rocky9 support with postgres backend #185
Conversation
Minor rework to support installation on a redhat 9 server. The primary change is that the powertools repo has been replaced with crb (code ready builders) in major release 9.
On rocky9 the default configuration does not allow the authoritative server to actually read its own configuration file. This ensures it is readable. Also fixes some bugs in the spec.
pdemonaco
force-pushed
the
feat-rocky9-support
branch
from
16d1ffd to
a09ef93
Compare
| group => $group, | ||
| mode => '0640', |
There was a problem hiding this comment.
This might potentially break things on other distributions, if the group is missing or it's not running under this group or root.
There was a problem hiding this comment.
Also, does this mean PowerDNS does not create a config anymore during installation?
There was a problem hiding this comment.
Config file will still be installed with the package installation, but managing it like that isn't going to work. It will definitely break on other distros
There was a problem hiding this comment.
Interesting. I can't speak to what the behavior is on other distros, however, the file was created with 0600 permissions on Rocky 9.5 in my testing.
I'll rework it so this change only applies on Rocky9 or perhaps Redhat 9 generally.
manifests/repo.pp
Outdated
| $gpgkey = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial' | ||
| $code_repo_params = { | ||
| mirrorlist => "https://mirrors.rockylinux.org/mirrorlist?arch=\$basearch&repo=${repo_desc}-\$releasever", | ||
| gpgkey => 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial', |
There was a problem hiding this comment.
I'd suggest to switch to some generic name or leave the centos and rocky part out.
There was a problem hiding this comment.
I'm sure the other derivatives need these repos as well, however, I don't know enough about their structure to address it directly. The hiera based code makes no assumptions
manifests/repo.pp
Outdated
| $mirrorlist = "https://mirrors.rockylinux.org/mirrorlist?arch=\$basearch&repo=PowerTools-\$releasever" | ||
| $gpgkey = 'file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial' | ||
| $code_repo_params = { | ||
| mirrorlist => "https://mirrors.rockylinux.org/mirrorlist?arch=\$basearch&repo=${repo_desc}-\$releasever", |
There was a problem hiding this comment.
We might simplify the whole code by adding a parameter, which gets it's value from hiera.
There was a problem hiding this comment.
Good idea. I've updated the logic at least for the RHEL derivatives.
There was a problem hiding this comment.
After reading a bit about it, it seems to be more complicated.
Looking at https://wiki.rockylinux.org/rocky/repo/#base-repositories there's no powertools or PowerTools repo on Rocky 9, but instead it's crb.
crb is also available on CentOS Stream 9.
On Rocky 9 and CentOS Stream 9 we might use an exec to run dnf config-manager --enable <repo>
There was a problem hiding this comment.
Rocky 8 requires either the dnf-plugins-core or we just update the enabled line in /etc/yum.repos.d/Rocky-PowerTools.repo (might also be an option for the other versions 🤷 )
There was a problem hiding this comment.
I've found an even easier solution: the powertools repo isn't needed. EPEL is enough. Tested on CentOS Stream 9, Rocky 8 and 9
I'll create a PR to get rid of it.
data/os/RedHat/9.yaml
Outdated
| @@ -0,0 +1,2 @@ | |||
| --- | |||
| powerdns::pgsql_schema_file: /usr/share/doc/pdns-backend-postgresql/schema.pgsql.sql | |||
There was a problem hiding this comment.
As far as I can see, all RedHat-based packages have /usr/share/doc/pdns-backend-<name>/schema.<backend>.sql available and we can just update the paths in data/os/RedHat.yaml
Updating the path to the appropriate location. The package version number is not included in the default schema path as of this release.
Adding a REFERENCE.md file with the parameters we currently have documented.
Moves the logic for CentOS and Rocky additional supporting repos out of the repo class itself and into hiera where they can be more precisely maintained. Note that this code nolonger handles the CRB or PowerTools repos for RedHat derivatives other than Rocky and CentOS.
pdemonaco
force-pushed
the
feat-rocky9-support
branch
from
46dfbe1 to
4da10f2
Compare
There was a problem hiding this comment.
CentOS 8 is EOL so I don't see a good reason to add this
| @@ -33,8 +33,7 @@ | |||
| { | |||
| "operatingsystem": "CentOS", | |||
| "operatingsystemrelease": [ | |||
| "8", | |||
| "9" | |||
There was a problem hiding this comment.
Why drop 9? It should really be the only version since 8 is EOL.
I ran into a few minor issues trying to setup an authoritative PowerDNS server on Rocky9 and made some corrections to get it working:
/etc/pdns/pdns.conffile did not allow the service to read it when using the standard pdns user