postgresql/manifests/init.pp

class postgresql {
    class server { 
        $pgsql_data = "/var/lib/pgsql/data/"
        $pg_version = '9.0'
    
        # missing requires is corrected in cooker, 
        # should be removed
        # once the fix is in a stable release 
        package { "postgresql$pg_version-plpgsql":
            alias => "postgresql-plpgsql",
            ensure => installed,
        }
    
        package { "postgresql$pg_version-server":
            alias => "postgresql-server",
            ensure => installed,
            require => Package['postgresql-plpgsql'],
        }
    
        service { postgresql:
            ensure => running,
            subscribe => Package["postgresql-server"],
            hasstatus => true,
        }
    
        exec { "service postgresql reload":
            refreshonly => true,
            subscribe => [ File["postgresql.conf"], 
                           File["pg_ident.conf"],
                           File["pg_hba.conf"] ]
        }
   
        openssl::self_signed_splitted_cert { "pgsql.$domain":
            filename => "server",
            directory => $pgsql_data,
            owner => "postgres",
            group => "postgres",
            require => Package['postgresql-server']
        }


        file { '/etc/pam.d/postgresql':
            ensure => present,
            owner  => root,
            group  => root,
            mode   => 644,
            content => template("postgresql/pam"),
        }
    
        file { "postgresql.conf":
            path => "$pgsql_data/postgresql.conf",
            ensure => present,
            owner => postgres,
            group => postgres,
            mode => 600,
            content => template("postgresql/postgresql.conf"),
            require => Package["postgresql-server"],
        }
        
        file { 'pg_hba.conf':
            path => "$pgsql_data/pg_hba.conf",
            ensure => present,
            owner => postgres,
            group => postgres,
            mode => 600,
            content => template("postgresql/pg_hba.conf"),
            require => Package["postgresql-server"],
        }
    
        file { 'pg_ident.conf':
            path => "$pgsql_data/pg_ident.conf",
            ensure => present,
            owner => postgres,
            group => postgres,
            mode => 600,
            content => template("postgresql/pg_ident.conf"),
            require => Package["postgresql-server"],
        }

        Postgresql::User <<| |>>
        Postgresql::Database <<| |>>
    }


    # TODO convert it to a regular type ( so we can later change user and so on )
    define database($description="", $user="postgres") {
        exec { "createdb -U postgres $name '$description'":
            user => root,
            unless => "psql -l -U postgres | grep '^$name|'",
        }
    }

    define user($password) {
        $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '$password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"

        exec { "psql -U postgres -c \"$sql\" ":
            user => root,
            unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'",
        }
    }
}
1	nanardon	55	class postgresql {
2	misc	526	class server {
3			$pgsql_data = "/var/lib/pgsql/data/"
4			$pg_version = '9.0'
5	misc	189
6	misc	526	# missing requires is corrected in cooker,
7			# should be removed
8			# once the fix is in a stable release
9			package { "postgresql$pg_version-plpgsql":
10			alias => "postgresql-plpgsql",
11			ensure => installed,
12			}
13	nanardon	55
14	misc	526	package { "postgresql$pg_version-server":
15			alias => "postgresql-server",
16			ensure => installed,
17			require => Package['postgresql-plpgsql'],
18			}
19
20			service { postgresql:
21			ensure => running,
22			subscribe => Package["postgresql-server"],
23			hasstatus => true,
24			}
25
26			exec { "service postgresql reload":
27			refreshonly => true,
28			subscribe => [ File["postgresql.conf"],
29			File["pg_ident.conf"],
30			File["pg_hba.conf"] ]
31			}
32	misc	531
33			openssl::self_signed_splitted_cert { "pgsql.$domain":
34			filename => "server",
35			directory => $pgsql_data,
36			owner => "postgres",
37			group => "postgres",
38			require => Package['postgresql-server']
39			}
40
41
42	misc	526	file { '/etc/pam.d/postgresql':
43			ensure => present,
44			owner => root,
45			group => root,
46			mode => 644,
47			content => template("postgresql/pam"),
48			}
49
50			file { "postgresql.conf":
51			path => "$pgsql_data/postgresql.conf",
52			ensure => present,
53			owner => postgres,
54			group => postgres,
55			mode => 600,
56			content => template("postgresql/postgresql.conf"),
57			require => Package["postgresql-server"],
58			}
59
60			file { 'pg_hba.conf':
61			path => "$pgsql_data/pg_hba.conf",
62			ensure => present,
63			owner => postgres,
64			group => postgres,
65			mode => 600,
66			content => template("postgresql/pg_hba.conf"),
67			require => Package["postgresql-server"],
68			}
69
70			file { 'pg_ident.conf':
71			path => "$pgsql_data/pg_ident.conf",
72			ensure => present,
73			owner => postgres,
74			group => postgres,
75			mode => 600,
76			content => template("postgresql/pg_ident.conf"),
77			require => Package["postgresql-server"],
78			}
79	misc	527
80			Postgresql::User <<\| \|>>
81			Postgresql::Database <<\| \|>>
82	nanardon	55	}
83	nanardon	172
84	misc	524
85	misc	525	# TODO convert it to a regular type ( so we can later change user and so on )
86			define database($description="", $user="postgres") {
87			exec { "createdb -U postgres $name '$description'":
88			user => root,
89			unless => "psql -l -U postgres \| grep '^$name\|'",
90			}
91			}
92
93	misc	524	define user($password) {
94			$sql = "CREATE ROLE $name ENCRYPTED PASSWORD '$password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
95
96			exec { "psql -U postgres -c \"$sql\" ":
97			user => root,
98			unless => "psql -A -t -U postgres -c '\du $name' \| grep '$name'",
99			}
100			}
101	nanardon	55	}