## postgresql_cd::server::pg_hba.pp
# Module name: postgresql_cd
# Author: Arne Teuke (arne_teuke@puppetsoft.com)
# @summary Class manages pg_hba.conf file and line entries through define
#   pg_hba_rule.pp
# @example     postgresql_cd::server::pghba::pg_hba_rule { 'local access for role postgres':
#      pl_auth_type        => 'local',
#      pl_auth_database    => 'all',
#      pl_auth_user        => 'postgres',
#      pl_auth_method      => 'trust',
#      pl_auth_order       => '001',
#      pl_auth_option      => '',
#    }
##############################################################################
class postgresql_cd::server::pghba::pg_hba (

) inherits postgresql_cd::params {
  if $fqdn == $pl_server_fqdn {
    # create the pg_hba.conf file

    concat { $pl_pg_hba_conf:
      ensure => present,
      owner  => 'postgres',
      mode   => '0600',
      notify => Service[$pl_service],
    }

    # manage file header

    concat::fragment { 'header':
      target  => $pl_pg_hba_conf,
      content => template($pl_pg_hba_conf_erb),
      order   => '000',
    }

    # manage default rules => should go into  external config set
#    postgresql_cd::server::pghba::pg_hba_rule { 'local access for role postgres':
#      pl_auth_type        => 'local',
#      pl_auth_database    => 'all',
#      pl_auth_user        => $ql_user_name,
#      pl_auth_method      => 'trust',
#      pl_auth_order       => '001',
#      pl_auth_option      => $ql_auth_option,
#    }

#    postgresql_cd::server::pghba::pg_hba_rule { 'local access for all roles':
#      pl_auth_type        => 'local',
#      pl_auth_database    => 'all',
#      pl_auth_user        => 'all',
#      pl_auth_method      => 'trust',
#      pl_auth_order       => '002',
#      pl_auth_option      => $pl_auth_option,
#    }
  }
}