diff options
| -rw-r--r-- | modules/postgresql/manifests/init.pp | 12 | ||||
| -rw-r--r-- | modules/postgresql/templates/pam | 5 | ||||
| -rw-r--r-- | modules/postgresql/templates/pg_hba.conf | 9 | ||||
| -rw-r--r-- | modules/postgresql/templates/postgresql.conf | 2 |
4 files changed, 23 insertions, 5 deletions
diff --git a/modules/postgresql/manifests/init.pp b/modules/postgresql/manifests/init.pp index e7e4fff8..c93da034 100644 --- a/modules/postgresql/manifests/init.pp +++ b/modules/postgresql/manifests/init.pp @@ -7,11 +7,19 @@ class postgresql { restart => "/etc/rc.d/init.d/postgresql reload" } + file { '/etc/pam.d/postgresql': + ensure => present, + owner => root, + group => root, + mode => 644, + content => template("postgresql/pam"), + } + file { '/var/lib/pgsql/data/postgresql.conf': ensure => present, owner => postgres, group => postgres, - mode => 644, + mode => 600, content => template("postgresql/postgresql.conf"), require => Package["postgresql9.0-server"], notify => [Service['postgresql']] @@ -21,7 +29,7 @@ class postgresql { ensure => present, owner => postgres, group => postgres, - mode => 644, + mode => 600, content => template("postgresql/pg_hba.conf"), require => Package["postgresql9.0-server"], notify => [Service['postgresql']] diff --git a/modules/postgresql/templates/pam b/modules/postgresql/templates/pam new file mode 100644 index 00000000..fcb7a466 --- /dev/null +++ b/modules/postgresql/templates/pam @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth include system-auth +account include system-auth +password include system-auth +session include system-auth diff --git a/modules/postgresql/templates/pg_hba.conf b/modules/postgresql/templates/pg_hba.conf index 60c9d958..fa53ba31 100644 --- a/modules/postgresql/templates/pg_hba.conf +++ b/modules/postgresql/templates/pg_hba.conf @@ -77,8 +77,11 @@ # TYPE DATABASE USER CIDR-ADDRESS METHOD # "local" is for Unix domain socket connections only -local all all trust +local all all ident # IPv4 local connections: -host all all 127.0.0.1/32 trust +host all all 127.0.0.1/32 pam # IPv6 local connections: -host all all ::1/128 trust +host all all ::1/128 pam + +host all all 0.0.0.0/0 pam +host all all ::0/0 pam diff --git a/modules/postgresql/templates/postgresql.conf b/modules/postgresql/templates/postgresql.conf index 76ae3eeb..aee8261a 100644 --- a/modules/postgresql/templates/postgresql.conf +++ b/modules/postgresql/templates/postgresql.conf @@ -57,6 +57,7 @@ # - Connection Settings - #listen_addresses = 'localhost' # what IP address(es) to listen on; +listen_addresses = * # comma-separated list of addresses; # defaults to 'localhost', '*' = all # (change requires restart) @@ -73,6 +74,7 @@ max_connections = 100 # (change requires restart) # (change requires restart) #bonjour_name = '' # defaults to the computer name # (change requires restart) +bonjour_name = 'Magiea\'s Postgresql server' # - Security and Authentication - |