feat: advance to ubuntu 24.04

.github/workflows/ami-release-nix.yml

@@ -40,8 +40,8 @@ jobs:
         include:
           - runner: arm-runner
             arch: arm64
-            ubuntu_release: focal
-            ubuntu_version: 20.04
+            ubuntu_release: noble
+            ubuntu_version: 24.04
             mcpu: neoverse-n1
     runs-on: ${{ matrix.runner }}
     timeout-minutes: 150
@@ -122,7 +122,7 @@ jobs:
 
       - name: Upload nix flake revision to s3 staging
         run: |
-          aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz
+          aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz
 
       - name: configure aws credentials - prod
         uses: aws-actions/configure-aws-credentials@v4
@@ -141,7 +141,7 @@ jobs:
 
       - name: Upload nix flake revision to s3 prod
         run: |
-          aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz
+          aws s3 cp /tmp/pg_binaries.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz
 
       - name: Create release
         uses: softprops/action-gh-release@v2

.github/workflows/publish-nix-pgupgrade-bin-flake-version.yml

@@ -66,7 +66,7 @@ jobs:
 
       - name: Upload pg_upgrade scripts to s3 staging
         run: |
-          aws s3 cp /tmp/pg_upgrade_bin.tar.gz "s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz"
+          aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz
 
       - name: Slack Notification on Failure
         if: ${{ failure() }}
@@ -113,7 +113,7 @@ jobs:
 
       - name: Upload pg_upgrade scripts to s3 prod
         run: |
-          aws s3 cp /tmp/pg_upgrade_bin.tar.gz "s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/20.04.tar.gz"
+          aws s3 cp /tmp/pg_upgrade_bin.tar.gz s3://${{ secrets.PROD_ARTIFACTS_BUCKET }}/upgrades/postgres/supabase-postgres-${{ steps.process_release_version.outputs.version }}/24.04.tar.gz
 
       - name: Slack Notification on Failure
         if: ${{ failure() }}

.github/workflows/testinfra-nix.yml

@@ -34,8 +34,8 @@ jobs:
         include:
           - runner: arm-runner
             arch: arm64
-            ubuntu_release: focal
-            ubuntu_version: 20.04
+            ubuntu_release: noble
+            ubuntu_version: 24.04
             mcpu: neoverse-n1
     runs-on: ${{ matrix.runner }}    
     timeout-minutes: 150

Dockerfile-15

@@ -38,7 +38,7 @@ ARG index_advisor_release=0.2.0
 ARG supautils_release=2.2.0
 ARG wal_g_release=2.0.1
 
-FROM ubuntu:focal as base
+FROM ubuntu:noble as base
 
 RUN apt update -y && apt install -y \
     curl \

Dockerfile-orioledb-17

@@ -39,7 +39,7 @@ ARG index_advisor_release=0.2.0
 ARG supautils_release=2.2.0
 ARG wal_g_release=3.0.5
 
-FROM ubuntu:focal as base
+FROM ubuntu:noble as base
 
 RUN apt update -y && apt install -y \
     curl \

README.md

@@ -6,7 +6,7 @@ Unmodified Postgres with some useful plugins. Our goal with this repo is not to
 - ✅ Postgres [postgresql-15.8](https://www.postgresql.org/docs/15/index.html)
 - ✅ Postgres [postgresql-17.4](https://www.postgresql.org/docs/17/index.html)
 - ✅ Postgres [orioledb-postgresql-17_5](https://github.com/orioledb/orioledb)
-- ✅ Ubuntu 20.04 (Focal Fossa).
+- ✅ Ubuntu 24.04 (Noble Numbat).
 - ✅ [wal_level](https://www.postgresql.org/docs/current/runtime-config-wal.html) = logical and [max_replication_slots](https://www.postgresql.org/docs/current/runtime-config-replication.html) = 5. Ready for replication.
 - ✅ [Large Systems Extensions](https://github.com/aws/aws-graviton-getting-started#building-for-graviton-and-graviton2). Enabled for ARM images.
 ## Extensions 

amazon-arm64-nix.pkr.hcl

@@ -1,6 +1,6 @@
 variable "ami" {
   type    = string
-  default = "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-*"
+  default = "ubuntu/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-server-*"
 }
 
 variable "profile" {
@@ -115,7 +115,7 @@ source "amazon-ebssurrogate" "source" {
   #secret_key   = "${var.aws_secret_key}"
   force_deregister = var.force-deregister
 
-  # Use latest official ubuntu focal ami owned by Canonical.
+  # Use latest official ubuntu noble ami owned by Canonical.
   source_ami_filter {
     filters = {
       virtualization-type = "hvm"

ansible/files/permission_check.py

@@ -40,7 +40,6 @@
     "backup": [{"groupname": "backup", "username": "backup"}],
     "list": [{"groupname": "list", "username": "list"}],
     "irc": [{"groupname": "irc", "username": "irc"}],
-    "gnats": [{"groupname": "gnats", "username": "gnats"}],
     "nobody": [{"groupname": "nogroup", "username": "nobody"}],
     "systemd-network": [
         {"groupname": "systemd-network", "username": "systemd-network"}
@@ -90,9 +89,6 @@
     ],
     "postgrest": [{"groupname": "postgrest", "username": "postgrest"}],
     "tcpdump": [{"groupname": "tcpdump", "username": "tcpdump"}],
-    "systemd-coredump": [
-        {"groupname": "systemd-coredump", "username": "systemd-coredump"}
-    ],
 }
 
 
@@ -151,6 +147,7 @@ def check_nixbld_users():
 
     print("All nixbld users are in the 'nixbld' group.")
 
+usernames = ["postgres", "ubuntu", "root", "daemon", "bin", "sys", "sync", "games","man","lp","mail","news","uucp","proxy","www-data","backup","list","irc","nobody","systemd-network","systemd-resolve","systemd-timesync","messagebus","ec2-instance-connect","sshd","wal-g","pgbouncer","gotrue","envoy","kong","nginx","vector","adminapi","postgrest","tcpdump"]
 
 def main():
     parser = argparse.ArgumentParser(
@@ -186,7 +183,6 @@ def main():
         "backup",
         "list",
         "irc",
-        "gnats",
         "nobody",
         "systemd-network",
         "systemd-resolve",
@@ -203,7 +199,6 @@ def main():
         "adminapi",
         "postgrest",
         "tcpdump",
-        "systemd-coredump",
     ]
     if not qemu_artifact:
         usernames.append("ec2-instance-connect")

ansible/tasks/setup-postgres.yml

@@ -23,7 +23,7 @@
 
 - name: Postgres - install server
   apt:
-    name: postgresql-{{ postgresql_major }}={{ postgresql_release }}-1.pgdg20.04+1
+    name: postgresql-{{ postgresql_major }}={{ postgresql_release }}-1.pgdg24.04+1
     install_recommends: no
   when: debpkg_mode
 

ansible/tasks/setup-postgrest.yml

@@ -8,7 +8,7 @@
 
 - name: PostgREST - add Postgres PPA
   apt_repository:
-    repo: "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg {{ postgresql_major }}"
+    repo: "deb http://apt.postgresql.org/pub/repos/apt/ noble-pgdg {{ postgresql_major }}"
     state: present
 
 - name: PostgREST - update apt cache
@@ -30,7 +30,7 @@
 
 - name: PostgREST - remove Postgres PPA
   apt_repository:
-    repo: "deb http://apt.postgresql.org/pub/repos/apt/ focal-pgdg {{ postgresql_major }}"
+    repo: "deb http://apt.postgresql.org/pub/repos/apt/ noble-pgdg {{ postgresql_major }}"
     state: absent
 
 - name: postgis - ensure dependencies do not get autoremoved

ansible/tasks/setup-wal-g.yml

@@ -58,7 +58,6 @@
     owner: wal-g
     group: wal-g
     mode: '0664'
-  when: stage2_nix
 
 - name: Move custom wal-g.conf file to /etc/postgresql-custom/wal-g.conf
   template:
@@ -67,7 +66,6 @@
     mode: 0664
     owner: postgres
     group: postgres
-  when: stage2_nix
 
 - name: Add script to be run for restore_command
   template:
@@ -76,15 +74,13 @@
     mode: 0500
     owner: postgres
     group: postgres
-  when: stage2_nix
 
 - name: Add helper script for wal_fetch.sh
   template:
     src: "files/walg_helper_scripts/wal_change_ownership.sh"
     dest: /root/wal_change_ownership.sh
     mode: 0700
     owner: root
-  when: stage2_nix
 
 - name: Include /etc/postgresql-custom/wal-g.conf in postgresql.conf
   become: yes

ansible/vars.yml

@@ -9,9 +9,9 @@ postgres_major:
 
 # Full version strings for each major version
 postgres_release:
-  postgresorioledb-17: "17.0.1.59-orioledb"
-  postgres17: "17.4.1.009"
-  postgres15: "15.8.1.066"
+  postgresorioledb-17: "17.0.1.58-orioledb-noble-1"
+  postgres17: "17.4.1.008-noble-1"
+  postgres15: "15.8.1.065-noble-1"
 
 # Non Postgres Extensions
 pgbouncer_release: "1.19.0"
@@ -31,16 +31,16 @@ aws_cli_release: "2.23.11"
 
 salt_minion_version: 3007
 
-golang_version: "1.19.3"
+golang_version: "1.22.11"
 golang_version_checksum:
-  arm64: sha256:99de2fe112a52ab748fb175edea64b313a0c8d51d6157dba683a6be163fd5eab
-  amd64: sha256:74b9640724fd4e6bb0ed2a1bc44ae813a03f1e72a4c76253e2d5c015494430ba
+  arm64: sha256:9ebfcab26801fa4cf0627c6439db7a4da4d3c6766142a3dd83508240e4f21031
+  amd64: sha256:0fc88d966d33896384fbde56e9a8d80a305dc17a9f48f1832e061724b1719991
 
 envoy_release: 1.28.0
 envoy_release_checksum: sha1:b0a06e9cfb170f1993f369beaa5aa9d7ec679ce5
 envoy_hot_restarter_release_checksum: sha1:6d43b89d266fb2427a4b51756b649883b0617eda
 
-kong_release_target: focal # if it works, it works
+kong_release_target: focal
 kong_deb: kong_2.8.1_arm64.deb
 kong_deb_checksum: sha1:2086f6ccf8454fe64435252fea4d29d736d7ec61
 

docker/Dockerfile

@@ -1,8 +1,8 @@
-ARG ubuntu_release=focal
+ARG ubuntu_release=noble
 FROM ubuntu:${ubuntu_release} as base
 
 ARG ubuntu_release=flocal
-ARG ubuntu_release_no=20.04
+ARG ubuntu_release_no=24.04
 ARG postgresql_major=15
 ARG postgresql_release=${postgresql_major}.1
 

ebssurrogate/files/sources-arm64.cfg

@@ -1,10 +1,10 @@
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal main restricted
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates main restricted
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal universe
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates universe
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal multiverse
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-updates multiverse
-deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ focal-backports main restricted universe multiverse
-deb http://ports.ubuntu.com/ubuntu-ports focal-security main restricted
-deb http://ports.ubuntu.com/ubuntu-ports focal-security universe
-deb http://ports.ubuntu.com/ubuntu-ports focal-security multiverse
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble main restricted
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble universe
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates universe
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble multiverse
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-updates multiverse
+deb http://REGION.clouds.ports.ubuntu.com/ubuntu-ports/ noble-backports main restricted universe multiverse
+deb http://ports.ubuntu.com/ubuntu-ports noble-security main restricted
+deb http://ports.ubuntu.com/ubuntu-ports noble-security universe
+deb http://ports.ubuntu.com/ubuntu-ports noble-security multiverse

ebssurrogate/files/sources.cfg

@@ -1,10 +1,10 @@
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal main restricted
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates main restricted
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal universe
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates universe
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal multiverse
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-updates multiverse
-deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse
-deb http://security.ubuntu.com/ubuntu focal-security main restricted
-deb http://security.ubuntu.com/ubuntu focal-security universe
-deb http://security.ubuntu.com/ubuntu focal-security multiverse
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble main restricted
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates main restricted
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble universe
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates universe
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble multiverse
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-updates multiverse
+deb http://REGION.ec2.archive.ubuntu.com/ubuntu/ noble-backports main restricted universe multiverse
+deb http://security.ubuntu.com/ubuntu noble-security main restricted
+deb http://security.ubuntu.com/ubuntu noble-security universe
+deb http://security.ubuntu.com/ubuntu noble-security multiverse

ebssurrogate/scripts/chroot-bootstrap-nix.sh

@@ -58,7 +58,7 @@ function update_install_packages {
 	apt-get upgrade -y
 
 	# Install OpenSSH and other packages
-	sudo add-apt-repository universe
+	sudo add-apt-repository --yes universe
 	apt-get update
 	apt-get install -y --no-install-recommends \
 		openssh-server \
@@ -157,10 +157,19 @@ function disable_fsck {
 
 # Don't request hostname during boot but set hostname
 function setup_hostname {
-	sed -i 's/gethostname()/ubuntu /g' /etc/dhcp/dhclient.conf
-	sed -i 's/host-name,//g' /etc/dhcp/dhclient.conf
+	# Set the static hostname
 	echo "ubuntu" > /etc/hostname
 	chmod 644 /etc/hostname
+	# Update netplan configuration to not send hostname
+	cat << EOF > /etc/netplan/01-hostname.yaml
+network:
+  version: 2
+  ethernets:
+    eth0:
+      dhcp4: true
+      dhcp4-overrides:
+        send-hostname: false
+EOF
 }
 
 # Set options for the default interface

ebssurrogate/scripts/surrogate-bootstrap-nix.sh

@@ -148,7 +148,7 @@ EOF
 }
 
 function setup_chroot_environment {
-	UBUNTU_VERSION=$(lsb_release -cs) # 'focal' for Ubuntu 20.04
+	UBUNTU_VERSION=$(lsb_release -cs) # 'noble' for Ubuntu 24.04
 
 	# Bootstrap Ubuntu into /mnt
 	debootstrap --arch ${ARCH} --variant=minbase "$UBUNTU_VERSION" /mnt

nix/tools/update_readme.nu

@@ -153,7 +153,7 @@ def update_readme [] {
     # Update Primary Features section
     let features_content = [
         ($pg_versions | each {|version| create_version_link $version} | str join "\n")
-        "- ✅ Ubuntu 20.04 (Focal Fossa)."
+        "- ✅ Ubuntu 24.04 (Noble Numbat)."
         "- ✅ [wal_level](https://www.postgresql.org/docs/current/runtime-config-wal.html) = logical and [max_replication_slots](https://www.postgresql.org/docs/current/runtime-config-replication.html) = 5. Ready for replication."
         "- ✅ [Large Systems Extensions](https://github.com/aws/aws-graviton-getting-started#building-for-graviton-and-graviton2). Enabled for ARM images."
     ]

scripts/90-cleanup.sh

@@ -24,10 +24,8 @@ elif [ -n "$(command -v apt-get)" ]; then
  	autoconf \
 	autotools-dev \
  	cmake-data \
-	cpp-8  \
 	cpp-9  \
 	cpp-10  \
-	gcc-8  \
 	gcc-9  \
 	gcc-10  \
 	git  \
@@ -36,14 +34,12 @@ elif [ -n "$(command -v apt-get)" ]; then
 	libicu-dev \
 	libcgal-dev \
 	libgcc-9-dev \
-	libgcc-8-dev \
  	ansible
 
   add-apt-repository --yes --remove ppa:ansible/ansible
 
   source /etc/os-release
-  apt-get -y remove --purge linux-headers-5.11.0-1021-aws
-
+
   apt-get -y update
   apt-get -y upgrade
   apt-get -y autoremove

scripts/99-img_check.sh

@@ -569,7 +569,7 @@ osv=0
 
 if [[ $OS == "Ubuntu" ]]; then
         ost=1
-    if [[ $VER == "20.04" ]]; then
+    if [[ $VER == "24.04" ]]; then
         osv=1
     elif [[ $VER == "18.04" ]]; then
         osv=1

testinfra/README.md

@@ -32,8 +32,8 @@ for layer in /tmp/extensions/*/layer.tar; do
   tar xvf "$layer" -C ansible/files/extensions --strip-components 1
 done
 docker buildx build \
-  --build-arg ubuntu_release=focal \
-  --build-arg ubuntu_release_no=20.04 \
+  --build-arg ubuntu_release=noble \
+  --build-arg ubuntu_release_no=24.04 \
   --build-arg postgresql_major=15 \
   --build-arg postgresql_release=15.1 \
   --build-arg CPPFLAGS=-mcpu=neoverse-n1 \