blob: 5b73b243944dde2ed8861bd88fed98728975d620 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
# TODO convert to a regular type, so we can later change password
# without erasing the current user
define postgresql::user($password) {
$sql = "CREATE ROLE ${name} ENCRYPTED PASSWORD '\${pass}' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
exec { "psql -U postgres -c \"${sql}\" ":
user => 'root',
# do not leak the password on commandline
environment => "pass=${password}",
unless => "psql -A -t -U postgres -c '\\du ${name}' | grep '${name}'",
require => Service['postgresql'],
}
}
|
