diff --git a/.github/workflows/ami-build-ubuntu-18.yml b/.github/workflows/ami-build-ubuntu-18.yml new file mode 100644 index 000000000..3e7ab22d4 --- /dev/null +++ b/.github/workflows/ami-build-ubuntu-18.yml @@ -0,0 +1,87 @@ +name: Build Ubuntu 18 AMI + +on: + push: + branches: + - develop + paths: + - '.github/workflows/ami-build-ubuntu-18.yml' + - 'common.vars.pkr.hcl' + + workflow_run: + workflows: [Release AMI] + types: + - completed + + workflow_dispatch: + +jobs: + build: + runs-on: [self-hosted, X64] + timeout-minutes: 150 + permissions: + contents: write + packages: write + id-token: write + + steps: + - name: Checkout Repo + uses: actions/checkout@v2 + + - name: Build AMI + run: | + GIT_SHA=${{github.sha}} + packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=u18-${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common.vars.pkr.hcl" -var-file="legacy.vars.pkr.hcl" amazon-arm64.pkr.hcl + + - name: Grab release version + id: process_release_version + run: | + VERSION=$(sed -e 's/postgres-version = "\(.*\)"/\1/g' common.vars.pkr.hcl) + echo "version=$VERSION" >> "$GITHUB_OUTPUT" + + - name: List files + id: list_files + run: | + ls -la /tmp/ + + - name: configure aws credentials - staging + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.DEV_AWS_ROLE }} + aws-region: "us-east-1" + + - name: Upload pg binaries to s3 staging + run: | + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/18.04.tar.gz + + - name: configure aws credentials - prod + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: ${{ secrets.PROD_AWS_ROLE }} + aws-region: "us-east-1" + + - name: Upload pg binaries to s3 prod + run: | + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/18.04.tar.gz + + - name: Deregister image + if: ${{ always() }} + continue-on-error: true + run: | + IMAGE_IDS=$(aws ec2 describe-images --filters "Name=name,Values=builder-supabase-postgres-u18-*" --query "Images[] .ImageId" --output text) + for IMAGE_ID in $IMAGE_IDS; do + SNAPSHOTS=$(aws ec2 describe-images --image-ids $IMAGE_ID --query "Images[*].BlockDeviceMappings[*].Ebs.SnapshotId" --output text) + + echo "Deregistering image $IMAGE_ID" + aws ec2 deregister-image --image-id $IMAGE_ID + + for SNAPSHOT in $SNAPSHOTS; do + echo "Deleting snapshot $SNAPSHOT" + aws ec2 delete-snapshot --snapshot-id $SNAPSHOT + done + done + + - name: Cleanup resources on build cancellation + if: ${{ cancelled() }} + run: | + aws ec2 describe-instances --filters "Name=tag:packerExecutionId,Values=u18-${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -I {} aws ec2 terminate-instances --instance-ids {} diff --git a/.github/workflows/ami-release.yml b/.github/workflows/ami-release.yml index 79f6787de..8f5144136 100644 --- a/.github/workflows/ami-release.yml +++ b/.github/workflows/ami-release.yml @@ -25,7 +25,7 @@ jobs: - name: Build AMI run: | GIT_SHA=${{github.sha}} - packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common.vars.pkr.hcl" amazon-arm64.pkr.hcl + packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common.vars.pkr.hcl" -var "ansible_arguments=" amazon-arm64.pkr.hcl - name: Grab release version id: process_release_version @@ -47,6 +47,10 @@ jobs: -e "internal_artifacts_bucket=${{ secrets.ARTIFACTS_BUCKET }}" \ manifest-playbook.yml + - name: Upload pg binaries to s3 staging + run: | + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + - name: configure aws credentials - prod uses: aws-actions/configure-aws-credentials@v1 with: @@ -61,6 +65,10 @@ jobs: -e "internal_artifacts_bucket=${{ secrets.PROD_ARTIFACTS_BUCKET }}" \ manifest-playbook.yml + - name: Upload pg binaries to s3 prod + run: | + aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz + - name: Create release uses: softprops/action-gh-release@v1 with: diff --git a/amazon-arm64.pkr.hcl b/amazon-arm64.pkr.hcl index 0c189109c..1a10101b2 100644 --- a/amazon-arm64.pkr.hcl +++ b/amazon-arm64.pkr.hcl @@ -20,7 +20,7 @@ variable "ami_regions" { variable "ansible_arguments" { type = string - default = "--skip-tags,install-postgrest,--skip-tags,install-pgbouncer,--skip-tags,install-supabase-internal,ebssurrogate_mode='true'" + default = "--skip-tags install-postgrest,install-pgbouncer,install-supabase-internal" } variable "aws_access_key" { @@ -239,8 +239,9 @@ build { "DOCKER_IMAGE=${var.docker_image}", "DOCKER_IMAGE_TAG=${var.docker_image_tag}" ] + use_env_var_file = true script = "ebssurrogate/scripts/surrogate-bootstrap.sh" - execute_command = "sudo -S sh -c '{{ .Vars }} {{ .Path }}'" + execute_command = "sudo -S sh -c '. {{.EnvVarFile}} && {{.Path}}'" start_retry_timeout = "5m" skip_clean = true } @@ -250,4 +251,10 @@ build { destination = "/tmp/ansible.log" direction = "download" } + + provisioner "file" { + source = "/tmp/pg_binaries.tar.gz" + destination = "/tmp/pg_binaries.tar.gz" + direction = "download" + } } diff --git a/ansible/playbook.yml b/ansible/playbook.yml index 644089b62..a64ee4673 100644 --- a/ansible/playbook.yml +++ b/ansible/playbook.yml @@ -154,6 +154,8 @@ - name: Run migrations import_tasks: tasks/setup-migrations.yml + tags: + - migrations - name: Stop Postgres Database without Systemd become: yes @@ -164,3 +166,10 @@ - name: Run unit tests import_tasks: tasks/test-image.yml + tags: + - unit-tests + + - name: Collect Postgres binaries + import_tasks: tasks/internal/collect-pg-binaries.yml + tags: + - collect-binaries diff --git a/ansible/tasks/finalize-ami.yml b/ansible/tasks/finalize-ami.yml index be370217f..32e730975 100644 --- a/ansible/tasks/finalize-ami.yml +++ b/ansible/tasks/finalize-ami.yml @@ -27,6 +27,7 @@ port: http tags: - install-supabase-internal + when: ansible_distribution_version != "18.04" - name: UFW - Allow connections to https (443) ufw: @@ -34,6 +35,23 @@ port: https tags: - install-supabase-internal + when: ansible_distribution_version != "18.04" + +- name: UFW - Allow connections to http (80) - Ubuntu 18.04 + ufw: + rule: allow + port: "80" + tags: + - install-supabase-internal + when: ansible_distribution_version == "18.04" + +- name: UFW - Allow connections to https (443) - Ubuntu 18.04 + ufw: + rule: allow + port: "443" + tags: + - install-supabase-internal + when: ansible_distribution_version == "18.04" - name: UFW - Deny all other incoming traffic by default ufw: @@ -65,6 +83,7 @@ sed -i -e 's;daily;*:0/10;' /etc/systemd/system/logrotate.timer systemctl reenable logrotate.timer become: yes + when: ansible_distribution_version != "18.04" - name: import pgsodium_getkey script template: diff --git a/ansible/tasks/internal/collect-pg-binaries.yml b/ansible/tasks/internal/collect-pg-binaries.yml new file mode 100644 index 000000000..e4a9773fa --- /dev/null +++ b/ansible/tasks/internal/collect-pg-binaries.yml @@ -0,0 +1,31 @@ +- name: Collect Postgres binaries - create collection directory + file: + path: /tmp/pg_binaries/{{ postgresql_major }}/ + state: directory + +- name: Collect Postgres binaries - collect binaries and libraries + copy: + remote_src: yes + src: /usr/lib/postgresql/{{ item }}/ + dest: /tmp/pg_binaries/{{ postgresql_major }}/{{ item }}/ + with_items: + - bin + - lib + +- name: Collect Postgres binaries - collect shared files + copy: + remote_src: yes + src: /var/lib/postgresql/ + dest: /tmp/pg_binaries/{{ postgresql_major }}/share/ + +- name: Collect Postgres binaries - create tarfile + archive: + path: /tmp/pg_binaries/ + dest: /tmp/pg_binaries.tar.gz + remove: yes + +- name: Fetch tarfile to local + fetch: + src: /tmp/pg_binaries.tar.gz + dest: /tmp/ + flat: true diff --git a/ansible/tasks/internal/supautils.yml b/ansible/tasks/internal/supautils.yml index 33811b5ac..fbc4324c2 100644 --- a/ansible/tasks/internal/supautils.yml +++ b/ansible/tasks/internal/supautils.yml @@ -6,6 +6,16 @@ - clang-11 update_cache: yes cache_valid_time: 3600 + when: ansible_distribution_version != "18.04" + +- name: supautils - download & install dependencies - Ubuntu 18.04 + apt: + pkg: + - build-essential + - clang-12 + update_cache: yes + cache_valid_time: 3600 + when: ansible_distribution_version != "18.04" - name: supautils - download latest release get_url: diff --git a/ansible/tasks/postgres-extensions/01-postgis.yml b/ansible/tasks/postgres-extensions/01-postgis.yml index 15b0ac7b8..7475a5d95 100644 --- a/ansible/tasks/postgres-extensions/01-postgis.yml +++ b/ansible/tasks/postgres-extensions/01-postgis.yml @@ -49,7 +49,8 @@ become: yes - name: postgis - build SFCGAL - make: + community.general.make: + target: all chdir: /tmp/SFCGAL-v{{ sfcgal_release }} jobs: "{{ parallel_jobs | default(omit) }}" become: yes @@ -78,7 +79,8 @@ become: yes - name: postgis - build - make: + community.general.make: + target: all chdir: /tmp/postgis-{{ postgis_release }} jobs: "{{ parallel_jobs | default(omit) }}" become: yes diff --git a/ansible/tasks/postgres-extensions/02-pgrouting.yml b/ansible/tasks/postgres-extensions/02-pgrouting.yml index 328d3e840..746870a01 100644 --- a/ansible/tasks/postgres-extensions/02-pgrouting.yml +++ b/ansible/tasks/postgres-extensions/02-pgrouting.yml @@ -34,7 +34,8 @@ become: yes - name: pgRouting - build - make: + community.general.make: + target: all chdir: /tmp/pgrouting-{{ pgrouting_release }}/build jobs: "{{ parallel_jobs | default(omit) }}" become: yes diff --git a/ansible/tasks/postgres-extensions/18-pgsodium.yml b/ansible/tasks/postgres-extensions/18-pgsodium.yml index a808e11f7..a7c73c574 100644 --- a/ansible/tasks/postgres-extensions/18-pgsodium.yml +++ b/ansible/tasks/postgres-extensions/18-pgsodium.yml @@ -53,7 +53,6 @@ - name: pgsodium - build make: chdir: /tmp/pgsodium-{{ pgsodium_release }} - jobs: "{{ parallel_jobs | default(omit) }}" become: yes - name: pgsodium - install diff --git a/ansible/tasks/postgres-extensions/24-pgroonga.yml b/ansible/tasks/postgres-extensions/24-pgroonga.yml index 37c7a282f..f8baaa6f9 100644 --- a/ansible/tasks/postgres-extensions/24-pgroonga.yml +++ b/ansible/tasks/postgres-extensions/24-pgroonga.yml @@ -33,7 +33,8 @@ become: yes - name: groonga - build - make: + community.general.make: + target: all chdir: /tmp/groonga-{{ groonga_release }} jobs: "{{ parallel_jobs | default(omit) }}" become: yes @@ -59,7 +60,8 @@ become: yes - name: pgroonga - build - make: + community.general.make: + target: all chdir: /tmp/pgroonga-{{ pgroonga_release }} jobs: "{{ parallel_jobs | default(omit) }}" become: yes diff --git a/ansible/tasks/postgres-extensions/28-pgvector.yml b/ansible/tasks/postgres-extensions/28-pgvector.yml index 12d795c9c..ceae8abe9 100644 --- a/ansible/tasks/postgres-extensions/28-pgvector.yml +++ b/ansible/tasks/postgres-extensions/28-pgvector.yml @@ -5,6 +5,14 @@ dest: /tmp/pgvector version: 'v{{ pgvector_release }}' become: yes + +- name: pgvector - ubuntu 18.04 compat + lineinfile: + path: /tmp/pgvector/Makefile + regexp: "march=native$" + line: "OPTFLAGS = " + firstmatch: true + when: ansible_distribution_version == "18.04" - name: pgvector - build make: diff --git a/ansible/tasks/setup-extensions.yml b/ansible/tasks/setup-extensions.yml index 86af557f9..02502f410 100644 --- a/ansible/tasks/setup-extensions.yml +++ b/ansible/tasks/setup-extensions.yml @@ -39,6 +39,8 @@ - name: Install pljava import_tasks: tasks/postgres-extensions/12-pljava.yml + tags: + - legacy-incompatible - name: Install pg_plan_filter import_tasks: tasks/postgres-extensions/14-pg_plan_filter.yml @@ -57,6 +59,8 @@ - name: Install pg_graphql import_tasks: tasks/postgres-extensions/19-pg_graphql.yml + tags: + - legacy-incompatible - name: Install pg_stat_monitor import_tasks: tasks/postgres-extensions/20-pg_stat_monitor.yml diff --git a/ansible/tasks/setup-nginx.yml b/ansible/tasks/setup-nginx.yml index 22b948641..77fb7707a 100644 --- a/ansible/tasks/setup-nginx.yml +++ b/ansible/tasks/setup-nginx.yml @@ -37,7 +37,8 @@ become: yes - name: nginx - build - make: + community.general.make: + target: build chdir: /tmp/nginx-{{ nginx_release }} jobs: "{{ parallel_jobs | default(omit) }}" become: yes diff --git a/ansible/tasks/setup-postgres.yml b/ansible/tasks/setup-postgres.yml index 3249c7c3f..f7c8e9ced 100644 --- a/ansible/tasks/setup-postgres.yml +++ b/ansible/tasks/setup-postgres.yml @@ -24,6 +24,14 @@ pkg: - llvm-11-dev - clang-11 + when: ansible_distribution_version != "18.04" + +- name: Download LLVM & Clang - Ubuntu 18.04 + apt: + pkg: + - llvm-12-dev + - clang-12 + when: ansible_distribution_version == "18.04" - name: Download GCC 10 apt: @@ -61,20 +69,37 @@ - name: Setting CFLAGS (arm) set_fact: cflags: "-moutline-atomics -mtune=native -march=native -mcpu=native -fsigned-char -O2" - when: platform == "arm64" + when: platform == "arm64" and ansible_distribution_version != "18.04" + +- name: Setting CFLAGS (arm) - Ubuntu 18.04 + set_fact: + cflags: "-moutline-atomics -fsigned-char -O2" + when: platform == "arm64" and ansible_distribution_version == "18.04" - name: Setting CFLAGS (x86) set_fact: cflags: "-fsigned-char" when: platform == "amd64" +- name: Setting LLVM_CONFIG + set_fact: + llvm_config: "/usr/bin/llvm-config-11" + clang: "/usr/bin/clang-11" + when: ansible_distribution_version != "18.04" + +- name: Setting LLVM_CONFIG - Ubuntu 18.04 + set_fact: + llvm_config: "/usr/bin/llvm-config-12" + clang: "/usr/bin/clang-12" + when: ansible_distribution_version == "18.04" + - name: Postgres - configure shell: - cmd: CFLAGS='{{ cflags }}' LLVM_CONFIG=/usr/bin/llvm-config-11 CLANG=/usr/bin/clang-11 ./configure --with-llvm --with-openssl --with-systemd --with-uuid=e2fs --with-libxml --with-icu --with-lz4 --exec-prefix=/usr/lib/postgresql --datarootdir=/var/lib/postgresql + cmd: CFLAGS='{{ cflags }}' LLVM_CONFIG='{{ llvm_config }}' CLANG='{{ clang }}' ./configure --with-llvm --with-openssl --with-systemd --with-uuid=e2fs --with-libxml --with-icu --with-lz4 --exec-prefix=/usr/lib/postgresql --datarootdir=/var/lib/postgresql chdir: /tmp/postgresql-{{ postgresql_release }} - name: Postgres - build - make: + community.general.make: target: world-bin chdir: /tmp/postgresql-{{ postgresql_release }} jobs: "{{ parallel_jobs | default(omit) }}" diff --git a/ansible/tasks/setup-wal-g.yml b/ansible/tasks/setup-wal-g.yml index 439bb2832..5d7aff7c7 100644 --- a/ansible/tasks/setup-wal-g.yml +++ b/ansible/tasks/setup-wal-g.yml @@ -53,7 +53,7 @@ ignore_errors: yes - name: wal-g - build and install - make: + community.general.make: chdir: /tmp/wal-g target: pg_install jobs: "{{ parallel_jobs | default(omit) }}" diff --git a/ansible/vars.yml b/ansible/vars.yml index c21d7d151..0620bafab 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -41,7 +41,7 @@ postgres_exporter_release_checksum: arm64: sha256:d869c16791481dc8475487ad84ae4371a63f9b399898ca1c666eead5cccf7182 amd64: sha256:ff541bd3ee19c0ae003d71424a75edfcc8695e828dd20d5b4555ce433c89d60b -adminapi_release: 0.40.0 +adminapi_release: 0.41.0 adminmgr_release: 0.3.1 # Postgres Extensions diff --git a/common.vars.pkr.hcl b/common.vars.pkr.hcl index 7eb84455b..468bcf0a0 100644 --- a/common.vars.pkr.hcl +++ b/common.vars.pkr.hcl @@ -1 +1 @@ -postgres-version = "15.1.0.68" +postgres-version = "15.1.0.70" diff --git a/ebssurrogate/scripts/chroot-bootstrap.sh b/ebssurrogate/scripts/chroot-bootstrap.sh index b01ad016b..1c307a497 100755 --- a/ebssurrogate/scripts/chroot-bootstrap.sh +++ b/ebssurrogate/scripts/chroot-bootstrap.sh @@ -24,6 +24,11 @@ fi function update_install_packages { + source /etc/os-release + if [ "${UBUNTU_CODENAME}" = "bionic" ]; then + sed -i 's/focal/bionic/g' /etc/apt/sources.list + fi + # Update APT with new sources cat /etc/apt/sources.list apt-get $APT_OPTIONS update && apt-get $APT_OPTIONS --yes dist-upgrade @@ -43,6 +48,7 @@ function update_install_packages { # Install standard packages apt-get install -y \ sudo \ + wget \ cloud-init \ acpid \ ec2-hibinit-agent \ @@ -72,6 +78,18 @@ function update_install_packages { if [ "${ARCH}" = "arm64" ]; then apt-get $APT_OPTIONS --yes install linux-aws initramfs-tools dosfstools fi + + if [ "${UBUNTU_CODENAME}" = "bionic" ]; then + echo "deb [trusted=yes] http://apt.llvm.org/bionic/ llvm-toolchain-bionic-12 main" >> /etc/apt/sources.list + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - + add-apt-repository --yes --update ppa:ubuntu-toolchain-r/test + + # Install cmake 3.12+ + wget -O - https://apt.kitware.com/keys/kitware-archive-latest.asc 2>/dev/null | sudo apt-key add - + apt-add-repository --yes --update 'deb https://apt.kitware.com/ubuntu/ bionic main' + + apt-get $APT_OPTIONS update + fi } function setup_locale { @@ -92,7 +110,6 @@ function install_packages_for_build { acl \ magic-wormhole sysstat \ build-essential libreadline-dev zlib1g-dev flex bison libxml2-dev libxslt-dev libssl-dev libsystemd-dev libpq-dev libxml2-utils uuid-dev xsltproc ssl-cert \ - llvm-11-dev clang-11 \ gcc-10 g++-10 \ libgeos-dev libproj-dev libgdal-dev libjson-c-dev libboost-all-dev libcgal-dev libmpfr-dev libgmp-dev cmake \ libkrb5-dev \ @@ -100,8 +117,15 @@ function install_packages_for_build { curl gpp apt-transport-https cmake libc++-dev libc++abi-dev libc++1 libglib2.0-dev libtinfo5 libc++abi1 ninja-build python \ liblzo2-dev - # Mark llvm as manual to prevent auto removal - apt-mark manual libllvm11:arm64 + source /etc/os-release + if [ "${UBUNTU_CODENAME}" = "bionic" ]; then + apt-get install -y --no-install-recommends llvm-12-dev clang-12 cmake + apt-mark manual libllvm12:arm64 + else + apt-get install -y --no-install-recommends llvm-11-dev clang-11 + # Mark llvm as manual to prevent auto removal + apt-mark manual libllvm11:arm64 + fi } function setup_apparmor { @@ -136,7 +160,7 @@ EOF # Install GRUB function install_configure_grub { if [ "${ARCH}" = "arm64" ]; then - apt-get $APT_OPTIONS --yes install cloud-guest-utils fdisk grub-efi-arm64 + apt-get $APT_OPTIONS --yes install cloud-guest-utils fdisk grub-efi-arm64 efibootmgr setup_grub_conf_arm64 rm -rf /etc/grub.d/30_os-prober sleep 1 diff --git a/ebssurrogate/scripts/surrogate-bootstrap.sh b/ebssurrogate/scripts/surrogate-bootstrap.sh index ac826bca3..ce0090152 100755 --- a/ebssurrogate/scripts/surrogate-bootstrap.sh +++ b/ebssurrogate/scripts/surrogate-bootstrap.sh @@ -40,9 +40,7 @@ function install_packages { gdisk \ e2fsprogs \ debootstrap \ - nvme-cli \ - docker.io - + nvme-cli } # Partition the new root EBS volume @@ -126,6 +124,7 @@ function format_build_partition { mkfs.ext4 -O ^has_journal /dev/xvdc } function pull_docker { + apt-get install -y docker.io docker run -itd --name ccachedata "${DOCKER_IMAGE}:${DOCKER_IMAGE_TAG}" sh docker exec -itd ccachedata mkdir -p /build/ccache } @@ -144,8 +143,10 @@ EOF } function setup_chroot_environment { + UBUNTU_VERSION=$(lsb_release -cs) # 'focal' for Ubuntu 20.04 + # Bootstrap Ubuntu into /mnt - debootstrap --arch ${ARCH} --variant=minbase focal /mnt + debootstrap --arch ${ARCH} --variant=minbase "$UBUNTU_VERSION" /mnt # Update ec2-region REGION=$(curl --silent --fail http://169.254.169.254/latest/meta-data/placement/availability-zone | sed -E 's|[a-z]+$||g') @@ -211,8 +212,8 @@ callbacks_enabled = timer, profile_tasks, profile_roles EOF # Run Ansible playbook #export ANSIBLE_LOG_PATH=/tmp/ansible.log && export ANSIBLE_DEBUG=True && export ANSIBLE_REMOTE_TEMP=/mnt/tmp - export ANSIBLE_LOG_PATH=/tmp/ansible.log && export ANSIBLE_REMOTE_TEMP=/mnt/tmp - ansible-playbook -c chroot -i '/mnt,' /tmp/ansible-playbook/ansible/playbook.yml --extra-vars " $ARGS" + export ANSIBLE_LOG_PATH=/tmp/ansible.log && export ANSIBLE_REMOTE_TEMP=/mnt/tmp + ansible-playbook -c chroot -i '/mnt,' /tmp/ansible-playbook/ansible/playbook.yml $ARGS } function update_systemd_services { @@ -244,20 +245,27 @@ function clean_system { touch /mnt/var/log/auth.log touch /mnt/var/log/pgbouncer.log - chroot /mnt /usr/bin/chown pgbouncer:postgres /var/log/pgbouncer.log + if [ -f /usr/bin/chown ]; then + chroot /mnt /usr/bin/chown pgbouncer:postgres /var/log/pgbouncer.log + fi # Setup postgresql logs mkdir -p /mnt/var/log/postgresql - chroot /mnt /usr/bin/chown postgres:postgres /var/log/postgresql + if [ -f /usr/bin/chown ]; then + chroot /mnt /usr/bin/chown postgres:postgres /var/log/postgresql + fi # Setup wal-g logs mkdir /mnt/var/log/wal-g touch /mnt/var/log/wal-g/{backup-push.log,backup-fetch.log,wal-push.log,wal-fetch.log} - chroot /mnt /usr/bin/chown -R postgres:postgres /var/log/wal-g - chroot /mnt /usr/bin/chmod -R 0300 /var/log/wal-g - # audit logs directory for apparmor - mkdir /mnt/var/log/audit + if [ -f /usr/bin/chown ]; then + chroot /mnt /usr/bin/chown -R postgres:postgres /var/log/wal-g + chroot /mnt /usr/bin/chmod -R 0300 /var/log/wal-g + fi + + # audit logs directory for apparmor + mkdir /mnt/var/log/audit # unwanted files rm -rf /mnt/var/lib/apt/lists/* diff --git a/legacy.vars.pkr.hcl b/legacy.vars.pkr.hcl new file mode 100644 index 000000000..cf106c7c3 --- /dev/null +++ b/legacy.vars.pkr.hcl @@ -0,0 +1,3 @@ +ansible_arguments="--skip-tags install-supabase-internal,install-pgbouncer,legacy-incompatible,migrations,unit-tests,aws-only" +ami_name="builder-supabase-postgres-u18" +ami="ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-arm64-server-*" diff --git a/scripts/90-cleanup.sh b/scripts/90-cleanup.sh index 2e6a3f15a..019c59649 100644 --- a/scripts/90-cleanup.sh +++ b/scripts/90-cleanup.sh @@ -36,8 +36,13 @@ elif [ -n "$(command -v apt-get)" ]; then libicu-dev \ libcgal-dev \ libgcc-9-dev \ - libgcc-8-dev \ - linux-headers-5.11.0-1021-aws + libgcc-8-dev + + source /etc/os-release + if [ "${UBUNTU_VERSION}" != "bionic" ]; then + apt-get -y remove --purge linux-headers-5.11.0-1021-aws + fi + apt-get -y update apt-get -y upgrade apt-get -y autoremove