From 4d633e422bb8727669ed260e77dcc52cf7d3ad01 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Fri, 20 Sep 2024 13:44:56 +0100
Subject: [PATCH 1/8] chore: Set precedence to use ipv4 resolution in
 gettaddrinfo, descope local ipv4

---
 ansible/files/gai.conf                   | 89 ++++++++++++++++++++++++
 ansible/tasks/internal/optimizations.yml |  9 +++
 2 files changed, 98 insertions(+)
 create mode 100644 ansible/files/gai.conf

diff --git a/ansible/files/gai.conf b/ansible/files/gai.conf
new file mode 100644
index 000000000..cec09d0ce
--- /dev/null
+++ b/ansible/files/gai.conf
@@ -0,0 +1,89 @@
+# Configuration for getaddrinfo(3).
+#
+# So far only configuration for the destination address sorting is needed.
+# RFC 3484 governs the sorting.  But the RFC also says that system
+# administrators should be able to overwrite the defaults.  This can be
+# achieved here.
+#
+# All lines have an initial identifier specifying the option followed by
+# up to two values.  Information specified in this file replaces the
+# default information.  Complete absence of data of one kind causes the
+# appropriate default information to be used.  The supported commands include:
+#
+# reload  <yes|no>
+#    If set to yes, each getaddrinfo(3) call will check whether this file
+#    changed and if necessary reload.  This option should not really be
+#    used.  There are possible runtime problems.  The default is no.
+#
+# label   <mask>   <value>
+#    Add another rule to the RFC 3484 label table.  See section 2.1 in
+#    RFC 3484.  The default is:
+#
+#label ::1/128       0
+#label ::/0          1
+#label 2002::/16     2
+#label ::/96         3
+#label ::ffff:0:0/96 4
+#label fec0::/10     5
+#label fc00::/7      6
+#label 2001:0::/32   7
+#
+#    This default differs from the tables given in RFC 3484 by handling
+#    (now obsolete) site-local IPv6 addresses and Unique Local Addresses.
+#    The reason for this difference is that these addresses are never
+#    NATed while IPv4 site-local addresses most probably are.  Given
+#    the precedence of IPv6 over IPv4 (see below) on machines having only
+#    site-local IPv4 and IPv6 addresses a lookup for a global address would
+#    see the IPv6 be preferred.  The result is a long delay because the
+#    site-local IPv6 addresses cannot be used while the IPv4 address is
+#    (at least for the foreseeable future) NATed.  We also treat Teredo
+#    tunnels special.
+#
+# precedence  <mask>   <value>
+#    Add another rule to the RFC 3484 precedence table.  See section 2.1
+#    and 10.3 in RFC 3484.  The default is:
+#
+#precedence  ::1/128       50
+#precedence  ::/0          40
+#precedence  2002::/16     30
+#precedence ::/96          20
+#precedence ::ffff:0:0/96  10
+#
+#    For sites which prefer IPv4 connections change the last line to
+#
+#precedence ::ffff:0:0/96  100
+#
+# Prefer IPv4 over IPv6
+precedence ::ffff:0:0/96  100
+precedence ::/0            50
+#
+#   The 'label' directive in gai.conf assigns a priority value to specific
+#   address ranges. Lower numbers are preferred over higher numbers.
+#   By assigning the label 2 to 2002::/16, we're giving 6to4 addresses a
+#   higher priority than regular IPv6 addresses (labeled 6) but a lower
+#   priority than IPv4 addresses (labeled 4).
+#   Label IPv4 addresses
+label ::ffff:0:0/96       4
+#   Label IPv6 addresses
+#   The prefix 2002::/16 refers to 6to4 addresses. 6to4 is a transitional 
+#   mechanism designed to transmit IPv6 packets over an IPv4 network,
+#   essentially allowing IPv6 connectivity via IPv4 infrastructure.
+#   6to4 is not used in AWS and is probably unnecessary
+label 2002::/16           2
+label ::/0                 6
+#
+#
+# scopev4  <mask>  <value>
+#    Add another rule to the RFC 6724 scope table for IPv4 addresses.
+#    By default the scope IDs described in section 3.2 in RFC 6724 are
+#    used.  Changing these defaults should hardly ever be necessary.
+#    The defaults are equivalent to:
+#
+# Decrease scope of private IPv4 to allow quicker IPv6 fallback
+scopev4 ::ffff:169.254.0.0/112  2
+scopev4 ::ffff:127.0.0.0/104    2
+scopev4 ::ffff:10.0.0.0/104     2
+scopev4 ::ffff:172.16.0.0/108   2
+scopev4 ::ffff:192.168.0.0/112  2
+
+
diff --git a/ansible/tasks/internal/optimizations.yml b/ansible/tasks/internal/optimizations.yml
index 42a0a247c..0dcea92a3 100644
--- a/ansible/tasks/internal/optimizations.yml
+++ b/ansible/tasks/internal/optimizations.yml
@@ -37,3 +37,12 @@
     - popularity-contest
     - ubuntu-advantage-tools
   when: debpkg_mode or stage2_nix
+
+- name: prefer IPv4 connection resolution
+  become: yes
+  file:
+    src: "files/gai.conf"
+    dest: "/etc/gai.conf"
+    owner: root
+    group: root
+    mode: 0644

From 448c05f2d57b2697c54f3cea74ed813878f81070 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Fri, 20 Sep 2024 13:45:33 +0100
Subject: [PATCH 2/8] local version

foo
---
 ansible/tasks/internal/optimizations.yml | 2 +-
 common-nix.vars.pkr.hcl                  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ansible/tasks/internal/optimizations.yml b/ansible/tasks/internal/optimizations.yml
index 0dcea92a3..9e816957e 100644
--- a/ansible/tasks/internal/optimizations.yml
+++ b/ansible/tasks/internal/optimizations.yml
@@ -40,7 +40,7 @@
 
 - name: prefer IPv4 connection resolution
   become: yes
-  file:
+  copy:
     src: "files/gai.conf"
     dest: "/etc/gai.conf"
     owner: root
diff --git a/common-nix.vars.pkr.hcl b/common-nix.vars.pkr.hcl
index e80a744d9..96b6c6e0d 100644
--- a/common-nix.vars.pkr.hcl
+++ b/common-nix.vars.pkr.hcl
@@ -1 +1 @@
-postgres-version = "15.6.1.123"
+postgres-version = "15.6.1.124-tom"

From 6d7c61d9fa711ff243ee83bd1014a3ce15298694 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Fri, 20 Sep 2024 15:07:45 +0100
Subject: [PATCH 3/8] chore: bump v

---
 common-nix.vars.pkr.hcl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common-nix.vars.pkr.hcl b/common-nix.vars.pkr.hcl
index 96b6c6e0d..9528964f5 100644
--- a/common-nix.vars.pkr.hcl
+++ b/common-nix.vars.pkr.hcl
@@ -1 +1 @@
-postgres-version = "15.6.1.124-tom"
+postgres-version = "15.6.1.124-rc1"

From 14fb045c1c16562152ad1a062fb8927c3a7cf4e5 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Mon, 23 Sep 2024 15:44:07 +0100
Subject: [PATCH 4/8] keep reduced scope to loopback addresses

---
 ansible/files/gai.conf | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/ansible/files/gai.conf b/ansible/files/gai.conf
index cec09d0ce..f96f0a70b 100644
--- a/ansible/files/gai.conf
+++ b/ansible/files/gai.conf
@@ -82,8 +82,6 @@ label ::/0                 6
 # Decrease scope of private IPv4 to allow quicker IPv6 fallback
 scopev4 ::ffff:169.254.0.0/112  2
 scopev4 ::ffff:127.0.0.0/104    2
-scopev4 ::ffff:10.0.0.0/104     2
-scopev4 ::ffff:172.16.0.0/108   2
-scopev4 ::ffff:192.168.0.0/112  2
-
-
+# scopev4 ::ffff:10.0.0.0/104     2
+# scopev4 ::ffff:172.16.0.0/108   2
+# scopev4 ::ffff:192.168.0.0/112  2

From 4d295952a5466c3c24519113b170dde0caf9c552 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Mon, 23 Sep 2024 15:44:59 +0100
Subject: [PATCH 5/8] version bump

---
 common-nix.vars.pkr.hcl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common-nix.vars.pkr.hcl b/common-nix.vars.pkr.hcl
index 9528964f5..0c400f98d 100644
--- a/common-nix.vars.pkr.hcl
+++ b/common-nix.vars.pkr.hcl
@@ -1 +1 @@
-postgres-version = "15.6.1.124-rc1"
+postgres-version = "15.6.1.124-rc2"

From 56e0ea4c9e2f03c5c57a4851f3988c64ca571c0d Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Tue, 29 Oct 2024 11:45:50 +0000
Subject: [PATCH 6/8] chore: cut a temp ami release

---
 ansible/vars.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ansible/vars.yml b/ansible/vars.yml
index 129e1a238..b4c867737 100644
--- a/ansible/vars.yml
+++ b/ansible/vars.yml
@@ -11,8 +11,8 @@ postgres_major:
 
 # Full version strings for each major version
 postgres_release:
-  postgres15: "15.8.1.004"
-  postgres16: "16.3.1.010"
+  postgres15: "15.8.1.004-gaiconf"
+  # postgres16: "16.3.1.010"
 
 # Non Postgres Extensions
 pgbouncer_release: "1.19.0"

From 778e915dc2a27db57a87c766d71ef3ccb448f4f5 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Tue, 29 Oct 2024 13:35:10 +0000
Subject: [PATCH 7/8] chore: version for manual build

---
 ansible/vars.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/vars.yml b/ansible/vars.yml
index b4c867737..692c77c74 100644
--- a/ansible/vars.yml
+++ b/ansible/vars.yml
@@ -11,7 +11,7 @@ postgres_major:
 
 # Full version strings for each major version
 postgres_release:
-  postgres15: "15.8.1.004-gaiconf"
+  postgres15: "15.8.1.004-gaiconf-1"
   # postgres16: "16.3.1.010"
 
 # Non Postgres Extensions

From 305de085921df1beb0ffacff381e32db8ad19301 Mon Sep 17 00:00:00 2001
From: Tom Ashley <tom.ashley@gmail.com>
Date: Tue, 29 Oct 2024 14:11:05 +0000
Subject: [PATCH 8/8] chore: only build 15

---
 ansible/vars.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ansible/vars.yml b/ansible/vars.yml
index 692c77c74..fc64f0f6b 100644
--- a/ansible/vars.yml
+++ b/ansible/vars.yml
@@ -7,7 +7,7 @@ async_mode: true
 # postgresql_release_checksum: sha256:ea2cf059a85882654b989acd07edc121833164a30340faee0d3615cf7058e66c
 postgres_major:
   - "15"
-  - "16"
+#   - "16"
 
 # Full version strings for each major version
 postgres_release: