blob: b70dd1225f16783671fdc0c18c9042b19d29a330 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
# TODO convert to a regular type, so we can later change password
# without erasing the current user
define postgresql::user($password) {
$sql = "CREATE ROLE $name ENCRYPTED PASSWORD '\$pass' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
exec { "psql -U postgres -c \"$sql\" ":
user => 'root',
# do not leak the password on commandline
environment => "pass=$password",
unless => "psql -A -t -U postgres -c '\\du $name' | grep '$name'",
require => Service['postgresql'],
}
}
|