patroni.API haproxy_admin_password: pigsty minio_secret_key: S3User.MinIO etcd_root_password: Etcd.Root ...