diff --git a/Dockerfile b/Dockerfile index 46108de..d20e233 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ -FROM phusion/baseimage:0.9.12 +FROM phusion/baseimage:latest MAINTAINER Abe Voelker ENV USERNAME postgres ENV PASSWORD password -ENV VERSION 9.4 +ENV VERSION 10 # Temporary hack around a Docker Hub `docker build` issue. See: # https://github.com/docker/docker/issues/6345#issuecomment-49245365 @@ -31,7 +31,7 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get update RUN DEBIAN_FRONTEND=noninteractive apt-get install -y wget # Add PostgreSQL Global Development Group apt source -RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main" > /etc/apt/sources.list.d/pgdg.list +RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main" > /etc/apt/sources.list.d/pgdg.list # Add PGDG repository key RUN wget -qO - http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - @@ -48,20 +48,20 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get install -y \ # Install WAL-E dependencies libxml2-dev \ libxslt1-dev \ - python-dev \ - python-pip \ + python3-dev \ + python3-pip \ daemontools \ libevent-dev \ lzop \ pv \ libffi-dev \ libssl-dev &&\ - pip install virtualenv + pip3 install virtualenv # Install WAL-E into a virtualenv RUN virtualenv /var/lib/postgresql/wal-e &&\ . /var/lib/postgresql/wal-e/bin/activate &&\ - pip install wal-e &&\ + pip3 install wal-e google-cloud-storage &&\ ln -s /var/lib/postgresql/wal-e/bin/wal-e /usr/local/bin/wal-e # Create directory for storing secret WAL-E environment variables @@ -107,7 +107,7 @@ CMD ["/data/scripts/start_postgres.sh"] # Keep Postgres log, config and storage outside of union filesystem VOLUME ["/var/log/postgresql", \ "/var/log/supervisor", \ - "/etc/postgresql/9.4/main", \ - "/var/lib/postgresql/9.4/main"] + "/etc/postgresql/10/main", \ + "/var/lib/postgresql/10/main"] EXPOSE 5432 diff --git a/README.md b/README.md index fcdc5df..70dcb2e 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Postgres Dockerfile -Docker image for Postgres 9.4 + WAL-E + PL/Python and PL/V8 languages +Docker image for Postgres 10.1 + WAL-E + PL/Python and PL/V8 languages ## Basic usage @@ -30,7 +30,7 @@ This image comes with [WAL-E][wal-e] for performing continuous archiving of Post ``` PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - 0 2 * * * postgres envdir /etc/wal-e.d/env wal-e backup-push /var/lib/postgresql/9.4/main + 0 2 * * * postgres envdir /etc/wal-e.d/env wal-e backup-push /var/lib/postgresql/10/main 0 3 * * * postgres envdir /etc/wal-e.d/env wal-e delete --confirm retain 7 ``` @@ -47,7 +47,7 @@ $ ls -1 /tmp/cron wal-e $ cat /tmp/cron/wal-e PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin -0 2 * * * postgres envdir /etc/wal-e.d/env wal-e backup-push /var/lib/postgresql/9.4/main +0 2 * * * postgres envdir /etc/wal-e.d/env wal-e backup-push /var/lib/postgresql/10/main 0 3 * * * postgres envdir /etc/wal-e.d/env wal-e delete --confirm retain 7 $ docker run -v /tmp/env:/etc/wal-e.d/env -v /tmp/cron:/etc/cron.d abevoelker/postgres /sbin/my_init *** Running /etc/rc.local... diff --git a/pg_hba.conf b/pg_hba.conf index 932e186..822fd8e 100644 --- a/pg_hba.conf +++ b/pg_hba.conf @@ -42,10 +42,10 @@ # or "samenet" to match any address in any subnet that the server is # directly connected to. # -# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", -# "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert". Note that -# "password" sends passwords in clear text; "md5" is preferred since -# it sends encrypted passwords. +# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256", +# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert". +# Note that "password" sends passwords in clear text; "md5" or +# "scram-sha-256" are preferred since they send encrypted passwords. # # OPTIONS are a set of options for the authentication in the format # NAME=VALUE. The available options depend on the different @@ -59,11 +59,11 @@ # its special character, and just match a database or username with # that name. # -# This file is read on server startup and when the postmaster receives -# a SIGHUP signal. If you edit the file on a running system, you have -# to SIGHUP the postmaster for the changes to take effect. You can -# use "pg_ctl reload" to do that. - +# This file is read on server startup and when the server receives a +# SIGHUP signal. If you edit the file on a running system, you have to +# SIGHUP the server for the changes to take effect, run "pg_ctl reload", +# or execute "SELECT pg_reload_conf()". +# # Put your actual configuration here # ---------------------------------- # @@ -87,13 +87,13 @@ local all postgres peer # TYPE DATABASE USER ADDRESS METHOD # "local" is for Unix domain socket connections only -#local all all peer +local all all peer # IPv4 connections: host all all 0.0.0.0/0 password # IPv6 connections: host all all ::/0 password # Allow replication connections from localhost, by a user with the # replication privilege. -#local replication postgres peer -#host replication postgres 127.0.0.1/32 md5 -#host replication postgres ::1/128 md5 +#local replication all peer +#host replication all 127.0.0.1/32 md5 +#host replication all ::1/128 md5 diff --git a/pg_hba.conf.default b/pg_hba.conf.default index 743fa9c..822fd8e 100644 --- a/pg_hba.conf.default +++ b/pg_hba.conf.default @@ -42,10 +42,10 @@ # or "samenet" to match any address in any subnet that the server is # directly connected to. # -# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", -# "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert". Note that -# "password" sends passwords in clear text; "md5" is preferred since -# it sends encrypted passwords. +# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256", +# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert". +# Note that "password" sends passwords in clear text; "md5" or +# "scram-sha-256" are preferred since they send encrypted passwords. # # OPTIONS are a set of options for the authentication in the format # NAME=VALUE. The available options depend on the different @@ -59,11 +59,11 @@ # its special character, and just match a database or username with # that name. # -# This file is read on server startup and when the postmaster receives -# a SIGHUP signal. If you edit the file on a running system, you have -# to SIGHUP the postmaster for the changes to take effect. You can -# use "pg_ctl reload" to do that. - +# This file is read on server startup and when the server receives a +# SIGHUP signal. If you edit the file on a running system, you have to +# SIGHUP the server for the changes to take effect, run "pg_ctl reload", +# or execute "SELECT pg_reload_conf()". +# # Put your actual configuration here # ---------------------------------- # @@ -88,12 +88,12 @@ local all postgres peer # "local" is for Unix domain socket connections only local all all peer -# IPv4 local connections: -host all all 127.0.0.1/32 md5 -# IPv6 local connections: -host all all ::1/128 md5 +# IPv4 connections: +host all all 0.0.0.0/0 password +# IPv6 connections: +host all all ::/0 password # Allow replication connections from localhost, by a user with the # replication privilege. -#local replication postgres peer -#host replication postgres 127.0.0.1/32 md5 -#host replication postgres ::1/128 md5 +#local replication all peer +#host replication all 127.0.0.1/32 md5 +#host replication all ::1/128 md5 diff --git a/postgresql.conf b/postgresql.conf index 373cacf..549f7a0 100644 --- a/postgresql.conf +++ b/postgresql.conf @@ -16,9 +16,9 @@ # # This file is read on server startup and when the server receives a SIGHUP # signal. If you edit the file on a running system, you have to SIGHUP the -# server for the changes to take effect, or use "pg_ctl reload". Some -# parameters, which are marked below, require a server shutdown and restart to -# take effect. +# server for the changes to take effect, run "pg_ctl reload", or execute +# "SELECT pg_reload_conf()". Some parameters, which are marked below, +# require a server shutdown and restart to take effect. # # Any parameter can also be given as a command-line option to the server, e.g., # "postgres -c log_connections=on". Some parameters can be changed at run time @@ -27,7 +27,7 @@ # Memory units: kB = kilobytes Time units: ms = milliseconds # MB = megabytes s = seconds # GB = gigabytes min = minutes -# h = hours +# TB = terabytes h = hours # d = days @@ -38,15 +38,15 @@ # The default values of these variables are driven from the -D command-line # option or PGDATA environment variable, represented here as ConfigDir. -data_directory = '/var/lib/postgresql/9.4/main' # use data in another directory +data_directory = '/var/lib/postgresql/10/main' # use data in another directory # (change requires restart) -hba_file = '/etc/postgresql/9.4/main/pg_hba.conf' # host-based authentication file +hba_file = '/etc/postgresql/10/main/pg_hba.conf' # host-based authentication file # (change requires restart) -ident_file = '/etc/postgresql/9.4/main/pg_ident.conf' # ident configuration file +ident_file = '/etc/postgresql/10/main/pg_ident.conf' # ident configuration file # (change requires restart) # If external_pid_file is not explicitly set, no extra PID file is written. -external_pid_file = '/var/run/postgresql/9.4-main.pid' # write an extra PID file +external_pid_file = '/var/run/postgresql/10-main.pid' # write an extra PID file # (change requires restart) @@ -62,8 +62,6 @@ listen_addresses = '*' # what IP address(es) to listen on; # (change requires restart) port = 5432 # (change requires restart) max_connections = 100 # (change requires restart) -# Note: Increasing max_connections costs ~400 bytes of shared memory per -# connection slot, plus lock space (see max_locks_per_transaction). #superuser_reserved_connections = 3 # (change requires restart) unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories # (change requires restart) @@ -78,20 +76,21 @@ unix_socket_directories = '/var/run/postgresql' # comma-separated list of direct # - Security and Authentication - #authentication_timeout = 1min # 1s-600s -#ssl = off # (change requires restart) -#ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers - # (change requires restart) -#ssl_renegotiation_limit = 512MB # amount of data between renegotiations -#ssl_cert_file = 'server.crt' # (change requires restart) -#ssl_key_file = 'server.key' # (change requires restart) -#ssl_ca_file = '' # (change requires restart) -#ssl_crl_file = '' # (change requires restart) -#password_encryption = on +#ssl = off +#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers +#ssl_prefer_server_ciphers = on +#ssl_ecdh_curve = 'prime256v1' +#ssl_dh_params_file = '' +#ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' +#ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' +#ssl_ca_file = '' +#ssl_crl_file = '' +#password_encryption = md5 # md5 or scram-sha-256 #db_user_namespace = off +#row_security = on -# Kerberos and GSSAPI +# GSSAPI using Kerberos #krb_server_keyfile = '' -#krb_srvname = 'postgres' # (Kerberos only) #krb_caseins_users = off # - TCP Keepalives - @@ -111,22 +110,32 @@ unix_socket_directories = '/var/run/postgresql' # comma-separated list of direct # - Memory - -shared_buffers = 128MB # min 128kB +shared_buffers = 256MB # min 128kB + # (change requires restart) +#huge_pages = try # on, off, or try # (change requires restart) #temp_buffers = 8MB # min 800kB #max_prepared_transactions = 0 # zero disables the feature # (change requires restart) -# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory -# per transaction slot, plus lock space (see max_locks_per_transaction). -# It is not advisable to set max_prepared_transactions nonzero unless you -# actively intend to use prepared transactions. -#work_mem = 1MB # min 64kB -#maintenance_work_mem = 16MB # min 1MB +# Caution: it is not advisable to set max_prepared_transactions nonzero unless +# you actively intend to use prepared transactions. +#work_mem = 4MB # min 64kB +#maintenance_work_mem = 64MB # min 1MB +#replacement_sort_tuples = 150000 # limits use of replacement selection sort +#autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem #max_stack_depth = 2MB # min 100kB +dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) # - Disk - -#temp_file_limit = -1 # limits per-session temp file space +#temp_file_limit = -1 # limits per-process temp file space # in kB, or -1 for no limit # - Kernel Resource Usage - @@ -147,11 +156,19 @@ shared_buffers = 128MB # min 128kB #bgwriter_delay = 200ms # 10-10000ms between rounds #bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round -#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round +#bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round +#bgwriter_flush_after = 512kB # measured in pages, 0 disables # - Asynchronous Behavior - #effective_io_concurrency = 1 # 1-1000; 0 disables prefetching +#max_worker_processes = 8 # (change requires restart) +#max_parallel_workers_per_gather = 2 # taken from max_parallel_workers +#max_parallel_workers = 8 # maximum number of max_worker_processes that + # can be used in parallel queries +#old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) +#backend_flush_after = 0 # measured in pages, 0 disables #------------------------------------------------------------------------------ @@ -160,11 +177,13 @@ shared_buffers = 128MB # min 128kB # - Settings - -#wal_level = minimal # minimal, archive, or hot_standby +wal_level = replica # minimal, replica, or logical # (change requires restart) -#fsync = on # turns forced synchronization on or off +#fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) #synchronous_commit = on # synchronization level; - # off, local, remote_write, or on + # off, local, remote_write, remote_apply, or on #wal_sync_method = fsync # the default is the first option # supported by the operating system: # open_datasync @@ -173,29 +192,35 @@ shared_buffers = 128MB # min 128kB # fsync_writethrough # open_sync #full_page_writes = on # recover from partial page writes +#wal_compression = off # enable compression of full-page writes +#wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) #wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers # (change requires restart) #wal_writer_delay = 200ms # 1-10000 milliseconds +#wal_writer_flush_after = 1MB # measured in pages, 0 disables #commit_delay = 0 # range 0-100000, in microseconds #commit_siblings = 5 # range 1-1000 # - Checkpoints - -#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each -#checkpoint_timeout = 5min # range 30s-1h +#checkpoint_timeout = 5min # range 30s-1d +#max_wal_size = 1GB +#min_wal_size = 80MB #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 +#checkpoint_flush_after = 256kB # measured in pages, 0 disables #checkpoint_warning = 30s # 0 disables # - Archiving - -#archive_mode = off # allows archiving to be done +archive_mode = on # enables archiving; off, on, or always # (change requires restart) -#archive_command = '' # command to use to archive a logfile segment +archive_command = 'envdir /etc/wal-e.d/env wal-e wal-push %p' # command to use to archive a logfile segment # placeholders: %p = path of file to archive # %f = file name only # e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' -#archive_timeout = 0 # force a logfile segment switch after this +archive_timeout = 60 # force a logfile segment switch after this # number of seconds; 0 disables @@ -207,17 +232,23 @@ shared_buffers = 128MB # min 128kB # Set these on the master and on any standby that will send replication data. -#max_wal_senders = 0 # max number of walsender processes +#max_wal_senders = 10 # max number of walsender processes # (change requires restart) #wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables #wal_sender_timeout = 60s # in milliseconds; 0 disables +#max_replication_slots = 10 # max number of replication slots + # (change requires restart) +#track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + # - Master Server - # These settings are ignored on a standby server. #synchronous_standby_names = '' # standby servers that provide sync rep - # comma-separated list of application_name + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name # from standby(s); '*' = all #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed @@ -225,7 +256,7 @@ shared_buffers = 128MB # min 128kB # These settings are ignored on a master server. -#hot_standby = off # "on" allows queries during recovery +#hot_standby = on # "off" disallows queries during recovery # (change requires restart) #max_standby_archive_delay = 30s # max delay before canceling queries # when reading WAL from archive; @@ -240,6 +271,16 @@ shared_buffers = 128MB # min 128kB #wal_receiver_timeout = 60s # time that receiver waits for # communication from master # in milliseconds; 0 disables +#wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + +# - Subscribers - + +# These settings are ignored on a publisher. + +#max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) +#max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers #------------------------------------------------------------------------------ @@ -267,7 +308,11 @@ shared_buffers = 128MB # min 128kB #cpu_tuple_cost = 0.01 # same scale as above #cpu_index_tuple_cost = 0.005 # same scale as above #cpu_operator_cost = 0.0025 # same scale as above -#effective_cache_size = 128MB +#parallel_tuple_cost = 0.1 # same scale as above +#parallel_setup_cost = 1000.0 # same scale as above +#min_parallel_table_scan_size = 8MB +#min_parallel_index_scan_size = 512kB +#effective_cache_size = 4GB # - Genetic Query Optimizer - @@ -287,6 +332,7 @@ shared_buffers = 128MB # min 128kB #from_collapse_limit = 8 #join_collapse_limit = 8 # 1 disables collapsing of explicit # JOIN clauses +#force_parallel_mode = off #------------------------------------------------------------------------------ @@ -307,7 +353,7 @@ shared_buffers = 128MB # min 128kB # (change requires restart) # These are only used if logging_collector is on: -#log_directory = 'pg_log' # directory where log files are written, +#log_directory = 'log' # directory where log files are written, # can be absolute or relative to PGDATA #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, # can include strftime() escapes @@ -330,8 +376,11 @@ shared_buffers = 128MB # min 128kB # These are relevant when logging to syslog: #syslog_facility = 'LOCAL0' #syslog_ident = 'postgres' +#syslog_sequence_numbers = on +#syslog_split_messages = on # This is only relevant when logging to eventlog (win32): +# (change requires restart) #event_source = 'PostgreSQL' # - When to Log - @@ -393,7 +442,7 @@ shared_buffers = 128MB # min 128kB #log_duration = off #log_error_verbosity = default # terse, default, or verbose messages #log_hostname = off -log_line_prefix = '%t ' # special values: +log_line_prefix = '%m [%p] %q%u@%d ' # special values: # %a = application name # %u = user name # %d = database name @@ -402,6 +451,7 @@ log_line_prefix = '%t ' # special values: # %p = process ID # %t = timestamp without milliseconds # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) # %i = command tag # %e = SQL state # %c = session ID @@ -415,12 +465,20 @@ log_line_prefix = '%t ' # special values: # e.g. '<%u%%%d> ' #log_lock_waits = off # log lock waits >= deadlock_timeout #log_statement = 'none' # none, ddl, mod, all +#log_replication_commands = off #log_temp_files = -1 # log temporary files equal or larger # than the specified size in kilobytes; # -1 disables, 0 logs all temp files log_timezone = 'UTC' +# - Process Title - + +cluster_name = '10/main' # added to process titles if nonempty + # (change requires restart) +#update_process_title = on + + #------------------------------------------------------------------------------ # RUNTIME STATISTICS #------------------------------------------------------------------------------ @@ -432,8 +490,7 @@ log_timezone = 'UTC' #track_io_timing = off #track_functions = none # none, pl, all #track_activity_query_size = 1024 # (change requires restart) -#update_process_title = on -#stats_temp_directory = 'pg_stat_tmp' +stats_temp_directory = '/var/run/postgresql/10-main.pg_stat_tmp' # - Statistics Monitoring - @@ -448,7 +505,7 @@ log_timezone = 'UTC' # AUTOVACUUM PARAMETERS #------------------------------------------------------------------------------ -#autovacuum = on # Enable autovacuum subprocess? 'on' +autovacuum = on # Enable autovacuum subprocess? 'on' # requires track_counts to also be on. #log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and # their durations, > 0 logs only @@ -465,7 +522,7 @@ log_timezone = 'UTC' #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum # (change requires restart) -#autovacuum_multixact_freeze_max_age = 400000000 # maximum Multixact age +#autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age # before forced vacuum # (change requires restart) #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for @@ -482,7 +539,7 @@ log_timezone = 'UTC' # - Statement Behavior - -#search_path = '"$user",public' # schema names +#search_path = '"$user", public' # schema names #default_tablespace = '' # a tablespace name, '' uses the default #temp_tablespaces = '' # a list of tablespace names, '' uses # only default tablespace @@ -493,6 +550,7 @@ log_timezone = 'UTC' #session_replication_role = 'origin' #statement_timeout = 0 # in milliseconds, 0 is disabled #lock_timeout = 0 # in milliseconds, 0 is disabled +#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled #vacuum_freeze_min_age = 50000000 #vacuum_freeze_table_age = 150000000 #vacuum_multixact_freeze_min_age = 5000000 @@ -500,6 +558,8 @@ log_timezone = 'UTC' #bytea_output = 'hex' # hex, escape #xmlbinary = 'base64' #xmloption = 'content' +#gin_fuzzy_search_limit = 0 +#gin_pending_list_limit = 4MB # - Locale and Formatting - @@ -509,7 +569,7 @@ timezone = 'UTC' #timezone_abbreviations = 'Default' # Select the set of available time zone # abbreviations. Currently, there are # Default - # Australia + # Australia (historical usage) # India # You can create your own file in # share/timezonesets/. @@ -531,6 +591,7 @@ default_text_search_config = 'pg_catalog.english' #dynamic_library_path = '$libdir' #local_preload_libraries = '' +#session_preload_libraries = '' #------------------------------------------------------------------------------ @@ -540,11 +601,12 @@ default_text_search_config = 'pg_catalog.english' #deadlock_timeout = 1s #max_locks_per_transaction = 64 # min 10 # (change requires restart) -# Note: Each lock table slot uses ~270 bytes of shared memory, and there are -# max_locks_per_transaction * (max_connections + max_prepared_transactions) -# lock table slots. #max_pred_locks_per_transaction = 64 # min 10 # (change requires restart) +#max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 +#max_pred_locks_per_page = 2 # min 0 #------------------------------------------------------------------------------ @@ -558,8 +620,8 @@ default_text_search_config = 'pg_catalog.english' #default_with_oids = off #escape_string_warning = on #lo_compat_privileges = off +#operator_precedence_warning = off #quote_all_identifiers = off -#sql_inheritance = on #standard_conforming_strings = on #synchronize_seqscans = on @@ -594,3 +656,4 @@ default_text_search_config = 'pg_catalog.english' #------------------------------------------------------------------------------ # Add settings for extensions here + diff --git a/postgresql.conf.default b/postgresql.conf.default index 2a46674..e3002a8 100644 --- a/postgresql.conf.default +++ b/postgresql.conf.default @@ -16,9 +16,9 @@ # # This file is read on server startup and when the server receives a SIGHUP # signal. If you edit the file on a running system, you have to SIGHUP the -# server for the changes to take effect, or use "pg_ctl reload". Some -# parameters, which are marked below, require a server shutdown and restart to -# take effect. +# server for the changes to take effect, run "pg_ctl reload", or execute +# "SELECT pg_reload_conf()". Some parameters, which are marked below, +# require a server shutdown and restart to take effect. # # Any parameter can also be given as a command-line option to the server, e.g., # "postgres -c log_connections=on". Some parameters can be changed at run time @@ -27,7 +27,7 @@ # Memory units: kB = kilobytes Time units: ms = milliseconds # MB = megabytes s = seconds # GB = gigabytes min = minutes -# h = hours +# TB = terabytes h = hours # d = days @@ -38,15 +38,15 @@ # The default values of these variables are driven from the -D command-line # option or PGDATA environment variable, represented here as ConfigDir. -data_directory = '/var/lib/postgresql/9.4/main' # use data in another directory +data_directory = '/var/lib/postgresql/10/main' # use data in another directory # (change requires restart) -hba_file = '/etc/postgresql/9.4/main/pg_hba.conf' # host-based authentication file +hba_file = '/etc/postgresql/10/main/pg_hba.conf' # host-based authentication file # (change requires restart) -ident_file = '/etc/postgresql/9.4/main/pg_ident.conf' # ident configuration file +ident_file = '/etc/postgresql/10/main/pg_ident.conf' # ident configuration file # (change requires restart) # If external_pid_file is not explicitly set, no extra PID file is written. -external_pid_file = '/var/run/postgresql/9.4-main.pid' # write an extra PID file +external_pid_file = '/var/run/postgresql/10-main.pid' # write an extra PID file # (change requires restart) @@ -56,14 +56,12 @@ external_pid_file = '/var/run/postgresql/9.4-main.pid' # write an extra PID fi # - Connection Settings - -#listen_addresses = 'localhost' # what IP address(es) to listen on; +listen_addresses = '*' # what IP address(es) to listen on; # comma-separated list of addresses; # defaults to 'localhost'; use '*' for all # (change requires restart) port = 5432 # (change requires restart) max_connections = 100 # (change requires restart) -# Note: Increasing max_connections costs ~400 bytes of shared memory per -# connection slot, plus lock space (see max_locks_per_transaction). #superuser_reserved_connections = 3 # (change requires restart) unix_socket_directories = '/var/run/postgresql' # comma-separated list of directories # (change requires restart) @@ -78,20 +76,21 @@ unix_socket_directories = '/var/run/postgresql' # comma-separated list of direct # - Security and Authentication - #authentication_timeout = 1min # 1s-600s -#ssl = off # (change requires restart) -#ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers - # (change requires restart) -#ssl_renegotiation_limit = 512MB # amount of data between renegotiations -#ssl_cert_file = 'server.crt' # (change requires restart) -#ssl_key_file = 'server.key' # (change requires restart) -#ssl_ca_file = '' # (change requires restart) -#ssl_crl_file = '' # (change requires restart) -#password_encryption = on +#ssl = off +#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers +#ssl_prefer_server_ciphers = on +#ssl_ecdh_curve = 'prime256v1' +#ssl_dh_params_file = '' +#ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' +#ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' +#ssl_ca_file = '' +#ssl_crl_file = '' +#password_encryption = md5 # md5 or scram-sha-256 #db_user_namespace = off +#row_security = on -# Kerberos and GSSAPI +# GSSAPI using Kerberos #krb_server_keyfile = '' -#krb_srvname = 'postgres' # (Kerberos only) #krb_caseins_users = off # - TCP Keepalives - @@ -113,20 +112,30 @@ unix_socket_directories = '/var/run/postgresql' # comma-separated list of direct shared_buffers = 128MB # min 128kB # (change requires restart) +#huge_pages = try # on, off, or try + # (change requires restart) #temp_buffers = 8MB # min 800kB #max_prepared_transactions = 0 # zero disables the feature # (change requires restart) -# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory -# per transaction slot, plus lock space (see max_locks_per_transaction). -# It is not advisable to set max_prepared_transactions nonzero unless you -# actively intend to use prepared transactions. -#work_mem = 1MB # min 64kB -#maintenance_work_mem = 16MB # min 1MB +# Caution: it is not advisable to set max_prepared_transactions nonzero unless +# you actively intend to use prepared transactions. +#work_mem = 4MB # min 64kB +#maintenance_work_mem = 64MB # min 1MB +#replacement_sort_tuples = 150000 # limits use of replacement selection sort +#autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem #max_stack_depth = 2MB # min 100kB +dynamic_shared_memory_type = posix # the default is the first option + # supported by the operating system: + # posix + # sysv + # windows + # mmap + # use none to disable dynamic shared memory + # (change requires restart) # - Disk - -#temp_file_limit = -1 # limits per-session temp file space +#temp_file_limit = -1 # limits per-process temp file space # in kB, or -1 for no limit # - Kernel Resource Usage - @@ -147,11 +156,19 @@ shared_buffers = 128MB # min 128kB #bgwriter_delay = 200ms # 10-10000ms between rounds #bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round -#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round +#bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round +#bgwriter_flush_after = 512kB # measured in pages, 0 disables # - Asynchronous Behavior - #effective_io_concurrency = 1 # 1-1000; 0 disables prefetching +#max_worker_processes = 8 # (change requires restart) +#max_parallel_workers_per_gather = 2 # taken from max_parallel_workers +#max_parallel_workers = 8 # maximum number of max_worker_processes that + # can be used in parallel queries +#old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate + # (change requires restart) +#backend_flush_after = 0 # measured in pages, 0 disables #------------------------------------------------------------------------------ @@ -160,11 +177,13 @@ shared_buffers = 128MB # min 128kB # - Settings - -#wal_level = minimal # minimal, archive, or hot_standby +#wal_level = replica # minimal, replica, or logical # (change requires restart) -#fsync = on # turns forced synchronization on or off +#fsync = on # flush data to disk for crash safety + # (turning this off can cause + # unrecoverable data corruption) #synchronous_commit = on # synchronization level; - # off, local, remote_write, or on + # off, local, remote_write, remote_apply, or on #wal_sync_method = fsync # the default is the first option # supported by the operating system: # open_datasync @@ -173,23 +192,29 @@ shared_buffers = 128MB # min 128kB # fsync_writethrough # open_sync #full_page_writes = on # recover from partial page writes +#wal_compression = off # enable compression of full-page writes +#wal_log_hints = off # also do full page writes of non-critical updates + # (change requires restart) #wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers # (change requires restart) #wal_writer_delay = 200ms # 1-10000 milliseconds +#wal_writer_flush_after = 1MB # measured in pages, 0 disables #commit_delay = 0 # range 0-100000, in microseconds #commit_siblings = 5 # range 1-1000 # - Checkpoints - -#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each -#checkpoint_timeout = 5min # range 30s-1h +#checkpoint_timeout = 5min # range 30s-1d +#max_wal_size = 1GB +#min_wal_size = 80MB #checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 +#checkpoint_flush_after = 256kB # measured in pages, 0 disables #checkpoint_warning = 30s # 0 disables # - Archiving - -#archive_mode = off # allows archiving to be done +#archive_mode = off # enables archiving; off, on, or always # (change requires restart) #archive_command = '' # command to use to archive a logfile segment # placeholders: %p = path of file to archive @@ -207,17 +232,23 @@ shared_buffers = 128MB # min 128kB # Set these on the master and on any standby that will send replication data. -#max_wal_senders = 0 # max number of walsender processes +#max_wal_senders = 10 # max number of walsender processes # (change requires restart) #wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables #wal_sender_timeout = 60s # in milliseconds; 0 disables +#max_replication_slots = 10 # max number of replication slots + # (change requires restart) +#track_commit_timestamp = off # collect timestamp of transaction commit + # (change requires restart) + # - Master Server - # These settings are ignored on a standby server. #synchronous_standby_names = '' # standby servers that provide sync rep - # comma-separated list of application_name + # method to choose sync standbys, number of sync standbys, + # and comma-separated list of application_name # from standby(s); '*' = all #vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed @@ -225,7 +256,7 @@ shared_buffers = 128MB # min 128kB # These settings are ignored on a master server. -#hot_standby = off # "on" allows queries during recovery +#hot_standby = on # "off" disallows queries during recovery # (change requires restart) #max_standby_archive_delay = 30s # max delay before canceling queries # when reading WAL from archive; @@ -240,6 +271,16 @@ shared_buffers = 128MB # min 128kB #wal_receiver_timeout = 60s # time that receiver waits for # communication from master # in milliseconds; 0 disables +#wal_retrieve_retry_interval = 5s # time to wait before retrying to + # retrieve WAL after a failed attempt + +# - Subscribers - + +# These settings are ignored on a publisher. + +#max_logical_replication_workers = 4 # taken from max_worker_processes + # (change requires restart) +#max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers #------------------------------------------------------------------------------ @@ -267,7 +308,11 @@ shared_buffers = 128MB # min 128kB #cpu_tuple_cost = 0.01 # same scale as above #cpu_index_tuple_cost = 0.005 # same scale as above #cpu_operator_cost = 0.0025 # same scale as above -#effective_cache_size = 128MB +#parallel_tuple_cost = 0.1 # same scale as above +#parallel_setup_cost = 1000.0 # same scale as above +#min_parallel_table_scan_size = 8MB +#min_parallel_index_scan_size = 512kB +#effective_cache_size = 4GB # - Genetic Query Optimizer - @@ -287,6 +332,7 @@ shared_buffers = 128MB # min 128kB #from_collapse_limit = 8 #join_collapse_limit = 8 # 1 disables collapsing of explicit # JOIN clauses +#force_parallel_mode = off #------------------------------------------------------------------------------ @@ -307,7 +353,7 @@ shared_buffers = 128MB # min 128kB # (change requires restart) # These are only used if logging_collector is on: -#log_directory = 'pg_log' # directory where log files are written, +#log_directory = 'log' # directory where log files are written, # can be absolute or relative to PGDATA #log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, # can include strftime() escapes @@ -330,8 +376,11 @@ shared_buffers = 128MB # min 128kB # These are relevant when logging to syslog: #syslog_facility = 'LOCAL0' #syslog_ident = 'postgres' +#syslog_sequence_numbers = on +#syslog_split_messages = on # This is only relevant when logging to eventlog (win32): +# (change requires restart) #event_source = 'PostgreSQL' # - When to Log - @@ -393,7 +442,7 @@ shared_buffers = 128MB # min 128kB #log_duration = off #log_error_verbosity = default # terse, default, or verbose messages #log_hostname = off -log_line_prefix = '%t ' # special values: +log_line_prefix = '%m [%p] %q%u@%d ' # special values: # %a = application name # %u = user name # %d = database name @@ -402,6 +451,7 @@ log_line_prefix = '%t ' # special values: # %p = process ID # %t = timestamp without milliseconds # %m = timestamp with milliseconds + # %n = timestamp with milliseconds (as a Unix epoch) # %i = command tag # %e = SQL state # %c = session ID @@ -415,12 +465,20 @@ log_line_prefix = '%t ' # special values: # e.g. '<%u%%%d> ' #log_lock_waits = off # log lock waits >= deadlock_timeout #log_statement = 'none' # none, ddl, mod, all +#log_replication_commands = off #log_temp_files = -1 # log temporary files equal or larger # than the specified size in kilobytes; # -1 disables, 0 logs all temp files log_timezone = 'UTC' +# - Process Title - + +cluster_name = '10/main' # added to process titles if nonempty + # (change requires restart) +#update_process_title = on + + #------------------------------------------------------------------------------ # RUNTIME STATISTICS #------------------------------------------------------------------------------ @@ -432,8 +490,7 @@ log_timezone = 'UTC' #track_io_timing = off #track_functions = none # none, pl, all #track_activity_query_size = 1024 # (change requires restart) -#update_process_title = on -#stats_temp_directory = 'pg_stat_tmp' +stats_temp_directory = '/var/run/postgresql/10-main.pg_stat_tmp' # - Statistics Monitoring - @@ -465,7 +522,7 @@ log_timezone = 'UTC' #autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze #autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum # (change requires restart) -#autovacuum_multixact_freeze_max_age = 400000000 # maximum Multixact age +#autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age # before forced vacuum # (change requires restart) #autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for @@ -482,7 +539,7 @@ log_timezone = 'UTC' # - Statement Behavior - -#search_path = '"$user",public' # schema names +#search_path = '"$user", public' # schema names #default_tablespace = '' # a tablespace name, '' uses the default #temp_tablespaces = '' # a list of tablespace names, '' uses # only default tablespace @@ -493,6 +550,7 @@ log_timezone = 'UTC' #session_replication_role = 'origin' #statement_timeout = 0 # in milliseconds, 0 is disabled #lock_timeout = 0 # in milliseconds, 0 is disabled +#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled #vacuum_freeze_min_age = 50000000 #vacuum_freeze_table_age = 150000000 #vacuum_multixact_freeze_min_age = 5000000 @@ -500,6 +558,8 @@ log_timezone = 'UTC' #bytea_output = 'hex' # hex, escape #xmlbinary = 'base64' #xmloption = 'content' +#gin_fuzzy_search_limit = 0 +#gin_pending_list_limit = 4MB # - Locale and Formatting - @@ -509,7 +569,7 @@ timezone = 'UTC' #timezone_abbreviations = 'Default' # Select the set of available time zone # abbreviations. Currently, there are # Default - # Australia + # Australia (historical usage) # India # You can create your own file in # share/timezonesets/. @@ -531,6 +591,7 @@ default_text_search_config = 'pg_catalog.english' #dynamic_library_path = '$libdir' #local_preload_libraries = '' +#session_preload_libraries = '' #------------------------------------------------------------------------------ @@ -540,11 +601,12 @@ default_text_search_config = 'pg_catalog.english' #deadlock_timeout = 1s #max_locks_per_transaction = 64 # min 10 # (change requires restart) -# Note: Each lock table slot uses ~270 bytes of shared memory, and there are -# max_locks_per_transaction * (max_connections + max_prepared_transactions) -# lock table slots. #max_pred_locks_per_transaction = 64 # min 10 # (change requires restart) +#max_pred_locks_per_relation = -2 # negative values mean + # (max_pred_locks_per_transaction + # / -max_pred_locks_per_relation) - 1 +#max_pred_locks_per_page = 2 # min 0 #------------------------------------------------------------------------------ @@ -558,8 +620,8 @@ default_text_search_config = 'pg_catalog.english' #default_with_oids = off #escape_string_warning = on #lo_compat_privileges = off +#operator_precedence_warning = off #quote_all_identifiers = off -#sql_inheritance = on #standard_conforming_strings = on #synchronize_seqscans = on diff --git a/scripts/ensure_ownership.sh b/scripts/ensure_ownership.sh index 0359731..015d208 100644 --- a/scripts/ensure_ownership.sh +++ b/scripts/ensure_ownership.sh @@ -3,6 +3,6 @@ chown -R root:root /etc/cron.{d,daily,hourly,monthly,weekly} chmod -R 755 /etc/cron.{d,daily,hourly,monthly,weekly} chown -R root:postgres /etc/wal-e.d chmod -R 750 /etc/wal-e.d -chown -R postgres:postgres /var/lib/postgresql/9.4 -chown -R postgres:postgres /etc/postgresql/9.4/main -chmod -R 700 /etc/postgresql/9.4/main +chown -R postgres:postgres /var/lib/postgresql/10 +chown -R postgres:postgres /etc/postgresql/10/main +chmod -R 700 /etc/postgresql/10/main diff --git a/scripts/start_postgres.sh b/scripts/start_postgres.sh index 2f112c5..9a91595 100644 --- a/scripts/start_postgres.sh +++ b/scripts/start_postgres.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" $DIR/ensure_ownership.sh -exec su postgres -c "/usr/lib/postgresql/9.4/bin/postgres -D /var/lib/postgresql/9.4/main -c config_file=/etc/postgresql/9.4/main/postgresql.conf" +exec su postgres -c "/usr/lib/postgresql/10/bin/postgres -D /var/lib/postgresql/10/main -c config_file=/etc/postgresql/10/main/postgresql.conf"