confdroid_postgresql/manifests/params.pp

## confdroid_postgresql::params.pp
# Module name: confdroid_postgresql
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary Class contains all parameters for the confdroid_postgresql module.
# @param [String] pl_server_fqdn the fqdn of the postgresql server. Any other
#   system will be configured as client
# @param [Array] reqpackages_server the packages for the server
# @param [String] reqpackages_extensions the packages for extensions
# @param [String] reqpackages_client the packages for the client
# @param [String] reqpackages_bouncer the packages for the bouncer
# @param [String] pkg_ensure which version of the packages to install, i.e.
#   'latest', 'present' '13.20',
# @param [String] pl_fw_rule_order the prefix for the firewall rule
# @param [String] pl_fw_port the port to use for service and firewall
# @param [String] pl_source_range the source range for allowed clients
# @param [Boolean] pl_enable_fw whether to enable the firewall
# @param [String] pl_listen_address which address should the service listen on
# @param [String] pl_listen_port which port should the service listen on
# @param [String] pl_max_conn maximum connections the service will accept
# @param [Boolean] pl_ssl_enabled whether SSL is enabled (true) or disabled (false)
# @param [String] pl_server_crt the name of the server cert
# @param [String] pl_server_key the name of the server key
# @param [String] pl_ca_crt the name of the CA  crt
# @param [Boolean] pl_manage_content whether to manage roles and databases
# @param [Boolean] pl_manage_extensions whether to manage extensions
# @param [Boolean] pl_use_exporter whether to use the postgresql-exporter
# @param [String] pl_install_dir  the path for the postgres-exporter files
# @param [String] pl_idle_timeout  idle_in_transaction_session_timeout
# @param [Boolean] pl_use_pg_bouncer whether to use the pc_bouncer
# @param [String] pl_bouncer_listen_addr bouncer listen address
# @param [String] pl_bouncer_port bouncer listen port
# @param [String] pl_bouncer_auth_mode bouncer auth mode
# @param [String] pl_bouncer_auth_users placeholder for users
# @param [String] pl_bouncer_pool_mode bouncer pool mode
# @param [String] pl_bouncer_mx_cl_conn bouncer max client connections
# @param [String] pl_bouncer_pool_size bouncer default pool size
##############################################################################
class confdroid_postgresql::params (

  String $pl_server_fqdn    = undef,

  # installation
  Array $reqpackages_server       = ['postgresql-server','postgresql-contrib'],
  String $reqpackages_extensions  = 'timescaledb',
  String $reqpackages_client      = 'postgresql',
  String $reqpackages_bouncer     = 'pgbouncer',
  String $pkg_ensure              = 'latest',

  # firewall
  String $pl_fw_rule_order        = '50',
  String $pl_fw_port              = '5432',
  String $pl_source_range         = '0.0.0.0/0',
  Boolean $pl_enable_fw           = true,

  # main config
  String $pl_listen_address       = '*',
  String $pl_listen_port          = '5432',
  String $pl_max_conn             = '100',
  String $pl_idle_timeout         = '60000',
  Boolean $pl_ssl_enabled         = false,
  String $pl_server_crt           = 'server.crt',
  String $pl_server_key           = 'server.key',
  String $pl_ca_crt               = 'root.crt',
  Boolean $pl_manage_content      = true,
  Boolean $pl_manage_extensions   = false,

  # postgresql exporter
  Boolean $pl_use_exporter        = false,
  String $pl_install_dir          = '/opt/postgres-exporter',

  # pg bouncer
  Boolean $pl_use_pg_bouncer      = false,
  String $pl_bouncer_listen_addr  = '0.0.0.0',
  String $pl_bouncer_port         = '6432',
  String $pl_bouncer_auth_mode    = 'md5',
  String $pl_bouncer_auth_users   = '"pgbouncer" "fake"',
  String $pl_bouncer_pool_mode    = 'transaction',
  String $pl_bouncer_mx_cl_conn   = '100',
  String $pl_bouncer_pool_size    = '20',

) {
  $fqdn                     = $facts['networking']['fqdn']
  $domain                   = $facts['networking']['domain']
  $os_name                  = $facts['os']['name']
  $os_release               = $facts['os']['release']['major']

  # Directories
  $pl_data_dir              = '/var/lib/pgsql/data/'
  $pl_bouncer_dir           = '/etc/pgbouncer'

  # files
  $pl_pg_hba_conf           = "${pl_data_dir}/pg_hba.conf"
  $pl_pg_hba_rule_conf      = 'confdroid_postgresql/server/pghba/pg_hba_rule.conf.erb'
  $pl_pg_hba_conf_erb       = 'confdroid_postgresql/server/pghba/pg_hba.conf.erb'
  $pl_bouncer_ini_file      = "${pl_bouncer_dir}/pgbouncer.ini"
  $pl_bouncer_ini_erb       = 'confdroid_postgresql/server/bouncer/pgbouncer.ini.erb'
  $pl_bouncer_auth_file     = "${pl_bouncer_dir}/userlist.txt"
  $pl_bouncer_auth_erb      = 'confdroid_postgresql/server/bouncer/bouncer_users.erb'
  $pl_bouncer_rule_erb      = 'confdroid_postgresql/server/bouncer/bouncer_rule.erb'
  $pl_ca_crt_file           = "${pl_data_dir}/ca.crt"
  $pl_ca_crt_erb            = 'confdroid_postgresql/server/ca.crt.erb'
  $pl_server_crt_file       = "${pl_data_dir}/server.crt"
  $pl_server_crt_erb        = 'confdroid_postgresql/server/server.crt.erb'
  $pl_server_key_file       = "${pl_data_dir}/server.key"
  $pl_server_key_erb        = 'confdroid_postgresql/server/server.key.erb'

  # Service
  $pl_service               = 'postgresql'
  $pl_exporter_service      = 'postgres_exporter'
  $pl_bouncer_service       = 'pgbouncer'

  # includes must be last
  include confdroid_postgresql::main::config
}