aboutsummaryrefslogtreecommitdiffstats
path: root/modules/postgresql/manifests/init.pp
blob: 9b9e3b18e7cd83d9f9e822c4c4d078c5594fc0ce (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
class postgresql {
    
    $pgsql_data = "/var/lib/pgsql/data/"
    $pg_version = '9.0'

    # missing requires is corrected in cooker, 
    # should be removed
    # once the fix is in a stable release 
    package { "postgresql$pg_version-plpgsql":
        alias => "postgresql-plpgsql",
        ensure => installed,
    }

    package { "postgresql$pg_version-server":
        alias => "postgresql-server",
        ensure => installed,
        require => Package['postgresql-plpgsql'],
    }

    service { postgresql:
        ensure => running,
        subscribe => Package["postgresql-server"],
        hasstatus => true,
    }

    exec { "service postgresql reload":
        refreshonly => true,
        subscribe => [ File["postgresql.conf"], 
                       File["pg_ident.conf"],
                       File["pg_hba.conf"] ]
    }

    file { '/etc/pam.d/postgresql':
        ensure => present,
        owner  => root,
        group  => root,
        mode   => 644,
        content => template("postgresql/pam"),
    }

    file { "postgresql.conf":
        path => "$pgsql_data/postgresql.conf",
        ensure => present,
        owner => postgres,
        group => postgres,
        mode => 600,
        content => template("postgresql/postgresql.conf"),
        require => Package["postgresql-server"],
    }
    
    file { 'pg_hba.conf':
        path => "$pgsql_data/pg_hba.conf",
        ensure => present,
        owner => postgres,
        group => postgres,
        mode => 600,
        content => template("postgresql/pg_hba.conf"),
        require => Package["postgresql-server"],
    }

    file { 'pg_ident.conf':
        path => "$pgsql_data/pg_ident.conf",
        ensure => present,
        owner => postgres,
        group => postgres,
        mode => 600,
        content => template("postgresql/pg_ident.conf"),
        require => Package["postgresql-server"],
    }

    define user($password) {
        $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '$password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"

        exec { "psql -U postgres -c \"$sql\" ":
            user => root,
            unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'",
        }
    }
}