/[adm]/puppet/modules/postgresql/manifests/init.pp
ViewVC logotype

Annotation of /puppet/modules/postgresql/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1046 - (hide annotations) (download)
Sat Feb 12 14:03:29 2011 UTC (13 years, 1 month ago) by misc
File size: 3700 byte(s)
- fix ordering, as the exec will fail if postgresql is not running
(errors seen when restarting a vm cloning alamut on kvm)
1 nanardon 55 class postgresql {
2 misc 526 class server {
3     $pgsql_data = "/var/lib/pgsql/data/"
4     $pg_version = '9.0'
5 misc 189
6 misc 526 # missing requires is corrected in cooker,
7     # should be removed
8     # once the fix is in a stable release
9     package { "postgresql$pg_version-plpgsql":
10     alias => "postgresql-plpgsql",
11     ensure => installed,
12     }
13 nanardon 55
14 misc 526 package { "postgresql$pg_version-server":
15     alias => "postgresql-server",
16     ensure => installed,
17     require => Package['postgresql-plpgsql'],
18     }
19    
20     service { postgresql:
21     ensure => running,
22     subscribe => Package["postgresql-server"],
23     hasstatus => true,
24     }
25    
26     exec { "service postgresql reload":
27     refreshonly => true,
28     subscribe => [ File["postgresql.conf"],
29     File["pg_ident.conf"],
30     File["pg_hba.conf"] ]
31     }
32 misc 531
33     openssl::self_signed_splitted_cert { "pgsql.$domain":
34     filename => "server",
35     directory => $pgsql_data,
36     owner => "postgres",
37     group => "postgres",
38     require => Package['postgresql-server']
39     }
40    
41    
42 misc 526 file { '/etc/pam.d/postgresql':
43     ensure => present,
44     owner => root,
45     group => root,
46     mode => 644,
47     content => template("postgresql/pam"),
48     }
49    
50     file { "postgresql.conf":
51     path => "$pgsql_data/postgresql.conf",
52     ensure => present,
53     owner => postgres,
54     group => postgres,
55     mode => 600,
56     content => template("postgresql/postgresql.conf"),
57     require => Package["postgresql-server"],
58     }
59    
60 misc 773 # TODO use augeas to manage this file once augeas 0.7.4 is installed
61     # on our server, as this would allow use to autodeclare database in it without
62     # much trouble
63 misc 526 file { 'pg_hba.conf':
64     path => "$pgsql_data/pg_hba.conf",
65     ensure => present,
66     owner => postgres,
67     group => postgres,
68     mode => 600,
69     content => template("postgresql/pg_hba.conf"),
70     require => Package["postgresql-server"],
71     }
72    
73     file { 'pg_ident.conf':
74     path => "$pgsql_data/pg_ident.conf",
75     ensure => present,
76     owner => postgres,
77     group => postgres,
78     mode => 600,
79     content => template("postgresql/pg_ident.conf"),
80     require => Package["postgresql-server"],
81     }
82 misc 527
83 misc 773 # TODO add a system of tag so we can declare database on more than one
84     # server
85 misc 527 Postgresql::User <<| |>>
86     Postgresql::Database <<| |>>
87 nanardon 55 }
88 nanardon 172
89 misc 524
90 misc 525 # TODO convert it to a regular type ( so we can later change user and so on )
91     define database($description="", $user="postgres") {
92 misc 535 exec { "createdb -O $user -U postgres $name '$description'":
93 misc 525 user => root,
94 misc 536 unless => "psql -A -t -U postgres -l | grep '^$name|'",
95 misc 1046 require => Service['postgresql'],
96 misc 525 }
97     }
98 misc 773
99     # TODO convert to a regular type, so we can later change password without erasing the
100     # current user
101 misc 524 define user($password) {
102 misc 646 $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '\$pass' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
103 misc 524
104     exec { "psql -U postgres -c \"$sql\" ":
105     user => root,
106 misc 646 environment => "pass=$password",
107 misc 524 unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'",
108 misc 1046 require => Service['postgresql'],
109 misc 524 }
110     }
111 nanardon 55 }

  ViewVC Help
Powered by ViewVC 1.1.30