/[adm]/puppet/modules/postgresql/manifests/init.pp
ViewVC logotype

Contents of /puppet/modules/postgresql/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 531 - (show annotations) (download)
Tue Dec 7 02:40:31 2010 UTC (9 years, 2 months ago) by misc
File size: 3152 byte(s)
- create the needed certificate for postgresql ( name is hardcoded )
1 class postgresql {
2 class server {
3 $pgsql_data = "/var/lib/pgsql/data/"
4 $pg_version = '9.0'
5
6 # missing requires is corrected in cooker,
7 # should be removed
8 # once the fix is in a stable release
9 package { "postgresql$pg_version-plpgsql":
10 alias => "postgresql-plpgsql",
11 ensure => installed,
12 }
13
14 package { "postgresql$pg_version-server":
15 alias => "postgresql-server",
16 ensure => installed,
17 require => Package['postgresql-plpgsql'],
18 }
19
20 service { postgresql:
21 ensure => running,
22 subscribe => Package["postgresql-server"],
23 hasstatus => true,
24 }
25
26 exec { "service postgresql reload":
27 refreshonly => true,
28 subscribe => [ File["postgresql.conf"],
29 File["pg_ident.conf"],
30 File["pg_hba.conf"] ]
31 }
32
33 openssl::self_signed_splitted_cert { "pgsql.$domain":
34 filename => "server",
35 directory => $pgsql_data,
36 owner => "postgres",
37 group => "postgres",
38 require => Package['postgresql-server']
39 }
40
41
42 file { '/etc/pam.d/postgresql':
43 ensure => present,
44 owner => root,
45 group => root,
46 mode => 644,
47 content => template("postgresql/pam"),
48 }
49
50 file { "postgresql.conf":
51 path => "$pgsql_data/postgresql.conf",
52 ensure => present,
53 owner => postgres,
54 group => postgres,
55 mode => 600,
56 content => template("postgresql/postgresql.conf"),
57 require => Package["postgresql-server"],
58 }
59
60 file { 'pg_hba.conf':
61 path => "$pgsql_data/pg_hba.conf",
62 ensure => present,
63 owner => postgres,
64 group => postgres,
65 mode => 600,
66 content => template("postgresql/pg_hba.conf"),
67 require => Package["postgresql-server"],
68 }
69
70 file { 'pg_ident.conf':
71 path => "$pgsql_data/pg_ident.conf",
72 ensure => present,
73 owner => postgres,
74 group => postgres,
75 mode => 600,
76 content => template("postgresql/pg_ident.conf"),
77 require => Package["postgresql-server"],
78 }
79
80 Postgresql::User <<| |>>
81 Postgresql::Database <<| |>>
82 }
83
84
85 # TODO convert it to a regular type ( so we can later change user and so on )
86 define database($description="", $user="postgres") {
87 exec { "createdb -U postgres $name '$description'":
88 user => root,
89 unless => "psql -l -U postgres | grep '^$name|'",
90 }
91 }
92
93 define user($password) {
94 $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '$password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
95
96 exec { "psql -U postgres -c \"$sql\" ":
97 user => root,
98 unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'",
99 }
100 }
101 }

  ViewVC Help
Powered by ViewVC 1.1.26