add pg_hba rules

manifests/server/pghba/pg_hba.pp

@@ -0,0 +1,55 @@
+## postgresql_cd::server::pg_hba.pp
+# Module name: postgresql_cd
+# Author: Arne Teuke (arne_teuke@puppetsoft.com)
+# @summary Class manages pg_hba.conf file and line entries through define
+#   pg_hba_rule.pp
+# @example     postgresql_cd::server::pghba::pg_hba_rule { 'local access for role postgres':
+#      psql_auth_type        => 'local',
+#      psql_auth_database    => 'all',
+#      psql_auth_user        => 'postgres',
+#      psql_auth_method      => 'trust',
+#      psql_auth_order       => '001',
+#      psql_auth_option      => '',
+#    }
+##############################################################################
+class postgresql_cd::server::pghba::pg_hba (
+
+) inherits postgresql_cd::params {
+  if $fqdn == $pl_server_fqdn {
+    # create the pg_hba.conf file
+
+    concat { $pl_pg_hba_conf:
+      ensure => present,
+      owner  => 'postgres',
+      mode   => '0640',
+      notify => Service[$pl_service],
+    }
+
+    # manage file header
+
+    concat::fragment { 'header':
+      target  => $pl_pg_hba_conf,
+      content => template($pl_pg_hba_conf_erb),
+      order   => '000',
+    }
+
+    # manage default rules => should go into  external config set
+#    postgresql_cd::server::pghba::pg_hba_rule { 'local access for role postgres':
+#      psql_auth_type        => 'local',
+#      psql_auth_database    => 'all',
+#      psql_auth_user        => $ql_user_name,
+#      psql_auth_method      => 'trust',
+#      psql_auth_order       => '001',
+#      psql_auth_option      => $ql_auth_option,
+#    }
+
+#    postgresql_cd::server::pghba::pg_hba_rule { 'local access for all roles':
+#      psql_auth_type        => 'local',
+#      psql_auth_database    => 'all',
+#      psql_auth_user        => 'all',
+#      psql_auth_method      => 'trust',
+#      psql_auth_order       => '002',
+#      psql_auth_option      => $pl_auth_option,
+#    }
+  }
+}