From fe9420d8b94ae47eacc076823608bfd0ca94d3be Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 16 Oct 2025 13:27:57 -0400 Subject: [PATCH 1/3] fix: fine tune protection rules to unblock wal-g functionality --- ansible/files/postgresql_config/postgresql.service.j2 | 5 ++--- ansible/vars.yml | 6 +++--- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/ansible/files/postgresql_config/postgresql.service.j2 b/ansible/files/postgresql_config/postgresql.service.j2 index 30bbd5f6d..efb52f18e 100644 --- a/ansible/files/postgresql_config/postgresql.service.j2 +++ b/ansible/files/postgresql_config/postgresql.service.j2 @@ -22,9 +22,8 @@ OOMScoreAdjust=-1000 EnvironmentFile=-/etc/environment.d/postgresql.env LimitNOFILE=16384 {% if supabase_internal is defined %} -ProtectHome=yes -ReadOnlyPaths=/etc /opt -InaccessiblePaths=-/var/lib/supabase -/var/lib/supabase-admin-agent -/var/lib/cloud -/var/cache/supabase-admin-agent -/opt/saltstack -/etc/salt +ReadOnlyPaths=/etc +InaccessiblePaths=/root -/var/lib/supabase -/var/lib/supabase-admin-agent -/var/cache/supabase-admin-agent -/opt/saltstack -/etc/salt {% endif %} [Install] WantedBy=multi-user.target diff --git a/ansible/vars.yml b/ansible/vars.yml index a6b0f4e2f..e645c7f17 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -10,9 +10,9 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.5.1.044-orioledb" - postgres17: "17.6.1.023" - postgres15: "15.14.1.023" + postgresorioledb-17: "17.5.1.044-orioledb-rules-1" + postgres17: "17.6.1.023-rules-1" + postgres15: "15.14.1.023-rules-1" # Non Postgres Extensions pgbouncer_release: 1.19.0 From e3b3fd93adef877ca14828b317757bfeb099015c Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 16 Oct 2025 15:39:10 -0400 Subject: [PATCH 2/3] chore: bump suffix --- ansible/vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/vars.yml b/ansible/vars.yml index e645c7f17..e64b3d6bf 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -10,9 +10,9 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.5.1.044-orioledb-rules-1" - postgres17: "17.6.1.023-rules-1" - postgres15: "15.14.1.023-rules-1" + postgresorioledb-17: "17.5.1.044-orioledb-rules-2" + postgres17: "17.6.1.023-rules-2" + postgres15: "15.14.1.023-rules-2" # Non Postgres Extensions pgbouncer_release: 1.19.0 From ce77ed2ac33117813138d3e8fe6e091bdb53963c Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Fri, 17 Oct 2025 05:57:41 -0400 Subject: [PATCH 3/3] chore: bump to release --- ansible/vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/vars.yml b/ansible/vars.yml index e64b3d6bf..027e02ea8 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -10,9 +10,9 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.5.1.044-orioledb-rules-2" - postgres17: "17.6.1.023-rules-2" - postgres15: "15.14.1.023-rules-2" + postgresorioledb-17: "17.5.1.045-orioledb" + postgres17: "17.6.1.024" + postgres15: "15.14.1.024" # Non Postgres Extensions pgbouncer_release: 1.19.0