From 6195185bbcfb8993030fa61943c48116cf739924 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thorben=20G=C3=BCnther?= Date: Sun, 24 Apr 2022 01:17:40 +0200 Subject: [PATCH] postgres: Update configs For the 14 release. --- roles/postgres/files/pg_hba.conf | 13 +-- roles/postgres/templates/postgresql.conf.j2 | 107 ++++++++++++-------- 2 files changed, 69 insertions(+), 51 deletions(-) diff --git a/roles/postgres/files/pg_hba.conf b/roles/postgres/files/pg_hba.conf index 7c32fcc..a97faa9 100644 --- a/roles/postgres/files/pg_hba.conf +++ b/roles/postgres/files/pg_hba.conf @@ -18,12 +18,13 @@ # # (The uppercase items must be replaced by actual values.) # -# The first field is the connection type: "local" is a Unix-domain -# socket, "host" is either a plain or SSL-encrypted TCP/IP socket, -# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a -# non-SSL TCP/IP socket. Similarly, "hostgssenc" uses a -# GSSAPI-encrypted TCP/IP socket, while "hostnogssenc" uses a -# non-GSSAPI socket. +# The first field is the connection type: +# - "local" is a Unix-domain socket +# - "host" is a TCP/IP socket (encrypted or not) +# - "hostssl" is a TCP/IP socket that is SSL-encrypted +# - "hostnossl" is a TCP/IP socket that is not SSL-encrypted +# - "hostgssenc" is a TCP/IP socket that is GSSAPI-encrypted +# - "hostnogssenc" is a TCP/IP socket that is not GSSAPI-encrypted # # DATABASE can be "all", "sameuser", "samerole", "replication", a # database name, or a comma-separated list thereof. The "all" diff --git a/roles/postgres/templates/postgresql.conf.j2 b/roles/postgres/templates/postgresql.conf.j2 index 9197ee3..3b4fce8 100644 --- a/roles/postgres/templates/postgresql.conf.j2 +++ b/roles/postgres/templates/postgresql.conf.j2 @@ -24,7 +24,8 @@ # "postgres -c log_connections=on". Some parameters can be changed at run time # with the "SET" SQL command. # -# Memory units: kB = kilobytes Time units: ms = milliseconds +# Memory units: B = bytes Time units: us = microseconds +# kB = kilobytes ms = milliseconds # MB = megabytes s = seconds # GB = gigabytes min = minutes # TB = terabytes h = hours @@ -85,10 +86,14 @@ max_connections = {{ pg_max_connections }} # (change requires restart) #tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds; # 0 selects the system default +#client_connection_check_interval = 0 # time between checks for client + # disconnection while running queries; + # 0 for never + # - Authentication - #authentication_timeout = 1min # 1s-600s -password_encryption = scram-sha-256 # md5 or scram-sha-256 +#password_encryption = scram-sha-256 # scram-sha-256 or md5 #db_user_namespace = off # GSSAPI using Kerberos @@ -101,6 +106,7 @@ ssl = on #ssl_ca_file = '' ssl_cert_file = '/var/lib/postgres/data/fullchain.pem' #ssl_crl_file = '' +#ssl_crl_dir = '' ssl_key_file = '/var/lib/postgres/data/privkey.pem' #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers #ssl_prefer_server_ciphers = on @@ -122,6 +128,8 @@ shared_buffers = {{ pg_shared_buffers }} # min 128kB # (change requires restart) #huge_pages = try # on, off, or try # (change requires restart) +#huge_page_size = 0 # zero for system default + # (change requires restart) #temp_buffers = 8MB # min 800kB #max_prepared_transactions = 0 # zero disables the feature # (change requires restart) @@ -139,13 +147,14 @@ maintenance_work_mem = {{ pg_maintenance_work_mem }} # min 1MB # sysv # windows # (change requires restart) -#dynamic_shared_memory_type = posix # the default is the first option +dynamic_shared_memory_type = posix # the default is the first option # supported by the operating system: # posix # sysv # windows # mmap # (change requires restart) +#min_dynamic_shared_memory = 0MB # (change requires restart) # - Disk - @@ -161,7 +170,7 @@ maintenance_work_mem = {{ pg_maintenance_work_mem }} # min 1MB #vacuum_cost_delay = 0 # 0-100 milliseconds (0 disables) #vacuum_cost_page_hit = 1 # 0-10000 credits -#vacuum_cost_page_miss = 10 # 0-10000 credits +#vacuum_cost_page_miss = 2 # 0-10000 credits #vacuum_cost_page_dirty = 20 # 0-10000 credits #vacuum_cost_limit = 200 # 1-10000 credits @@ -174,6 +183,7 @@ maintenance_work_mem = {{ pg_maintenance_work_mem }} # min 1MB # - Asynchronous Behavior - +#backend_flush_after = 0 # measured in pages, 0 disables effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disables prefetching #maintenance_io_concurrency = 10 # 1-1000; 0 disables prefetching #max_worker_processes = 8 # (change requires restart) @@ -184,7 +194,6 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # can be used in parallel operations #old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate # (change requires restart) -#backend_flush_after = 0 # measured in pages, 0 disables #------------------------------------------------------------------------------ @@ -208,9 +217,9 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # fsync_writethrough # open_sync #full_page_writes = on # recover from partial page writes -#wal_compression = off # enable compression of full-page writes #wal_log_hints = off # also do full page writes of non-critical updates # (change requires restart) +#wal_compression = off # enable compression of full-page writes #wal_init_zero = on # zero-fill new WAL files #wal_recycle = on # recycle WAL files #wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers @@ -225,11 +234,11 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # - Checkpoints - #checkpoint_timeout = 5min # range 30s-1d -#max_wal_size = 1GB -#min_wal_size = 80MB -#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0 +#checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0 #checkpoint_flush_after = 256kB # measured in pages, 0 disables #checkpoint_warning = 30s # 0 disables +max_wal_size = 1GB +min_wal_size = 80MB # - Archiving - @@ -250,7 +259,6 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # placeholders: %p = path of file to restore # %f = file name only # e.g. 'cp /mnt/server/archivedir/%f %p' - # (change requires restart) #archive_cleanup_command = '' # command to execute at every restartpoint #recovery_end_command = '' # command to execute at completion of recovery @@ -285,20 +293,19 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # - Sending Servers - -# Set these on the master and on any standby that will send replication data. +# Set these on the primary and on any standby that will send replication data. #max_wal_senders = 10 # max number of walsender processes # (change requires restart) +#max_replication_slots = 10 # max number of replication slots + # (change requires restart) #wal_keep_size = 0 # in megabytes; 0 disables #max_slot_wal_keep_size = -1 # in megabytes; -1 disables #wal_sender_timeout = 60s # in milliseconds; 0 disables - -#max_replication_slots = 10 # max number of replication slots - # (change requires restart) #track_commit_timestamp = off # collect timestamp of transaction commit # (change requires restart) -# - Master Server - +# - Primary Server - # These settings are ignored on a standby server. @@ -310,7 +317,7 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # - Standby Servers - -# These settings are ignored on a master server. +# These settings are ignored on a primary server. #primary_conninfo = '' # connection string to sending server #primary_slot_name = '' # replication slot on sending server @@ -330,7 +337,7 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl #hot_standby_feedback = off # send info from standby to prevent # query conflicts #wal_receiver_timeout = 60s # time that receiver waits for - # communication from master + # communication from primary # in milliseconds; 0 disables #wal_retrieve_retry_interval = 5s # time to wait before retrying to # retrieve WAL after a failed attempt @@ -351,23 +358,26 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # - Planner Method Configuration - +#enable_async_append = on #enable_bitmapscan = on +#enable_gathermerge = on #enable_hashagg = on #enable_hashjoin = on +#enable_incremental_sort = on #enable_indexscan = on #enable_indexonlyscan = on #enable_material = on +#enable_memoize = on #enable_mergejoin = on #enable_nestloop = on #enable_parallel_append = on +#enable_parallel_hash = on +#enable_partition_pruning = on +#enable_partitionwise_join = off +#enable_partitionwise_aggregate = off #enable_seqscan = on #enable_sort = on -#enable_incremental_sort = on #enable_tidscan = on -#enable_partitionwise_join = off -#enable_partitionwise_aggregate = off -#enable_parallel_hash = on -#enable_partition_pruning = on # - Planner Cost Constants - @@ -376,8 +386,11 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl #cpu_tuple_cost = 0.01 # same scale as above #cpu_index_tuple_cost = 0.005 # same scale as above #cpu_operator_cost = 0.0025 # same scale as above -#parallel_tuple_cost = 0.1 # same scale as above #parallel_setup_cost = 1000.0 # same scale as above +#parallel_tuple_cost = 0.1 # same scale as above +#min_parallel_table_scan_size = 8MB +#min_parallel_index_scan_size = 512kB +effective_cache_size = {{ pg_effective_cache_size }} #jit_above_cost = 100000 # perform JIT compilation if available # and query more expensive than this; @@ -388,10 +401,6 @@ effective_io_concurrency = {{ pg_effective_io_concurrency }} # 1-1000; 0 disabl # query is more expensive than this; # -1 disables -#min_parallel_table_scan_size = 8MB -#min_parallel_index_scan_size = 512kB -effective_cache_size = {{ pg_effective_cache_size }} - # - Genetic Query Optimizer - #geqo = on @@ -408,10 +417,9 @@ effective_cache_size = {{ pg_effective_cache_size }} #constraint_exclusion = partition # on, off, or partition #cursor_tuple_fraction = 0.1 # range 0.0-1.0 #from_collapse_limit = 8 +#jit = on # allow JIT compilation #join_collapse_limit = 8 # 1 disables collapsing of explicit # JOIN clauses -#force_parallel_mode = off -#jit = on # allow JIT compilation #plan_cache_mode = auto # auto, force_generic_plan or # force_custom_plan @@ -460,7 +468,7 @@ effective_cache_size = {{ pg_effective_cache_size }} #syslog_sequence_numbers = on #syslog_split_messages = on -# This is only relevant when logging to eventlog (win32): +# This is only relevant when logging to eventlog (Windows): # (change requires restart) #event_source = 'PostgreSQL' @@ -520,6 +528,11 @@ effective_cache_size = {{ pg_effective_cache_size }} #debug_print_rewritten = off #debug_print_plan = off #debug_pretty_print = on +#log_autovacuum_min_duration = -1 # log autovacuum activity; + # -1 disables, 0 logs all actions and + # their durations, > 0 logs only + # actions running at least this number + # of milliseconds. #log_checkpoints = off #log_connections = off #log_disconnections = off @@ -534,9 +547,11 @@ effective_cache_size = {{ pg_effective_cache_size }} # %h = remote host # %b = backend type # %p = process ID + # %P = process ID of parallel group leader # %t = timestamp without milliseconds # %m = timestamp with milliseconds # %n = timestamp with milliseconds (as a Unix epoch) + # %Q = query ID (0 if none or not computed) # %i = command tag # %e = SQL state # %c = session ID @@ -549,6 +564,8 @@ effective_cache_size = {{ pg_effective_cache_size }} # %% = '%' # e.g. '<%u%%%d> ' #log_lock_waits = off # log lock waits >= deadlock_timeout +#log_recovery_conflict_waits = off # log standby recovery conflict waits + # >= deadlock_timeout #log_parameter_max_length = -1 # when logging statements, limit logged # bind-parameter values to N bytes; # -1 means print in full, 0 disables @@ -562,6 +579,7 @@ effective_cache_size = {{ pg_effective_cache_size }} # -1 disables, 0 logs all temp files log_timezone = 'UTC' + #------------------------------------------------------------------------------ # PROCESS TITLE #------------------------------------------------------------------------------ @@ -578,19 +596,21 @@ log_timezone = 'UTC' # - Query and Index Statistics Collector - #track_activities = on +#track_activity_query_size = 1024 # (change requires restart) #track_counts = on #track_io_timing = off +#track_wal_io_timing = off #track_functions = none # none, pl, all -#track_activity_query_size = 1024 # (change requires restart) #stats_temp_directory = 'pg_stat_tmp' # - Monitoring - +#compute_query_id = auto +#log_statement_stats = off #log_parser_stats = off #log_planner_stats = off #log_executor_stats = off -#log_statement_stats = off #------------------------------------------------------------------------------ @@ -599,10 +619,6 @@ log_timezone = 'UTC' #autovacuum = on # Enable autovacuum subprocess? 'on' # requires track_counts to also be on. -#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and - # their durations, > 0 logs only - # actions running at least this number - # of milliseconds. #autovacuum_max_workers = 3 # max number of autovacuum subprocesses # (change requires restart) #autovacuum_naptime = 1min # time between autovacuum runs @@ -648,10 +664,11 @@ log_timezone = 'UTC' # error #search_path = '"$user", public' # schema names #row_security = on +#default_table_access_method = 'heap' #default_tablespace = '' # a tablespace name, '' uses the default +#default_toast_compression = 'pglz' # 'pglz' or 'lz4' #temp_tablespaces = '' # a list of tablespace names, '' uses # only default tablespace -#default_table_access_method = 'heap' #check_function_bodies = on #default_transaction_isolation = 'read committed' #default_transaction_read_only = off @@ -660,22 +677,21 @@ log_timezone = 'UTC' #statement_timeout = 0 # in milliseconds, 0 is disabled #lock_timeout = 0 # in milliseconds, 0 is disabled #idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled -#vacuum_freeze_min_age = 50000000 +#idle_session_timeout = 0 # in milliseconds, 0 is disabled #vacuum_freeze_table_age = 150000000 -#vacuum_multixact_freeze_min_age = 5000000 +#vacuum_freeze_min_age = 50000000 +#vacuum_failsafe_age = 1600000000 #vacuum_multixact_freeze_table_age = 150000000 -#vacuum_cleanup_index_scale_factor = 0.1 # fraction of total number of tuples - # before index cleanup, 0 always performs - # index cleanup +#vacuum_multixact_freeze_min_age = 5000000 +#vacuum_multixact_failsafe_age = 1600000000 #bytea_output = 'hex' # hex, escape #xmlbinary = 'base64' #xmloption = 'content' -#gin_fuzzy_search_limit = 0 #gin_pending_list_limit = 4MB # - Locale and Formatting - -#datestyle = 'iso, mdy' +datestyle = 'iso, mdy' #intervalstyle = 'postgres' timezone = 'UTC' #timezone_abbreviations = 'Default' # Select the set of available time zone @@ -710,6 +726,7 @@ default_text_search_config = 'pg_catalog.english' # - Other Defaults - #dynamic_library_path = '$libdir' +#gin_fuzzy_search_limit = 0 #------------------------------------------------------------------------------ @@ -737,7 +754,6 @@ default_text_search_config = 'pg_catalog.english' #backslash_quote = safe_encoding # on, off, or safe_encoding #escape_string_warning = on #lo_compat_privileges = off -#operator_precedence_warning = off #quote_all_identifiers = off #standard_conforming_strings = on #synchronize_seqscans = on @@ -756,6 +772,7 @@ default_text_search_config = 'pg_catalog.english' #data_sync_retry = off # retry or panic on failure to fsync # data? # (change requires restart) +#recovery_init_sync_method = fsync # fsync, syncfs (Linux 5.8+) #------------------------------------------------------------------------------ -- 2.44.0