1 |
nanardon |
55 |
class postgresql { |
2 |
misc |
526 |
class server { |
3 |
|
|
$pgsql_data = "/var/lib/pgsql/data/" |
4 |
|
|
$pg_version = '9.0' |
5 |
misc |
189 |
|
6 |
misc |
526 |
# missing requires is corrected in cooker, |
7 |
|
|
# should be removed |
8 |
|
|
# once the fix is in a stable release |
9 |
|
|
package { "postgresql$pg_version-plpgsql": |
10 |
|
|
alias => "postgresql-plpgsql", |
11 |
|
|
ensure => installed, |
12 |
|
|
} |
13 |
nanardon |
55 |
|
14 |
misc |
526 |
package { "postgresql$pg_version-server": |
15 |
|
|
alias => "postgresql-server", |
16 |
|
|
ensure => installed, |
17 |
|
|
require => Package['postgresql-plpgsql'], |
18 |
|
|
} |
19 |
|
|
|
20 |
|
|
service { postgresql: |
21 |
|
|
ensure => running, |
22 |
|
|
subscribe => Package["postgresql-server"], |
23 |
|
|
hasstatus => true, |
24 |
|
|
} |
25 |
|
|
|
26 |
|
|
exec { "service postgresql reload": |
27 |
|
|
refreshonly => true, |
28 |
|
|
subscribe => [ File["postgresql.conf"], |
29 |
|
|
File["pg_ident.conf"], |
30 |
|
|
File["pg_hba.conf"] ] |
31 |
|
|
} |
32 |
misc |
531 |
|
33 |
|
|
openssl::self_signed_splitted_cert { "pgsql.$domain": |
34 |
|
|
filename => "server", |
35 |
|
|
directory => $pgsql_data, |
36 |
|
|
owner => "postgres", |
37 |
|
|
group => "postgres", |
38 |
|
|
require => Package['postgresql-server'] |
39 |
|
|
} |
40 |
|
|
|
41 |
|
|
|
42 |
misc |
526 |
file { '/etc/pam.d/postgresql': |
43 |
|
|
ensure => present, |
44 |
|
|
owner => root, |
45 |
|
|
group => root, |
46 |
|
|
mode => 644, |
47 |
|
|
content => template("postgresql/pam"), |
48 |
|
|
} |
49 |
|
|
|
50 |
|
|
file { "postgresql.conf": |
51 |
|
|
path => "$pgsql_data/postgresql.conf", |
52 |
|
|
ensure => present, |
53 |
|
|
owner => postgres, |
54 |
|
|
group => postgres, |
55 |
|
|
mode => 600, |
56 |
|
|
content => template("postgresql/postgresql.conf"), |
57 |
|
|
require => Package["postgresql-server"], |
58 |
|
|
} |
59 |
|
|
|
60 |
misc |
773 |
# TODO use augeas to manage this file once augeas 0.7.4 is installed |
61 |
|
|
# on our server, as this would allow use to autodeclare database in it without |
62 |
|
|
# much trouble |
63 |
misc |
526 |
file { 'pg_hba.conf': |
64 |
|
|
path => "$pgsql_data/pg_hba.conf", |
65 |
|
|
ensure => present, |
66 |
|
|
owner => postgres, |
67 |
|
|
group => postgres, |
68 |
|
|
mode => 600, |
69 |
|
|
content => template("postgresql/pg_hba.conf"), |
70 |
|
|
require => Package["postgresql-server"], |
71 |
|
|
} |
72 |
|
|
|
73 |
|
|
file { 'pg_ident.conf': |
74 |
|
|
path => "$pgsql_data/pg_ident.conf", |
75 |
|
|
ensure => present, |
76 |
|
|
owner => postgres, |
77 |
|
|
group => postgres, |
78 |
|
|
mode => 600, |
79 |
|
|
content => template("postgresql/pg_ident.conf"), |
80 |
|
|
require => Package["postgresql-server"], |
81 |
|
|
} |
82 |
misc |
527 |
|
83 |
misc |
773 |
# TODO add a system of tag so we can declare database on more than one |
84 |
|
|
# server |
85 |
misc |
527 |
Postgresql::User <<| |>> |
86 |
|
|
Postgresql::Database <<| |>> |
87 |
nanardon |
55 |
} |
88 |
nanardon |
172 |
|
89 |
misc |
524 |
|
90 |
misc |
525 |
# TODO convert it to a regular type ( so we can later change user and so on ) |
91 |
|
|
define database($description="", $user="postgres") { |
92 |
misc |
535 |
exec { "createdb -O $user -U postgres $name '$description'": |
93 |
misc |
525 |
user => root, |
94 |
misc |
536 |
unless => "psql -A -t -U postgres -l | grep '^$name|'", |
95 |
misc |
1046 |
require => Service['postgresql'], |
96 |
misc |
525 |
} |
97 |
|
|
} |
98 |
misc |
773 |
|
99 |
|
|
# TODO convert to a regular type, so we can later change password without erasing the |
100 |
|
|
# current user |
101 |
misc |
524 |
define user($password) { |
102 |
misc |
646 |
$sql = "CREATE ROLE $name ENCRYPTED PASSWORD '\$pass' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;" |
103 |
misc |
524 |
|
104 |
|
|
exec { "psql -U postgres -c \"$sql\" ": |
105 |
|
|
user => root, |
106 |
misc |
646 |
environment => "pass=$password", |
107 |
misc |
524 |
unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'", |
108 |
misc |
1046 |
require => Service['postgresql'], |
109 |
misc |
524 |
} |
110 |
|
|
} |
111 |
nanardon |
55 |
} |