docs: rewrite README with structured overview and quick start guide

Replaces the minimal project description with a comprehensive README including a component overview table, quick start instructions, common Ansible operations, and links to detailed documentation. Aligns with Red Panda Approval™ standards.
2026-03-03 12:49:06 +00:00
parent c7be03a743
commit b4d60f2f38
219 changed files with 34586 additions and 2 deletions
--- a/ansible/postgresql/deploy.yml
+++ b/ansible/postgresql/deploy.yml
@@ -0,0 +1,244 @@
+---
+- name: Deploy PostgreSQL
+  hosts: ubuntu
+  become: true
+  tasks:
+  - name: Check if host has postgresql service
+    ansible.builtin.set_fact:
+      has_postgresql_service: "{{ 'postgresql' in services | default([]) }}"
+
+  - name: Skip hosts without postgresql service
+    ansible.builtin.meta: end_host
+    when: not has_postgresql_service
+
+  - name: Install build dependencies
+    become: true
+    ansible.builtin.apt:
+      name: [curl, git, build-essential, vim, python3-psycopg2]
+      state: present
+      update_cache: true
+
+  - name: Install PostgreSQL Common
+    become: true
+    ansible.builtin.apt:
+      name: postgresql-common
+      state: present
+
+  - name: Install the public key for the PostgreSQL repository
+    become: true
+    ansible.builtin.shell: /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y
+    register: pg_repo_output
+
+  - name: Install PostgreSQL packages
+    become: true
+    ansible.builtin.apt:
+      name:
+        - postgresql-client-17
+        - postgresql-doc-17
+        - postgresql-17
+        - libpq-dev
+        - postgresql-server-dev-17
+      state: present
+      update_cache: true
+
+  - name: Show PostgreSQL repository output
+    ansible.builtin.debug:
+      var: pg_repo_output
+
+  - name: Create gh directory
+    become: true
+    ansible.builtin.file:
+      path: /home/{{ remote_user }}/gh
+      state: directory
+      owner: "{{ remote_user }}"
+      group: "{{ remote_user }}"
+      mode: '755'
+
+  - name: Clone pgvector repository
+    become: true
+    become_user: "{{ remote_user }}"
+    ansible.builtin.git:
+      repo: https://github.com/pgvector/pgvector.git
+      dest: /home/{{ remote_user }}/gh/pgvector
+      version: v0.8.0
+      force: true
+
+  - name: Build pgvector
+    become: true
+    become_user: "{{ remote_user }}"
+    ansible.builtin.make:
+      chdir: /home/{{ remote_user }}/gh/pgvector
+
+  - name: Install pgvector
+    become: true
+    ansible.builtin.make:
+      chdir: /home/{{ remote_user }}/gh/pgvector
+      target: install
+
+  - name: Ensure PostgreSQL is running
+    ansible.builtin.systemd:
+      name: postgresql
+      state: started
+      enabled: true
+
+  - name: Restart PostgreSQL after pgvector installation
+    ansible.builtin.systemd:
+      name: postgresql
+      state: restarted
+
+  - name: Check actual PostgreSQL version
+    ansible.builtin.shell: |
+      sudo -u postgres psql -c "SELECT version();"
+    become: true
+    register: pg_version_check
+
+  - name: Display PostgreSQL version
+    ansible.builtin.debug:
+      var: pg_version_check.stdout
+
+  - name: Check PostgreSQL config directory
+    ansible.builtin.shell: |
+      sudo -u postgres psql -c "SHOW config_file;"
+    become: true
+    register: pg_config_check
+
+  - name: Display PostgreSQL config location
+    ansible.builtin.debug:
+      var: pg_config_check.stdout
+
+  - name: Check available pg_config versions
+    ansible.builtin.shell: |
+      ls -la /usr/bin/pg_config*
+      which pg_config
+      pg_config --version
+    become: true
+    register: pg_config_versions
+
+  - name: Display pg_config information
+    ansible.builtin.debug:
+      var: pg_config_versions.stdout
+
+  - name: Build pgvector with correct pg_config
+    become: true
+    ansible.builtin.shell: |
+      cd /home/{{ remote_user }}/gh/pgvector
+      make clean
+      # Use the specific pg_config for the installed version
+      PG_CONFIG_PATH=$(ls /usr/bin/pg_config-* | head -1)
+      if [ -z "$PG_CONFIG_PATH" ]; then
+        PG_CONFIG_PATH=$(which pg_config)
+      fi
+      echo "Using pg_config: $PG_CONFIG_PATH"
+      $PG_CONFIG_PATH --version
+      make PG_CONFIG=$PG_CONFIG_PATH
+      make install PG_CONFIG=$PG_CONFIG_PATH
+    register: pgvector_build_output
+
+  - name: Display pgvector build output
+    ansible.builtin.debug:
+      var: pgvector_build_output.stdout
+
+  - name: Restart PostgreSQL after proper pgvector installation
+    ansible.builtin.systemd:
+      name: postgresql
+      state: restarted
+
+  - name: Verify pgvector extension is available
+    ansible.builtin.shell: |
+      sudo -u postgres psql -c "SELECT * FROM pg_available_extensions WHERE name = 'vector';"
+    become: true
+    register: pgvector_check
+
+  - name: Display pgvector availability check
+    ansible.builtin.debug:
+      var: pgvector_check.stdout
+
+  - name: Set PostgreSQL data directory permissions
+    ansible.builtin.file:
+      path: "{{ postgresql_data_dir }}"
+      owner: "{{ postgres_user }}"
+      group: "{{ postgres_group }}"
+      mode: '700'
+      recurse: true
+
+  - name: Configure PostgreSQL to listen on all addresses
+    ansible.builtin.lineinfile:
+      path: /etc/postgresql/17/main/postgresql.conf
+      regexp: "^#?listen_addresses"
+      line: "listen_addresses = '*'"
+      backup: true
+    notify: restart postgresql
+
+  - name: Configure PostgreSQL client authentication
+    ansible.builtin.lineinfile:
+      path: /etc/postgresql/17/main/pg_hba.conf
+      line: "host all all 0.0.0.0/0 md5"
+      backup: true
+    notify: restart postgresql
+
+  - name: Set postgres user password
+    ansible.builtin.shell: |
+      sudo -u postgres psql -c "ALTER USER postgres PASSWORD '{{ postgres_password }}'"
+    become: true
+
+  - name: Create application database users
+    community.postgresql.postgresql_user:
+      name: "{{ item.user }}"
+      password: "{{ item.password }}"
+      state: present
+      login_user: postgres
+      login_password: "{{ postgres_password }}"
+      login_host: localhost
+    loop:
+      - { user: "{{ arke_db_user }}", password: "{{ arke_db_password }}" }
+      - { user: "{{ openwebui_db_user }}", password: "{{ openwebui_db_password }}" }
+      - { user: "{{ spelunker_db_user }}", password: "{{ spelunker_db_password }}" }
+      # Note: Casdoor uses dedicated PostgreSQL on Titania
+      - { user: "{{ gitea_db_user }}", password: "{{ gitea_db_password }}" }
+      - { user: "{{ lobechat_db_user }}", password: "{{ lobechat_db_password }}" }
+      - { user: "{{ nextcloud_db_user }}", password: "{{ nextcloud_db_password }}" }
+      - { user: "{{ anythingllm_db_user }}", password: "{{ anythingllm_db_password }}" }
+      - { user: "{{ hass_db_user }}", password: "{{ hass_db_password }}" }
+      - { user: "{{ nike_db_user }}", password: "{{ nike_db_password }}" }
+    no_log: true
+
+  - name: Create application databases with owners
+    community.postgresql.postgresql_db:
+      name: "{{ item.name }}"
+      owner: "{{ item.owner }}"
+      state: present
+      login_user: postgres
+      login_password: "{{ postgres_password }}"
+      login_host: localhost
+    loop:
+      - { name: "{{ arke_db_name }}", owner: "{{ arke_db_user }}" }
+      - { name: "{{ openwebui_db_name }}", owner: "{{ openwebui_db_user }}" }
+      - { name: "{{ spelunker_db_name }}", owner: "{{ spelunker_db_user }}" }
+      # Note: Casdoor uses dedicated PostgreSQL on Titania
+      - { name: "{{ gitea_db_name }}", owner: "{{ gitea_db_user }}" }
+      - { name: "{{ lobechat_db_name }}", owner: "{{ lobechat_db_user }}" }
+      - { name: "{{ nextcloud_db_name }}", owner: "{{ nextcloud_db_user }}" }
+      - { name: "{{ anythingllm_db_name }}", owner: "{{ anythingllm_db_user }}" }
+      - { name: "{{ hass_db_name }}", owner: "{{ hass_db_user }}" }
+      - { name: "{{ nike_db_name }}", owner: "{{ nike_db_user }}" }
+
+  - name: Enable pgvector extension in databases
+    community.postgresql.postgresql_ext:
+      name: vector
+      login_db: "{{ item }}"
+      state: present
+      login_user: postgres
+      login_password: "{{ postgres_password }}"
+      login_host: localhost
+    loop:
+      - "{{ arke_db_name }}"
+      - "{{ lobechat_db_name }}"
+      - "{{ openwebui_db_name }}"
+      - "{{ spelunker_db_name }}"
+      - "{{ anythingllm_db_name }}"
+
+  handlers:
+  - name: restart postgresql
+    ansible.builtin.systemd:
+      name: postgresql
+      state: restarted