56 lines
1.8 KiB
Puppet
56 lines
1.8 KiB
Puppet
## confdroid_postgresql::server::pg_hba.pp
|
|
# Module name: confdroid_postgresql
|
|
# Author: 12ww1160 (arne_teuke@puppetsoft.com)
|
|
# @summary Class manages pg_hba.conf file and line entries through define
|
|
# pg_hba_rule.pp
|
|
# @example confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for role postgres':
|
|
# pl_auth_type => 'local',
|
|
# pl_auth_database => 'all',
|
|
# pl_auth_user => 'postgres',
|
|
# pl_auth_method => 'trust',
|
|
# pl_auth_order => '001',
|
|
# pl_auth_option => '',
|
|
# }
|
|
##############################################################################
|
|
class confdroid_postgresql::server::pghba::pg_hba (
|
|
|
|
) inherits confdroid_postgresql::params {
|
|
if $fqdn == $pl_server_fqdn {
|
|
# create the pg_hba.conf file
|
|
|
|
concat { $pl_pg_hba_conf:
|
|
ensure => present,
|
|
owner => 'postgres',
|
|
mode => '0600',
|
|
notify => Service[$pl_service],
|
|
}
|
|
|
|
# manage file header
|
|
|
|
concat::fragment { 'pghba_header':
|
|
target => $pl_pg_hba_conf,
|
|
content => template($pl_pg_hba_conf_erb),
|
|
order => '000',
|
|
}
|
|
|
|
# manage default rules => should go into external config set
|
|
# confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for role postgres':
|
|
# pl_auth_type => 'local',
|
|
# pl_auth_database => 'all',
|
|
# pl_auth_user => $ql_user_name,
|
|
# pl_auth_method => 'trust',
|
|
# pl_auth_order => '001',
|
|
# pl_auth_option => $ql_auth_option,
|
|
# }
|
|
|
|
# confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for all roles':
|
|
# pl_auth_type => 'local',
|
|
# pl_auth_database => 'all',
|
|
# pl_auth_user => 'all',
|
|
# pl_auth_method => 'trust',
|
|
# pl_auth_order => '002',
|
|
# pl_auth_option => $pl_auth_option,
|
|
# }
|
|
}
|
|
}
|