add bouncer

2025-12-05 13:06:10 +01:00
parent 9df1304812
commit c4fcffcb40
20 changed files with 119 additions and 16 deletions
--- a/manifests/bouncer/bouncer.pp
+++ b/manifests/bouncer/bouncer.pp
@@ -0,0 +1,26 @@
+## confdroid_postgresql::bouncer::bouncer.pp
+# Module name: confdroid_postgresql
+# Author: Arne Teuke (12ww1160@confdroid.com)
+# @summary Class manages the pgbouncer service
+###############################################################################
+class confdroid_postgresql::bouncer::bouncer (
+
+) inherits confdroid_postgresql::params {
+  if ($fqdn == $pl_server_fqdn) and ($pl_use_pg_bouncer == true) {
+    # create the pgbouncer.ini file
+
+    concat { $pl_bouncer_ini_file:
+      ensure => present,
+      owner  => 'postgres',
+      mode   => '0600',
+      notify => Service[$pl_service],
+    }
+
+    # manage file header
+    concat::fragment { 'header':
+      target  => $pl_bouncer_ini_file,
+      content => template($pl_bouncer_ini_erb),
+      order   => '000',
+    }
+  }
+}
--- a/manifests/bouncer/bouncer_rule.pp
+++ b/manifests/bouncer/bouncer_rule.pp
@@ -0,0 +1,26 @@
+# confdroid_postgresql::bouncer::rule.pp
+# Module name: confdroid_postgresql
+# Author: Arne Teuke (12ww1160@confdroid.com)
+# @summary define manages rule entries for bouncer rules
+# @see https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html
+# @param [String] pl_bouncer_db_name db name for the bouncer rule
+# @param [String] pl_bouncer_host IP of the db host to bounce to
+# @param [String] pl_bouncer_port port of the db host to bounce to
+##############################################################################
+define confdroid_postgresql::bouncer::rule (
+
+  String $pl_bouncer_db_name  = undef,
+  String $pl_bouncer_host     = '127.0.0.1',
+  String $pl_bouncer_port     = '5432',
+  String $pl_bounce_order     = undef,
+
+) {
+  $pl_bouncer_ini_file    = $confdroid_postgresql::params::pl_bouncer_ini_file
+  $pl_bouncer_ini_erb     = $confdroid_postgresql::params::pl_bouncer_ini_erb
+
+  concat::fragment { "pl_bouncer_rule_${name}":
+    target  => $pl_bouncer_ini_file,
+    content => template($pl_bouncer_ini_erb),
+    order   => $pl_bounce_order,
+  }
+}
--- a/manifests/bouncer/service.pp
+++ b/manifests/bouncer/service.pp
@@ -0,0 +1,18 @@
+## confdroid_postgresql::bouncer::service.pp
+# Module name: confdroid_postgresql
+# Author: Arne Teuke (12ww1160@confdroid.com)
+# @summary Class manages the pgbouncer service
+###############################################################################
+class confdroid_postgresql::bouncer::service (
+
+) inherits confdroid_postgresql::params {
+  if ($fqdn == $pl_server_fqdn) and ($pl_use_pg_bouncer == true) {
+    require confdroid_postgresql::bouncer::bouncer
+    service { $pl_bouncer_service:
+      ensure     => running,
+      hasstatus  => true,
+      hasrestart => true,
+      enable     => true,
+    }
+  }
+}
--- a/manifests/exporter/dirs.pp
+++ b/manifests/exporter/dirs.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::exporter::dirs.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages the postgresql exporter dirs
 ###############################################################################
 class confdroid_postgresql::exporter::dirs (
--- a/manifests/exporter/files.pp
+++ b/manifests/exporter/files.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::exporter::files.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages the postgresql  exporter files
 ###############################################################################
 class confdroid_postgresql::exporter::files (
--- a/manifests/exporter/service.pp
+++ b/manifests/exporter/service.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::exporter::service.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages the postgresql exporter service
 ###############################################################################
 class confdroid_postgresql::exporter::service (
--- a/manifests/firewall/iptables.pp
+++ b/manifests/firewall/iptables.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::firewall::iptables.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages the alloy iptables
 ###############################################################################
 class confdroid_postgresql::firewall::iptables (
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::init.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class initializes the confdroid_postgresql module.
 ##############################################################################
 class confdroid_postgresql {
--- a/manifests/main/config.pp
+++ b/manifests/main/config.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::main::config.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages logic for the confdroid_postgresql module.
 ##############################################################################
 class confdroid_postgresql::main::config (
@@ -12,6 +12,9 @@ class confdroid_postgresql::main::config (
    include confdroid_postgresql::server::service
 #    if $pl_use_exporter == true {
 #      include confdroid_postgresql::exporter::service
+#    }
+#    if $pl_use_pg_bouncer == true {
+#      include confdroid_postgresql::bouncer::service
 #    }
  }
 }
--- a/manifests/main/dirs.pp
+++ b/manifests/main/dirs.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::main::dirs.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages logic for the confdroid_postgresql module.
 ##############################################################################
 class confdroid_postgresql::main::dirs (
--- a/manifests/main/files.pp
+++ b/manifests/main/files.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::main::files.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages logic for the confdroid_postgresql module.
 ##############################################################################
 class confdroid_postgresql::main::files (
--- a/manifests/main/install.pp
+++ b/manifests/main/install.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::main::install.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages logic for the confdroid_postgresql module.
 ##############################################################################
 class confdroid_postgresql::main::install (
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,12 +1,13 @@
 ## confdroid_postgresql::params.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class contains all parameters for the confdroid_postgresql module.
 # @param [String] pl_server_fqdn the fqdn of the postgresql server. Any other
 #   system will be configured as client
 # @param [Array] reqpackages_server the packages for the server
 # @param [String] reqpackages_extensions the packages for extensions
 # @param [String] reqpackages_client the packages for the client
+# @param [String] reqpackages_bouncer the packages for the bouncer
 # @param [String] pkg_ensure which version of the packages to install, i.e.
 #   'latest', 'present' '13.20',
 # @param [String] pl_fw_rule_order the prefix for the firewall rule
@@ -26,6 +27,13 @@
 # @param [String] pl_install_dir  the path for the postgres-exporter files
 # @param [String] pl_idle_timeout  idle_in_transaction_session_timeout
 # @param [Boolean] pl_use_pg_bouncer whether to use the pc_bouncer
+# @param [String] pl_bouncer_listen_addr bouncer listen address
+# @param [String] pl_bouncer_port bouncer listen port
+# @param [String] pl_bouncer_auth_file bouncer auth file
+# @param [String] pl_bouncer_auth_mode bouncer auth mode
+# @param [String] pl_bouncer_pool_mode bouncer pool mode
+# @param [String] pl_bouncer_mx_cl_conn bouncer max client connections
+# @param [String] pl_bouncer_pool_size bouncer default pool size
 ##############################################################################
 class confdroid_postgresql::params (

@@ -62,6 +70,13 @@ class confdroid_postgresql::params (

  # pg bouncer
  Boolean $pl_use_pg_bouncer      = false,
+  String $pl_bouncer_listen_addr  = '0.0.0.0',
+  String $pl_bouncer_port         = '6432',
+  String $pl_bouncer_auth_file    = '/etc/pgbouncer/userlist.txt',
+  String $pl_bouncer_auth_mode    = 'md5',
+  String $pl_bouncer_pool_mode    = 'transaction',
+  String $pl_bouncer_mx_cl_conn   = '100',
+  String $pl_bouncer_pool_size    = '20',

 ) {
  $fqdn                     = $facts['networking']['fqdn']
@@ -76,10 +91,13 @@ class confdroid_postgresql::params (
  $pl_pg_hba_conf           = "${pl_data_dir}/pg_hba.conf"
  $pl_pg_hba_rule_conf      = 'confdroid_postgresql/server/pghba/pg_hba_rule.conf.erb'
  $pl_pg_hba_conf_erb       = 'confdroid_postgresql/server/pghba/pg_hba.conf.erb'
+  $pl_bouncer_ini_file     = '/etc/pgbouncer/pgbouncer.ini',
+  $pl_bouncer_ini_erb       = 'confdroid_postgresql/server/bouncer/pgbouncer.ini.erb'

  # Service
  $pl_service               = 'postgresql'
  $pl_exporter_service      = 'postgres_exporter'
+  $pl_bouncer_service       = 'pgbouncer'

  # includes must be last
  include confdroid_postgresql::main::config
--- a/manifests/server/databases/db_df.pp
+++ b/manifests/server/databases/db_df.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::server::databases::db_df
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com.com)
+# Author: Arne Teuke (12ww1160@confdroid.com.com)
 # @summary define manages databases
 # @see https://www.postgresql.org/docs/9.6/static/managing-databases.html
 # @param [String] pl_db_name the name of the database to be created.
--- a/manifests/server/initdb.pp
+++ b/manifests/server/initdb.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::server::initdb.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class initiates the database
 ###############################################################################
 class confdroid_postgresql::server::initdb (
--- a/manifests/server/pghba/pg_hba_rule.pp
+++ b/manifests/server/pghba/pg_hba_rule.pp
@@ -1,13 +1,13 @@
 ## confdroid_postgresql::server::pghba::pg_hba_rule
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary define manages rule entries for pg_hba configuration file
 # @see https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html
 # @param [string] pl_auth_type  Specify the authentication type, can be
 #   'local', 'host', 'hostssl' or 'hostnossl'.
 # @param [string] pl_auth_database Specify the database for the connection
 # @param [string] pl_auth_user Specify the user for the connection
-# @param [string] pl_auth_address SPecify IP address or FQDN for the
+# @param [string] pl_auth_address Specify IP address or FQDN for the
 #   connection, i.e. where to connect FROM.
 # @param [string] pl_auth_method  Specify the auth method, can be 'trust',
 #   'reject', 'md5' , 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap',
--- a/manifests/server/roles/role_df.pp
+++ b/manifests/server/roles/role_df.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::server::roles::role_df
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)

 # @summary define manages databases
 # @see https://www.postgresql.org/docs/9.6/static/managing-databases.html
--- a/manifests/server/service.pp
+++ b/manifests/server/service.pp
@@ -1,6 +1,6 @@
 ## confdroid_postgresql::server::service.pp
 # Module name: confdroid_postgresql
-# Author: Arne Teuke (arne_teuke@confdroid.com)
+# Author: Arne Teuke (12ww1160@confdroid.com)
 # @summary Class manages the postgresql service
 ###############################################################################
 class confdroid_postgresql::server::service (
--- a/templates/server/bouncer/bouncer_rule.erb
+++ b/templates/server/bouncer/bouncer_rule.erb
@@ -0,0 +1 @@
+<%= @bouncer_db_name %> = host=<%= @bouncer_host %> port=<%= @db_host_port %> dbname=<%= @bouncer_db_name %>
--- a/templates/server/bouncer/pgbouncer.ini.erb
+++ b/templates/server/bouncer/pgbouncer.ini.erb
@@ -0,0 +1,11 @@
+[pgbouncer]
+listen_addr = <%= @pl_bouncer_listen_addr %>
+listen_port = <%= @pl_bouncer_port %>
+auth_type = <%= @pl_bouncer_auth_mode %>
+auth_file = <%= @pl_bouncer_auth_file %>
+pool_mode = <%= @pl_bouncer_pool_mode %>
+max_client_conn = <%= @pl_bouncer_mx_cl_conn %>
+default_pool_size = <%= @pl_bouncer_pool_size %>
+ignore_startup_parameters = extra_float_digits
+
+[databases]
				`@@ -0,0 +1 @@`
				`<%= @bouncer_db_name %> = host=<%= @bouncer_host %> port=<%= @db_host_port %> dbname=<%= @bouncer_db_name %>`