## confdroid_postgresql::main::files.pp # Module name: confdroid_postgresql # Author: 12ww1160 (12ww1160@confdroid.com) # @summary Class manages logic for the confdroid_postgresql module. ############################################################################## class confdroid_postgresql::main::files ( ) inherits confdroid_postgresql::params { if $fqdn == $pl_server_fqdn { require confdroid_postgresql::server::initdb require confdroid_postgresql::main::dirs file { '/var/lib/pgsql/data/postgresql.conf': ensure => file, owner => 'postgres', group => 'postgres', mode => '0600', selrange => s0, selrole => object_r, seltype => postgresql_db_t, seluser => unconfined_u, content => template('confdroid_postgresql/postgresql.conf.erb'), notify => Service[$pl_service], } if $pl_ssl_enabled == true { # manage tls certs ## ca.crt file { $pl_ca_crt_file: ensure => file, owner => 'postgres', group => 'postgres', mode => '0400', selrange => s0, selrole => object_r, seltype => postgresql_db_t, seluser => unconfined_u, content => template($pl_ca_crt_erb), notify => Service[$pl_service], } ## server.crt file { $pl_server_crt_file: ensure => file, owner => 'postgres', group => 'postgres', mode => '0400', selrange => s0, selrole => object_r, seltype => postgresql_db_t, seluser => unconfined_u, content => template($pl_server_crt_erb), notify => Service[$pl_service], } ## server.key file { $pl_server_key_file: ensure => file, owner => 'postgres', group => 'postgres', mode => '0400', selrange => s0, selrole => object_r, seltype => postgresql_db_t, seluser => unconfined_u, content => template($pl_server_key_erb), notify => Service[$pl_service], } } } }