tenseleyflow/shithub / d034668

+# Managed by Ansible — drop-in include for /etc/postgresql/16/main/conf.d/.

+# Postgres reads everything in conf.d after the main postgresql.conf

+# (the Debian-shipped file enables `include_dir = 'conf.d'`).

+#

+# We use a drop-in instead of overwriting postgresql.conf because the

+# Debian package's default file carries dozens of platform-specific

+# settings that touching them risks breaking. Smaller blast radius.

+#

+# Changing archive_mode requires a full Postgres RESTART (not just

+# reload) — the SIGHUP-reload path can't toggle it.

+

+# WAL archiving — required for PITR. Ships every WAL segment to

+# spaces-prod:shithub-wal via /usr/local/bin/shithub-pg-archive.

+# Operator must:

+#   1. Create the shithub-wal bucket in the primary Spaces region

+#      (and shithub-wal-dr in the DR region for sync-cross-region.sh).

+#   2. Extend the prod RW Spaces key's grants to include readwrite

+#      on both buckets.

+#   3. systemctl restart postgresql@16-main

+#   4. Verify: SELECT * FROM pg_stat_archiver \\gx — last_archived_wal

+#      becomes non-null within ~60s (archive_timeout).

+wal_level = replica

+archive_mode = on

+archive_command = '/usr/local/bin/shithub-pg-archive %p %f'

+# Force WAL rotation if no segment fills naturally — bounds RPO at

+# 60s on a quiet server. The penalty is one extra ~16 MB segment per

+# minute of idle, which Spaces lifecycle handles cheaply.

+archive_timeout = 60