88 lines
3.9 KiB
YAML
88 lines
3.9 KiB
YAML
---
|
|
#==============================================================#
|
|
# File : pgtde.yml
|
|
# Desc : PG TDE with Percona PostgreSQL 1-node template
|
|
# Ctime : 2025-07-04
|
|
# Mtime : 2025-12-28
|
|
# Docs : https://pigsty.io/docs/conf/pgtde
|
|
# License : Apache-2.0 @ https://pigsty.io/docs/about/license/
|
|
# Copyright : 2018-2026 Ruohang Feng / Vonng (rh@vonng.com)
|
|
#==============================================================#
|
|
|
|
# This is the config template for Percona PostgreSQL Distribution
|
|
# With pg_tde extension, which is compatible with PostgreSQL 18.1
|
|
# tutorial: https://pigsty.io/docs/pgsql/kernel/percona
|
|
#
|
|
# Usage:
|
|
# curl https://repo.pigsty.io/get | bash
|
|
# ./configure -c pgtde
|
|
# ./deploy.yml
|
|
|
|
all:
|
|
children:
|
|
infra: { hosts: { 10.10.10.10: { infra_seq: 1 }} ,vars: { repo_enabled: false }}
|
|
etcd: { hosts: { 10.10.10.10: { etcd_seq: 1 }} ,vars: { etcd_cluster: etcd }}
|
|
#minio: { hosts: { 10.10.10.10: { minio_seq: 1 }} ,vars: { minio_cluster: minio }}
|
|
|
|
#----------------------------------------------#
|
|
# Percona Postgres Database Cluster
|
|
#----------------------------------------------#
|
|
pg-meta:
|
|
hosts:
|
|
10.10.10.10: { pg_seq: 1, pg_role: primary }
|
|
vars:
|
|
pg_cluster: pg-meta
|
|
pg_users:
|
|
- { name: dbuser_meta ,password: DBUser.Meta ,pgbouncer: true ,roles: [dbrole_admin ] ,comment: pigsty admin user }
|
|
- { name: dbuser_view ,password: DBUser.Viewer ,pgbouncer: true ,roles: [dbrole_readonly] ,comment: read-only viewer }
|
|
pg_databases:
|
|
- name: meta
|
|
baseline: cmdb.sql
|
|
comment: pigsty tde database
|
|
schemas: [pigsty]
|
|
extensions: [ vector, postgis, pg_tde ,pgaudit, { name: pg_stat_monitor, schema: monitor } ]
|
|
pg_hba_rules: # https://pigsty.io/docs/pgsql/config/hba
|
|
- { user: all ,db: all ,addr: intra ,auth: pwd ,title: 'everyone intranet access with password' ,order: 800 }
|
|
pg_crontab: # https://pigsty.io/docs/pgsql/admin/crontab
|
|
- '00 01 * * * /pg/bin/pg-backup full'
|
|
|
|
# Percona PostgreSQL TDE Ad Hoc Settings
|
|
pg_packages: [ percona-main, pgsql-common ] # install percona postgres packages
|
|
pg_libs: 'pg_tde, pgaudit, pg_stat_statements, pg_stat_monitor, auto_explain'
|
|
|
|
vars:
|
|
#----------------------------------------------#
|
|
# INFRA : https://pigsty.io/docs/infra/param
|
|
#----------------------------------------------#
|
|
version: v4.0.0 # pigsty version string
|
|
admin_ip: 10.10.10.10 # admin node ip address
|
|
region: default # upstream mirror region: default,china,europe
|
|
infra_portal: # infra services exposed via portal
|
|
home : { domain: i.pigsty } # default domain name
|
|
|
|
#----------------------------------------------#
|
|
# NODE : https://pigsty.io/docs/node/param
|
|
#----------------------------------------------#
|
|
nodename_overwrite: false # do not overwrite node hostname on single node mode
|
|
node_repo_modules: node,infra,pgsql,percona
|
|
node_tune: oltp
|
|
|
|
#----------------------------------------------#
|
|
# PGSQL : https://pigsty.io/docs/pgsql/param
|
|
#----------------------------------------------#
|
|
pg_version: 18 # Default Percona TDE PG Major Version is 18
|
|
pg_conf: oltp.yml # pgsql tuning specs: {oltp,olap,tiny,crit}.yml
|
|
|
|
#----------------------------------------------#
|
|
# PASSWORD : https://pigsty.io/docs/setup/security/
|
|
#----------------------------------------------#
|
|
grafana_admin_password: pigsty
|
|
grafana_view_password: DBUser.Viewer
|
|
pg_admin_password: DBUser.DBA
|
|
pg_monitor_password: DBUser.Monitor
|
|
pg_replication_password: DBUser.Replicator
|
|
patroni_password: Patroni.API
|
|
haproxy_admin_password: pigsty
|
|
minio_secret_key: S3User.MinIO
|
|
etcd_root_password: Etcd.Root
|
|
... |