Closed Fmstrat closed 12 months ago
Taking a quick look, I think we may run into issues with the /etc/postgresql.conf
being mounted with permissions the postgres
user cannot read:
/ # ls -lh /etc/postgresql.conf
-rw------- 1 1000 1000 733 Oct 2 18:12 /etc/postgresql.conf
/ # grep postgres /etc/passwd
postgres:x:70:70:Linux User,,,:/var/lib/postgresql:/bin/sh
2023-10-07 20:01:21.001 GMT [1] LOG: could not open configuration file "/etc/postgresql.conf": Permission denied
2023-10-07 20:01:21.001 GMT [1] FATAL: configuration file "/etc/postgresql.conf" contains errors
The playbooks are distributing the postgres configuration with 1000:1000
ownership and 0600
permissions (https://github.com/LemmyNet/lemmy-ansible/blob/main/lemmy.yml#L222-L224 & https://github.com/LemmyNet/lemmy-ansible/blob/main/lemmy-almalinux.yml#L189-L191). I see no reason why this is needed, so we could either change the ownership to 70:70
and keep the 0600
permissions or just set the user
and owner
to root
with 0644
permissions (IMO the most logical).
Could you fix this in your PR?
EDIT
I realized you might have been coming from the primary project, which references this docker-compose.yml
. If you're uncomfortable adjusting the playbooks (or don't have time), let me know, and I'll submit a separate PR to fix it :).
Good luck with the move!
Happy to do it, while I don't deploy lemmy this way (I just happened to notice it) I'm prretty familiar with ansible. I'll knock it out after the move. And thanks!
Thanks @Fmstrat ! I've been meaning to fix this up. As i've helped solve this on the matrix rooms multiple times.
Once #186 is merged please rebase and we'll merge
Default Docker configurations in Alpine have a different override path, which causes problems if people switch to the Ansible deployment.
Reproduction of the issue:
/etc/postgresql.conf
SHOW config_file
to see the location of the config file (it will be in/var/lib/data
)/etc/postgresql.conf
SHOW config_file
to see the location of the config file (it will still be in/var/lib/data
)Also, official docker instructions for Postgres is to use
/etc/postgresql/postgresql.conf
, though this is irrelevant given this PR.To force the use of
/etc/postgresql.conf
for if users switch from bare mode to Ansible, the compose file was edited to include a forcedcommand
.In addition, the default for PG15 alpine
listen_address
islocalhost
, not*
, which is required for thelemmy
container to connect. This default is overwritten by the docker container normally, but is not included in the tuning samples provided.NOTE: It is highly possible there are a number of smaller self-hosted instances who have no idea their poor performance is because PG is not properly tuned, as the defaults are pretty meager.