# postgresql cluster configuration
#
# @param pg_version      pg version of the cluster
# @param pg_cluster      cluster name
# @param pg_port         port of the postgres cluster
# @param manage_hba      manage pg_hba
# @param confdir         directory where the configuration resides
define postgres::cluster(
  String $pg_version,
  String $pg_cluster = 'main',
  Integer $pg_port = 5432,
  Boolean $manage_hba = false,
  String $confdir = "/etc/postgresql/${pg_version}/${pg_cluster}",
) {
  $reload = "postgresql ${pg_version}/${pg_cluster} reload"
  exec { $reload:
    command     => "systemctl reload postgresql@${pg_version}-${pg_cluster}.service",
    refreshonly => true,
  }

  ferm::rule::simple { "postgres::cluster::hba_entry::${pg_version}::${pg_cluster}":
    description => "check access to pg${pg_version}/${pg_cluster}",
    port        => $pg_port,
    target      => "pg-${pg_port}",
  }

  # hba entries and firewall rules
  Postgres::Cluster::Hba_entry <<| tag == "postgres::cluster::${pg_version}::${pg_cluster}::hba::${::fqdn}" |>>

  if $manage_hba {
    concat { "postgres::cluster::${pg_version}::${pg_cluster}::hba":
      path           => "${confdir}/pg_hba.conf",
      mode           => '0440',
      group          => 'postgres',
      ensure_newline => true,
      notify         => Exec[$reload],
    }
    concat::fragment{ "postgres::cluster::pg_hba-head::${pg_version}::${pg_cluster}":
      target  => "postgres::cluster::${pg_version}::${pg_cluster}::hba",
      order   => '00',
      content => template('postgres/cluster/pg_hba.conf-head.erb'),
    }
    Concat::Fragment <| tag == "postgres::cluster::${pg_version}::${pg_cluster}::hba" |>
  }
}