Check your environment, sign up with hosted chef free tier here .

➜  chef-repo knife ssl check

Connecting to host api.chef.io:443

Successfully verified certificates from `api.chef.io

create a chef-repo/cookbooks directories in your home directory: mkdir -p ~/chef-repo/cookbooks

➜ chef-repo cd cookbooks 

➜  cookbooks ls

clone your related cookbooks from github or chef supermarket:

➜  cookbooks git clone https://github.com/sous-chefs/postgresql.git

Cloning into ‘postgresql’…

remote: Counting objects: 3120, done.

remote: Compressing objects: 100% (4/4), done.

remote: Total 3120 (delta 2), reused 1 (delta 1), pack-reused 3115

Receiving objects: 100% (3120/3120), 626.62 KiB | 0 bytes/s, done.

Resolving deltas: 100% (1737/1737), done.

cookbooks git clone https://github.com/chef-cookbooks/compat_resource.git

Cloning into ‘compat_resource’…

remote: Counting objects: 2383, done.

remote: Total 2383 (delta 0), reused 0 (delta 0), pack-reused 2383

Receiving objects: 100% (2383/2383), 454.93 KiB | 0 bytes/s, done.

Resolving deltas: 100% (1071/1071), done.

➜  cookbooks git clone https://github.com/chef-cookbooks/build-essential.git

Cloning into ‘build-essential’…

remote: Counting objects: 1683, done.

remote: Compressing objects: 100% (6/6), done.

remote: Total 1683 (delta 0), reused 0 (delta 0), pack-reused 1677

Receiving objects: 100% (1683/1683), 323.57 KiB | 405.00 KiB/s, done.

Resolving deltas: 100% (904/904), done.

➜  cookbooks git clone https://github.com/chef-cookbooks/openssl.git

Cloning into ‘openssl’…

remote: Counting objects: 953, done.

remote: Total 953 (delta 0), reused 0 (delta 0), pack-reused 953

Receiving objects: 100% (953/953), 159.34 KiB | 0 bytes/s, done.

Resolving deltas: 100% (443/443), done.

➜  cookbooks git clone https://github.com/daptiv/seven_zip.git

Cloning into ‘seven_zip’…

remote: Counting objects: 268, done.

remote: Total 268 (delta 0), reused 0 (delta 0), pack-reused 268

Receiving objects: 100% (268/268), 43.48 KiB | 0 bytes/s, done.

Resolving deltas: 100% (102/102), done.

➜  cookbooks git clone https://github.com/jonmthomson/mingw-cookbook.git

Cloning into ‘mingw-cookbook’…

remote: Counting objects: 15, done.

remote: Total 15 (delta 0), reused 0 (delta 0), pack-reused 15

Unpacking objects: 100% (15/15), done.

➜  cookbooks git clone https://github.com/chef-cookbooks/windows.git

Cloning into ‘windows’…

remote: Counting objects: 3789, done.

remote: Compressing objects: 100% (33/33), done.

remote: Total 3789 (delta 7), reused 0 (delta 0), pack-reused 3755

Receiving objects: 100% (3789/3789), 1.14 MiB | 522.00 KiB/s, done.

Resolving deltas: 100% (2301/2301), done.

➜  cookbooks git clone https://github.com/chef-cookbooks/ohai.git

Cloning into ‘ohai’…

remote: Counting objects: 917, done.

remote: Total 917 (delta 0), reused 0 (delta 0), pack-reused 917

Receiving objects: 100% (917/917), 166.75 KiB | 0 bytes/s, done.

Resolving deltas: 100% (432/432), done.

Upload the cookbooks to your hosted chef account.

➜  cookbooks knife cookbook upload postgresql compat_resource build-essential openssl seven_zip mingw windows ohai 

Uploading postgresql     [6.1.0]

Uploading compat_resource [12.16.3]

Uploading build-essential [8.0.0]

Uploading openssl        [6.1.1]

Uploading seven_zip      [2.0.0]

Uploading mingw          [1.2.5]

Uploading windows        [2.1.1]

Uploading ohai           [4.2.3]

Uploaded 8 cookbooks.

brew install/yum etc.. tree if you don’t have it

➜  cookbooks tree postgresql   

postgresql

├── CHANGELOG.md

├── CONTRIBUTING.md

├── README.md

├── attributes

│   ├── default.rb

│   └── yum_pgdg_packages.rb

├── libraries

│   └── default.rb

├── metadata.json

├── recipes

│   ├── apt_pgdg_postgresql.rb

│   ├── ca_certificates.rb

│   ├── client.rb

│   ├── config_initdb.rb

│   ├── config_pgtune.rb

│   ├── contrib.rb

│   ├── default.rb

│   ├── ruby.rb

│   ├── server.rb

│   ├── server_conf.rb

│   ├── server_debian.rb

│   ├── server_redhat.rb

│   └── yum_pgdg_postgresql.rb

├── resources

│   └── extension.rb

└── templates

    └── default

        ├── pg_hba.conf.erb

        ├── pgsql.sysconfig.erb

        ├── postgresql.conf.erb

        └── postgresql.service.erb

6 directories, 25 files

Run PostgreSQL cookbook
sudo chef-client –local-mode –runlist ‘recipe[postgresql]’

Check vagrant and virtualbox are installed

➜  cookbooks vagrant –version

Vagrant 1.9.1

➜  cookbooks VBoxManage –version

5.0.32r112930

Download CentOS vagrant box

➜  cookbooks vagrant box add bento/centos-7.2 –provider=virtualbox

==> box: Loading metadata for box ‘bento/centos-7.2’

    box: URL: https://atlas.hashicorp.com/bento/centos-7.2

==> box: Adding box ‘bento/centos-7.2’ (v2.3.1) for provider: virtualbox

    box: Downloading: https://atlas.hashicorp.com/bento/boxes/centos-7.2/versions/2.3.1/providers/virtualbox.box

==> box: Successfully added box ‘bento/centos-7.2’ (v2.3.1) for ‘virtualbox’!

Bring up CentOS Instance

➜  cookbooks vagrant init bento/centos-7.2

A `Vagrantfile` has been placed in this directory. You are now

ready to `vagrant up` your first virtual environment! Please read

the comments in the Vagrantfile as well as documentation on

`vagrantup.com` for more information on using Vagrant.

➜  cookbooks vagrant up    

Bringing machine ‘default’ up with ‘virtualbox’ provider…

==> default: Importing base box ‘bento/centos-7.2’…

==> default: Matching MAC address for NAT networking…

==> default: Checking if box ‘bento/centos-7.2’ is up to date…

==> default: Setting the name of the VM: cookbooks_default_1487711239910_90645

==> default: Clearing any previously set network interfaces…

==> default: Preparing network interfaces based on configuration…

    default: Adapter 1: nat

==> default: Forwarding ports…

    default: 22 (guest) => 2222 (host) (adapter 1)

==> default: Booting VM…

==> default: Waiting for machine to boot. This may take a few minutes…

    default: SSH address: 127.0.0.1:2222

    default: SSH username: vagrant

    default: SSH auth method: private key

    default: Warning: Remote connection disconnect. Retrying…

    default: 

    default: Vagrant insecure key detected. Vagrant will automatically replace

    default: this with a newly generated keypair for better security.

    default: 

    default: Inserting generated public key within guest…

    default: Removing insecure key from the guest if it’s present…

    default: Key inserted! Disconnecting and reconnecting using new SSH key…

==> default: Machine booted and ready!

==> default: Checking for guest additions in VM…

    default: The guest additions on this VM do not match the installed version of

    default: VirtualBox! In most cases this is fine, but in rare cases it can

    default: prevent things such as shared folders from working properly. If you see

    default: shared folder errors, please make sure the guest additions within the

    default: virtual machine match the version of VirtualBox you have installed on

    default: your host and reload your VM.

    default: 

    default: Guest Additions Version: 5.1.10

    default: VirtualBox Version: 5.0

==> default: Mounting shared folders…

    default: /vagrant => /Users/……/cookbooks

Log into machine

➜  cookbooks vagrant ssh

[vagrant@localhost ~]$ 

Install the Chef DK on your Centos Machine

[vagrant@localhost ~]$ curl https://omnitruck.chef.io/install.sh | sudo bash -s — -P chefdk -c stable -v 0.18.30

Show details about machine

➜  cookbooks vagrant ssh-config

Host default

  HostName 127.0.0.1

  User vagrant

  Port 2222

  UserKnownHostsFile /dev/null

  StrictHostKeyChecking no

  PasswordAuthentication no

  IdentityFile /Users/…../cookbooks/.vagrant/machines/default/virtualbox/private_key

  IdentitiesOnly yes

  LogLevel FATAL

Connect to local virtual machine using a port forward

ssh -i /home/…/private_key -l vagrant -p 2222 localhost

Verify network access

[vagrant@localhost ~]$ curl -I http://www.cnn.com | grep HTTP/1.1

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  0  125k    0     0    0     0      0      0 –:–:– –:–:– –:–:–     0

HTTP/1.1 200 OK

Bootstrap using key based authentication

knife bootstrap 127.0.0.1:2222 –ssh-user vagrant –sudo –identity-file ~/…..private_key –node-name postgresql-centos –run-list ‘recipe[postgresql]’

Creating new client for postgresql-centos

Creating new node for postgresql-centos

Connecting to 127.0.0.1:2222

127.0.0.1      —–> Existing Chef installation detected

127.0.0.1      Starting the first Chef Client run…

127.0.0.1      Starting Chef Client, version 12.14.89

127.0.0.1      resolving cookbooks for run list: [“postgresql”]

127.0.0.1      Synchronizing Cookbooks:

127.0.0.1        – postgresql (6.1.0)

127.0.0.1        – compat_resource (12.16.3)

127.0.0.1        – build-essential (8.0.0)

127.0.0.1        – seven_zip (2.0.0)

127.0.0.1        – windows (2.1.1)

127.0.0.1        – mingw (1.2.5)

127.0.0.1        – ohai (4.2.3)

127.0.0.1        – openssl (6.1.1)

127.0.0.1      Installing Cookbook Gems:

127.0.0.1      Compiling Cookbooks…

127.0.0.1      Converging 1 resources

127.0.0.1      Recipe: postgresql::client

127.0.0.1        * yum_package[postgresql-devel] action install

127.0.0.1          – install version 9.2.18-1.el7 of package postgresql-devel

127.0.0.1      

127.0.0.1      Running handlers:

127.0.0.1      Running handlers complete

127.0.0.1      Chef Client finished, 1/1 resources updated in 35 seconds

Confirm the result

➜  cookbooks knife node list

postgresql-centos

➜  cookbooks knife node show postgresql-centos

Node Name:   postgresql-centos

Environment: _default

FQDN:        localhost

IP:          10.0.2.15

Run List:    recipe[postgresql]

Roles:       

Recipes:     postgresql, postgresql::default, postgresql::client

Platform:    centos 7.2.1511

Tags:        

➜  cookbooks knife node run_list set postgresql-centos ‘recipe[postgresql::server]’

postgresql-centos:

  run_list: recipe[postgresql::server]

[root@localhost ~]# chef-client
Starting Chef Client, version 12.14.89
resolving cookbooks for run list: [“postgresql::server”]
Synchronizing Cookbooks:
– compat_resource (12.16.3)
– build-essential (8.0.0)
– seven_zip (2.0.0)
– windows (2.1.1)
– postgresql (6.1.0)
– mingw (1.2.5)
– ohai (4.2.3)
– openssl (6.1.1)
Installing Cookbook Gems:
Compiling Cookbooks…
Converging 14 resources
Recipe: postgresql::client
* yum_package[postgresql-devel] action install (up to date)
Recipe: postgresql::server_redhat
* group[postgres] action create
– create group postgres
* linux_user[postgres] action create
– create user postgres
* directory[/var/lib/pgsql/9.2/data] action create
– create new directory /var/lib/pgsql/9.2/data
– change mode from ” to ‘0700’
– change owner from ” to ‘postgres’
– change group from ” to ‘postgres’
– restore selinux security context
* yum_package[postgresql-server] action install
– install version 9.2.18-1.el7 of package postgresql-server
* template[/etc/systemd/system/postgresql.service] action create
– create new file /etc/systemd/system/postgresql.service
– update content in file /etc/systemd/system/postgresql.service from none to e5fad3
— /etc/systemd/system/postgresql.service 2017-02-22 01:57:33.532021829 +0000
+++ /etc/systemd/system/.chef-postgresql20170222-12896-dfsd9f.service 2017-02-22 01:57:33.530021829 +0000
@@ -1 +1,7 @@
+[Service]
+.include /usr/lib/systemd/system/postgresql.service
+
+Environment=
+Environment=PGPORT=5432
+Environment=PGDATA=/var/lib/pgsql/9.2/data
– change mode from ” to ‘0644’
– change owner from ” to ‘root’
– change group from ” to ‘root’
– restore selinux security context
* execute[systemctl-reload] action run
– execute systemctl daemon-reload
* execute[systemctl-reload] action nothing (skipped due to action :nothing)
* execute[postgresql-setup initdb postgresql] action run
– execute postgresql-setup initdb postgresql
* service[postgresql] action enable
– enable service service[postgresql]
* service[postgresql] action start
– start service service[postgresql]
Recipe: postgresql::server_conf
* template[/var/lib/pgsql/9.2/data/postgresql.conf] action create
– update content in file /var/lib/pgsql/9.2/data/postgresql.conf from 8e6e0b to 412573
— /var/lib/pgsql/9.2/data/postgresql.conf 2017-02-22 01:57:34.488021829 +0000
+++ /var/lib/pgsql/9.2/data/.chef-postgresql20170222-12896-1h3e4cd.conf 2017-02-22 01:57:37.363021829 +0000
@@ -1,578 +1,23 @@
-# —————————–
# PostgreSQL configuration file
-# —————————–
-#
-# This file consists of lines of the form:
-#
-# name = value
-#
-# (The “=” is optional.) Whitespace may be used. Comments are introduced with
-# “#” anywhere on a line. The complete list of parameter names and allowed
-# values can be found in the PostgreSQL documentation.
-#
-# The commented-out settings shown in this file represent the default values.
-# Re-commenting a setting is NOT sufficient to revert it to the default value;
-# you need to reload the server.
-#
-# This file is read on server startup and when the server receives a SIGHUP
-# signal. If you edit the file on a running system, you have to SIGHUP the
-# server for the changes to take effect, or use “pg_ctl reload”. Some
-# parameters, which are marked below, require a server shutdown and restart to
-# take effect.
-#
-# Any parameter can also be given as a command-line option to the server, e.g.,
-# “postgres -c log_connections=on”. Some parameters can be changed at run time
-# with the “SET” SQL command.
-#
-# Memory units: kB = kilobytes Time units: ms = milliseconds
-# MB = megabytes s = seconds
-# GB = gigabytes min = minutes
-# h = hours
-# d = days
+# This file was automatically generated and dropped off by chef!
+# Please refer to the PostgreSQL documentation for details on
+# configuration settings.


-#——————————————————————————
-# FILE LOCATIONS
-#——————————————————————————

-# The default values of these variables are driven from the -D command-line
-# option or PGDATA environment variable, represented here as ConfigDir.

-#data_directory = ‘ConfigDir’ # use data in another directory
– # (change requires restart)
-#hba_file = ‘ConfigDir/pg_hba.conf’ # host-based authentication file
– # (change requires restart)
-#ident_file = ‘ConfigDir/pg_ident.conf’ # ident configuration file
– # (change requires restart)

-# If external_pid_file is not explicitly set, no extra PID file is written.
-#external_pid_file = ” # write an extra PID file
– # (change requires restart)


-#——————————————————————————
-# CONNECTIONS AND AUTHENTICATION
-#——————————————————————————

-# – Connection Settings –

-#listen_addresses = ‘localhost’ # what IP address(es) to listen on;
– # comma-separated list of addresses;
– # defaults to ‘localhost’; use ‘*’ for all
– # (change requires restart)
-#port = 5432 # (change requires restart)
-# Note: In RHEL/Fedora installations, you can’t set the port number here;
-# adjust it in the service file instead.
-max_connections = 100 # (change requires restart)
-# Note: Increasing max_connections costs ~400 bytes of shared memory per
-# connection slot, plus lock space (see max_locks_per_transaction).
-#superuser_reserved_connections = 3 # (change requires restart)
-#unix_socket_directories = ‘/var/run/postgresql, /tmp’ # comma-separated list of directories
– # (change requires restart)
-#unix_socket_group = ” # (change requires restart)
-#unix_socket_permissions = 0777 # begin with 0 to use octal notation
– # (change requires restart)
-#bonjour = off # advertise server via Bonjour
– # (change requires restart)
-#bonjour_name = ” # defaults to the computer name
– # (change requires restart)

-# – Security and Authentication –

-#authentication_timeout = 1min # 1s-600s
-#ssl = off # (change requires restart)
-#ssl_ciphers = ‘ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH’ # allowed SSL ciphers
– # (change requires restart)
-#ssl_renegotiation_limit = 0 # amount of data between renegotiations
-#ssl_cert_file = ‘server.crt’ # (change requires restart)
-#ssl_key_file = ‘server.key’ # (change requires restart)
-#ssl_ca_file = ” # (change requires restart)
-#ssl_crl_file = ” # (change requires restart)
-#password_encryption = on
-#db_user_namespace = off

-# Kerberos and GSSAPI
-#krb_server_keyfile = ”
-#krb_srvname = ‘postgres’ # (Kerberos only)
-#krb_caseins_users = off

-# – TCP Keepalives –
-# see “man 7 tcp” for details

-#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds;
– # 0 selects the system default
-#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds;
– # 0 selects the system default
-#tcp_keepalives_count = 0 # TCP_KEEPCNT;
– # 0 selects the system default


-#——————————————————————————
-# RESOURCE USAGE (except WAL)
-#——————————————————————————

-# – Memory –

-shared_buffers = 32MB # min 128kB
– # (change requires restart)
-#temp_buffers = 8MB # min 800kB
-#max_prepared_transactions = 0 # zero disables the feature
– # (change requires restart)
-# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory
-# per transaction slot, plus lock space (see max_locks_per_transaction).
-# It is not advisable to set max_prepared_transactions nonzero unless you
-# actively intend to use prepared transactions.
-#work_mem = 1MB # min 64kB
-#maintenance_work_mem = 16MB # min 1MB
-#max_stack_depth = 2MB # min 100kB

-# – Disk –

-#temp_file_limit = -1 # limits per-session temp file space
– # in kB, or -1 for no limit

-# – Kernel Resource Usage –

-#max_files_per_process = 1000 # min 25
– # (change requires restart)
-#shared_preload_libraries = ” # (change requires restart)

-# – Cost-Based Vacuum Delay –

-#vacuum_cost_delay = 0ms # 0-100 milliseconds
-#vacuum_cost_page_hit = 1 # 0-10000 credits
-#vacuum_cost_page_miss = 10 # 0-10000 credits
-#vacuum_cost_page_dirty = 20 # 0-10000 credits
-#vacuum_cost_limit = 200 # 1-10000 credits

-# – Background Writer –

-#bgwriter_delay = 200ms # 10-10000ms between rounds
-#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round
-#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round

-# – Asynchronous Behavior –

-#effective_io_concurrency = 1 # 1-1000; 0 disables prefetching


-#——————————————————————————
-# WRITE AHEAD LOG
-#——————————————————————————

-# – Settings –

-#wal_level = minimal # minimal, archive, or hot_standby
– # (change requires restart)
-#fsync = on # turns forced synchronization on or off
-#synchronous_commit = on # synchronization level;
– # off, local, remote_write, or on
-#wal_sync_method = fsync # the default is the first option
– # supported by the operating system:
– # open_datasync
– # fdatasync (default on Linux)
– # fsync
– # fsync_writethrough
– # open_sync
-#full_page_writes = on # recover from partial page writes
-#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers
– # (change requires restart)
-#wal_writer_delay = 200ms # 1-10000 milliseconds

-#commit_delay = 0 # range 0-100000, in microseconds
-#commit_siblings = 5 # range 1-1000

-# – Checkpoints –

-#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each
-#checkpoint_timeout = 5min # range 30s-1h
-#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 – 1.0
-#checkpoint_warning = 30s # 0 disables

-# – Archiving –

-#archive_mode = off # allows archiving to be done
– # (change requires restart)
-#archive_command = ” # command to use to archive a logfile segment
– # placeholders: %p = path of file to archive
– # %f = file name only
– # e.g. ‘test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f’
-#archive_timeout = 0 # force a logfile segment switch after this
– # number of seconds; 0 disables


-#——————————————————————————
-# REPLICATION
-#——————————————————————————

-# – Sending Server(s) –

-# Set these on the master and on any standby that will send replication data.

-#max_wal_senders = 0 # max number of walsender processes
– # (change requires restart)
-#wal_keep_segments = 0 # in logfile segments, 16MB each; 0 disables
-#replication_timeout = 60s # in milliseconds; 0 disables

-# – Master Server –

-# These settings are ignored on a standby server.

-#synchronous_standby_names = ” # standby servers that provide sync rep
– # comma-separated list of application_name
– # from standby(s); ‘*’ = all
-#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed

-# – Standby Servers –

-# These settings are ignored on a master server.

-#hot_standby = off # “on” allows queries during recovery
– # (change requires restart)
-#max_standby_archive_delay = 30s # max delay before canceling queries
– # when reading WAL from archive;
– # -1 allows indefinite delay
-#max_standby_streaming_delay = 30s # max delay before canceling queries
– # when reading streaming WAL;
– # -1 allows indefinite delay
-#wal_receiver_status_interval = 10s # send replies at least this often
– # 0 disables
-#hot_standby_feedback = off # send info from standby to prevent
– # query conflicts


-#——————————————————————————
-# QUERY TUNING
-#——————————————————————————

-# – Planner Method Configuration –

-#enable_bitmapscan = on
-#enable_hashagg = on
-#enable_hashjoin = on
-#enable_indexscan = on
-#enable_indexonlyscan = on
-#enable_material = on
-#enable_mergejoin = on
-#enable_nestloop = on
-#enable_seqscan = on
-#enable_sort = on
-#enable_tidscan = on

-# – Planner Cost Constants –

-#seq_page_cost = 1.0 # measured on an arbitrary scale
-#random_page_cost = 4.0 # same scale as above
-#cpu_tuple_cost = 0.01 # same scale as above
-#cpu_index_tuple_cost = 0.005 # same scale as above
-#cpu_operator_cost = 0.0025 # same scale as above
-#effective_cache_size = 128MB

-# – Genetic Query Optimizer –

-#geqo = on
-#geqo_threshold = 12
-#geqo_effort = 5 # range 1-10
-#geqo_pool_size = 0 # selects default based on effort
-#geqo_generations = 0 # selects default based on effort
-#geqo_selection_bias = 2.0 # range 1.5-2.0
-#geqo_seed = 0.0 # range 0.0-1.0

-# – Other Planner Options –

-#default_statistics_target = 100 # range 1-10000
-#constraint_exclusion = partition # on, off, or partition
-#cursor_tuple_fraction = 0.1 # range 0.0-1.0
-#from_collapse_limit = 8
-#join_collapse_limit = 8 # 1 disables collapsing of explicit
– # JOIN clauses


-#——————————————————————————
-# ERROR REPORTING AND LOGGING
-#——————————————————————————

-# – Where to Log –

-#log_destination = ‘stderr’ # Valid values are combinations of
– # stderr, csvlog, syslog, and eventlog,
– # depending on platform. csvlog
– # requires logging_collector to be on.

-# This is used when logging to stderr:
-logging_collector = on # Enable capturing of stderr and csvlog
– # into log files. Required to be on for
– # csvlogs.
– # (change requires restart)

-# These are only used if logging_collector is on:
-#log_directory = ‘pg_log’ # directory where log files are written,
– # can be absolute or relative to PGDATA
-log_filename = ‘postgresql-%a.log’ # log file name pattern,
– # can include strftime() escapes
-#log_file_mode = 0600 # creation mode for log files,
– # begin with 0 to use octal notation
-log_truncate_on_rotation = on # If on, an existing log file with the
– # same name as the new log file will be
– # truncated rather than appended to.
– # But such truncation only occurs on
– # time-driven rotation, not on restarts
– # or size-driven rotation. Default is
– # off, meaning append to existing files
– # in all cases.
-log_rotation_age = 1d # Automatic rotation of logfiles will
– # happen after that time. 0 disables.
-log_rotation_size = 0 # Automatic rotation of logfiles will
– # happen after that much log output.
– # 0 disables.

-# These are relevant when logging to syslog:
-#syslog_facility = ‘LOCAL0’
-#syslog_ident = ‘postgres’

-# This is only relevant when logging to eventlog (win32):
-#event_source = ‘PostgreSQL’

-# – When to Log –

-#client_min_messages = notice # values in order of decreasing detail:
– # debug5
– # debug4
– # debug3
– # debug2
– # debug1
– # log
– # notice
– # warning
– # error

-#log_min_messages = warning # values in order of decreasing detail:
– # debug5
– # debug4
– # debug3
– # debug2
– # debug1
– # info
– # notice
– # warning
– # error
– # log
– # fatal
– # panic

-#log_min_error_statement = error # values in order of decreasing detail:
– # debug5
– # debug4
– # debug3
– # debug2
– # debug1
– # info
– # notice
– # warning
– # error
– # log
– # fatal
– # panic (effectively off)

-#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements
– # and their durations, > 0 logs only
– # statements running at least this number
– # of milliseconds


-# – What to Log –

-#debug_print_parse = off
-#debug_print_rewritten = off
-#debug_print_plan = off
-#debug_pretty_print = on
-#log_checkpoints = off
-#log_connections = off
-#log_disconnections = off
-#log_duration = off
-#log_error_verbosity = default # terse, default, or verbose messages
-#log_hostname = off
-#log_line_prefix = ” # special values:
– # %a = application name
– # %u = user name
– # %d = database name
– # %r = remote host and port
– # %h = remote host
– # %p = process ID
– # %t = timestamp without milliseconds
– # %m = timestamp with milliseconds
– # %i = command tag
– # %e = SQL state
– # %c = session ID
– # %l = session line number
– # %s = session start timestamp
– # %v = virtual transaction ID
– # %x = transaction ID (0 if none)
– # %q = stop here in non-session
– # processes
– # %% = ‘%’
– # e.g. ‘<%u%%%d> ‘
-#log_lock_waits = off # log lock waits >= deadlock_timeout
-#log_statement = ‘none’ # none, ddl, mod, all
-#log_temp_files = -1 # log temporary files equal or larger
– # than the specified size in kilobytes;
– # -1 disables, 0 logs all temp files
-log_timezone = ‘UTC’


-#——————————————————————————
-# RUNTIME STATISTICS
-#——————————————————————————

-# – Query/Index Statistics Collector –

-#track_activities = on
-#track_counts = on
-#track_io_timing = off
-#track_functions = none # none, pl, all
-#track_activity_query_size = 1024 # (change requires restart)
-#update_process_title = on
-#stats_temp_directory = ‘pg_stat_tmp’


-# – Statistics Monitoring –

-#log_parser_stats = off
-#log_planner_stats = off
-#log_executor_stats = off
-#log_statement_stats = off


-#——————————————————————————
-# AUTOVACUUM PARAMETERS
-#——————————————————————————

-#autovacuum = on # Enable autovacuum subprocess? ‘on’
– # requires track_counts to also be on.
-#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and
– # their durations, > 0 logs only
– # actions running at least this number
– # of milliseconds.
-#autovacuum_max_workers = 3 # max number of autovacuum subprocesses
– # (change requires restart)
-#autovacuum_naptime = 1min # time between autovacuum runs
-#autovacuum_vacuum_threshold = 50 # min number of row updates before
– # vacuum
-#autovacuum_analyze_threshold = 50 # min number of row updates before
– # analyze
-#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum
-#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze
-#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum
– # (change requires restart)
-#autovacuum_vacuum_cost_delay = 20ms # default vacuum cost delay for
– # autovacuum, in milliseconds;
– # -1 means use vacuum_cost_delay
-#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for
– # autovacuum, -1 means use
– # vacuum_cost_limit


-#——————————————————————————
-# CLIENT CONNECTION DEFAULTS
-#——————————————————————————

-# – Statement Behavior –

-#search_path = ‘”$user”,public’ # schema names
-#default_tablespace = ” # a tablespace name, ” uses the default
-#temp_tablespaces = ” # a list of tablespace names, ” uses
– # only default tablespace
-#check_function_bodies = on
-#default_transaction_isolation = ‘read committed’
-#default_transaction_read_only = off
-#default_transaction_deferrable = off
-#session_replication_role = ‘origin’
-#statement_timeout = 0 # in milliseconds, 0 is disabled
-#vacuum_freeze_min_age = 50000000
-#vacuum_freeze_table_age = 150000000
-#bytea_output = ‘hex’ # hex, escape
-#xmlbinary = ‘base64’
-#xmloption = ‘content’
-#gin_fuzzy_search_limit = 0

-# – Locale and Formatting –

+data_directory = ‘/var/lib/pgsql/9.2/data’
datestyle = ‘iso, mdy’
-#intervalstyle = ‘postgres’
-timezone = ‘UTC’
-#timezone_abbreviations = ‘Default’ # Select the set of available time zone
– # abbreviations. Currently, there are
– # Default
– # Australia (historical usage)
– # India
– # You can create your own file in
– # share/timezonesets/.
-#extra_float_digits = 0 # min -15, max 3
-#client_encoding = sql_ascii # actually, defaults to database
– # encoding

-# These settings are initialized by initdb, but they can be changed.
-lc_messages = ‘en_US.UTF-8’ # locale for system error message
– # strings
-lc_monetary = ‘en_US.UTF-8’ # locale for monetary formatting
-lc_numeric = ‘en_US.UTF-8’ # locale for number formatting
-lc_time = ‘en_US.UTF-8’ # locale for time formatting

-# default configuration for text search
default_text_search_config = ‘pg_catalog.english’

-# – Other Defaults –

-#dynamic_library_path = ‘$libdir’
-#local_preload_libraries = ”


-#——————————————————————————
-# LOCK MANAGEMENT
-#——————————————————————————

-#deadlock_timeout = 1s
-#max_locks_per_transaction = 64 # min 10
– # (change requires restart)
-# Note: Each lock table slot uses ~270 bytes of shared memory, and there are
-# max_locks_per_transaction * (max_connections + max_prepared_transactions)
-# lock table slots.
-#max_pred_locks_per_transaction = 64 # min 10
– # (change requires restart)


-#——————————————————————————
-# VERSION/PLATFORM COMPATIBILITY
-#——————————————————————————

-# – Previous PostgreSQL Versions –

-#array_nulls = on
-#backslash_quote = safe_encoding # on, off, or safe_encoding
-#default_with_oids = off
-#escape_string_warning = on
-#lo_compat_privileges = off
-#quote_all_identifiers = off
-#sql_inheritance = on
-#standard_conforming_strings = on
-#synchronize_seqscans = on

-# – Other Platforms and Clients –

-#transform_null_equals = off


-#——————————————————————————
-# ERROR HANDLING
-#——————————————————————————

-#exit_on_error = off # terminate session on any error?
-#restart_after_crash = on # reinitialize after backend crash?


-#——————————————————————————
-# CUSTOMIZED OPTIONS
-#——————————————————————————

-# Add settings for extensions here
+lc_messages = ‘en_US.UTF-8’
+lc_monetary = ‘en_US.UTF-8’
+lc_numeric = ‘en_US.UTF-8’
+lc_time = ‘en_US.UTF-8’
+listen_addresses = ‘localhost’
+log_directory = ‘pg_log’
+log_filename = ‘postgresql-%a.log’
+log_rotation_age = ‘1d’
+log_rotation_size = 0
+log_truncate_on_rotation = on
+logging_collector = on
+max_connections = 100
+port = 5432
+shared_buffers = ’32MB’
– restore selinux security context
Recipe: postgresql::server_redhat
* service[postgresql] action restart
– restart service service[postgresql]
Recipe: postgresql::server_conf
* template[/var/lib/pgsql/9.2/data/pg_hba.conf] action create
– update content in file /var/lib/pgsql/9.2/data/pg_hba.conf from 8daecd to 4f51ec
— /var/lib/pgsql/9.2/data/pg_hba.conf 2017-02-22 01:57:34.488021829 +0000
+++ /var/lib/pgsql/9.2/data/.chef-pg_hba20170222-12896-1h9gvdh.conf 2017-02-22 01:57:39.635021829 +0000
@@ -1,90 +1,25 @@
+# This file was automatically generated and dropped off by Chef!
+
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the “Client Authentication” section in the PostgreSQL
-# documentation for a complete description of this file. A short
-# synopsis follows.
-#
-# This file controls: which hosts are allowed to connect, how clients
-# are authenticated, which PostgreSQL user names they can use, which
-# databases they can access. Records take one of these forms:
-#
-# local DATABASE USER METHOD [OPTIONS]
-# host DATABASE USER ADDRESS METHOD [OPTIONS]
-# hostssl DATABASE USER ADDRESS METHOD [OPTIONS]
-# hostnossl DATABASE USER ADDRESS METHOD [OPTIONS]
-#
-# (The uppercase items must be replaced by actual values.)
-#
-# The first field is the connection type: “local” is a Unix-domain
-# socket, “host” is either a plain or SSL-encrypted TCP/IP socket,
-# “hostssl” is an SSL-encrypted TCP/IP socket, and “hostnossl” is a
-# plain TCP/IP socket.
-#
-# DATABASE can be “all”, “sameuser”, “samerole”, “replication”, a
-# database name, or a comma-separated list thereof. The “all”
-# keyword does not match “replication”. Access to replication
-# must be enabled in a separate record (see example below).
-#
-# USER can be “all”, a user name, a group name prefixed with “+”, or a
-# comma-separated list thereof. In both the DATABASE and USER fields
-# you can also write a file name prefixed with “@” to include names
-# from a separate file.
-#
-# ADDRESS specifies the set of hosts the record matches. It can be a
-# host name, or it is made up of an IP address and a CIDR mask that is
-# an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that
-# specifies the number of significant bits in the mask. A host name
-# that starts with a dot (.) matches a suffix of the actual host name.
-# Alternatively, you can write an IP address and netmask in separate
-# columns to specify the set of hosts. Instead of a CIDR-address, you
-# can write “samehost” to match any of the server’s own IP addresses,
-# or “samenet” to match any address in any subnet that the server is
-# directly connected to.
-#
-# METHOD can be “trust”, “reject”, “md5”, “password”, “gss”, “sspi”,
-# “krb5”, “ident”, “peer”, “pam”, “ldap”, “radius” or “cert”. Note that
-# “password” sends passwords in clear text; “md5” is preferred since
-# it sends encrypted passwords.
-#
-# OPTIONS are a set of options for the authentication in the format
-# NAME=VALUE. The available options depend on the different
-# authentication methods — refer to the “Client Authentication”
-# section in the documentation for a list of which options are
-# available for which authentication methods.
-#
-# Database and user names containing spaces, commas, quotes and other
-# special characters must be quoted. Quoting one of the keywords
-# “all”, “sameuser”, “samerole” or “replication” makes the name lose
-# its special character, and just match a database or username with
-# that name.
-#
-# This file is read on server startup and when the postmaster receives
-# a SIGHUP signal. If you edit the file on a running system, you have
-# to SIGHUP the postmaster for the changes to take effect. You can
-# use “pg_ctl reload” to do that.
+# documentation for a complete description of this file.

-# Put your actual configuration here
-# ———————————-
-#
-# If you want to allow non-local connections, you need to add more
-# “host” records. In that case you will also need to make PostgreSQL
-# listen on a non-local interface via the listen_addresses
-# configuration parameter, or via the -i or -h command line switches.
+# TYPE DATABASE USER ADDRESS METHOD

+###########
+# Other authentication configurations taken from chef node defaults:
+###########

+local all postgres ident

-# TYPE DATABASE USER ADDRESS METHOD
+local all all ident

+host all all 127.0.0.1/32 md5
+
+host all all ::1/128 md5
+
# “local” is for Unix domain socket connections only
local all all peer
-# IPv4 local connections:
-host all all 127.0.0.1/32 ident
-# IPv6 local connections:
-host all all ::1/128 ident
-# Allow replication connections from localhost, by a user with the
-# replication privilege.
-#local replication postgres peer
-#host replication postgres 127.0.0.1/32 ident
-#host replication postgres ::1/128 ident
– restore selinux security context
Recipe: postgresql::server_redhat
* service[postgresql] action restart
– restart service service[postgresql]
Recipe: postgresql::server
* link[/var/lib/pgsql/9.2/data/server.crt] action create (skipped due to only_if)
* link[/var/lib/pgsql/9.2/data/server.key] action create (skipped due to only_if)
* bash[assign-postgres-password] action run
– execute “bash” “/tmp/chef-script20170222-12896-m4i1za”
Recipe: postgresql::server_redhat
* service[postgresql] action reload
– reload service service[postgresql]

Running handlers:
Running handlers complete
Chef Client finished, 15/19 resources updated in 23 seconds
[root@localhost ~]#

Cleaning Up

vagrant destroy –force

Advertisements