1 |
class postgresql { |
2 |
|
3 |
$pgsql_data = "/var/lib/pgsql/data/" |
4 |
$pg_version = '9.0' |
5 |
|
6 |
# missing requires is corrected in cooker, |
7 |
# should be removed |
8 |
# once the fix is in a stable release |
9 |
package { "postgresql$pg_version-plpgsql": |
10 |
alias => "postgresql-plpgsql", |
11 |
ensure => installed, |
12 |
} |
13 |
|
14 |
package { "postgresql$pg_version-server": |
15 |
alias => "postgresql-server", |
16 |
ensure => installed, |
17 |
require => Package['postgresql-plpgsql'], |
18 |
} |
19 |
|
20 |
service { postgresql: |
21 |
ensure => running, |
22 |
subscribe => Package["postgresql-server"], |
23 |
hasstatus => true, |
24 |
} |
25 |
|
26 |
exec { "service postgresql reload": |
27 |
refreshonly => true, |
28 |
subscribe => [ File["postgresql.conf"], |
29 |
File["pg_ident.conf"], |
30 |
File["pg_hba.conf"] ] |
31 |
} |
32 |
|
33 |
file { '/etc/pam.d/postgresql': |
34 |
ensure => present, |
35 |
owner => root, |
36 |
group => root, |
37 |
mode => 644, |
38 |
content => template("postgresql/pam"), |
39 |
} |
40 |
|
41 |
file { "postgresql.conf": |
42 |
path => "$pgsql_data/postgresql.conf", |
43 |
ensure => present, |
44 |
owner => postgres, |
45 |
group => postgres, |
46 |
mode => 600, |
47 |
content => template("postgresql/postgresql.conf"), |
48 |
require => Package["postgresql-server"], |
49 |
} |
50 |
|
51 |
file { 'pg_hba.conf': |
52 |
path => "$pgsql_data/pg_hba.conf", |
53 |
ensure => present, |
54 |
owner => postgres, |
55 |
group => postgres, |
56 |
mode => 600, |
57 |
content => template("postgresql/pg_hba.conf"), |
58 |
require => Package["postgresql-server"], |
59 |
} |
60 |
|
61 |
file { 'pg_ident.conf': |
62 |
path => "$pgsql_data/pg_ident.conf", |
63 |
ensure => present, |
64 |
owner => postgres, |
65 |
group => postgres, |
66 |
mode => 600, |
67 |
content => template("postgresql/pg_ident.conf"), |
68 |
require => Package["postgresql-server"], |
69 |
} |
70 |
|
71 |
define user($password) { |
72 |
$sql = "CREATE ROLE $name ENCRYPTED PASSWORD '$password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;" |
73 |
|
74 |
exec { "psql -U postgres -c \"$sql\" ": |
75 |
user => root, |
76 |
unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'", |
77 |
} |
78 |
} |
79 |
} |