+# postgresql
+
+#### Table of Contents
+
+1. [Module Description - What does the module do?](#module-description)
+2. [Setup - The basics of getting started with postgresql module](#setup)
+ * [What postgresql affects](#what-postgresql-affects)
+ * [Getting started with postgresql](#getting-started-with-postgresql)
+3. [Usage - Configuration options and additional functionality](#usage)
+ * [Configure a server](#configure-a-server)
+ * [Create a database](#create-a-database)
+ * [Manage users, roles, and permissions](#manage-users-roles-and-permissions)
+ * [Manage ownership of DB objects](#manage-ownership-of-db-objects)
+ * [Override defaults](#override-defaults)
+ * [Create an access rule for pg_hba.conf](#create-an-access-rule-for-pg_hbaconf)
+ * [Create user name maps for pg_ident.conf](#create-user-name-maps-for-pg_identconf)
+ * [Validate connectivity](#validate-connectivity)
+4. [Reference - An under-the-hood peek at what the module is doing and how](#reference)
+ * [Classes](#classes)
+ * [Defined Types](#defined-types)
+ * [Types](#types)
+ * [Functions](#functions)
+5. [Limitations - OS compatibility, etc.](#limitations)
+6. [Development - Guide for contributing to the module](#development)
+ * [Contributors - List of module contributors](#contributors)
+7. [Tests](#tests)
+8. [Contributors - List of module contributors](#contributors)
+
+## Module description
+
+The postgresql module allows you to manage PostgreSQL databases with Puppet.
+
+PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL.
+
+## Setup
+
+### What postgresql affects
+
+* Package, service, and configuration files for PostgreSQL
+* Listened-to ports
+* IP and mask (optional)
+
+### Getting started with postgresql
+
+To configure a basic default PostgreSQL server, declare the `postgresql::server` class.
+
+```puppet
+class { 'postgresql::server':
+}
+```
+
+## Usage
+
+### Configure a server
+
+For default settings, declare the `postgresql::server` class as above. To customize PostgreSQL server settings, specify the [parameters](#postgresqlserver) you want to change:
+
+```puppet
+class { 'postgresql::server':
+ ip_mask_deny_postgres_user => '0.0.0.0/32',
+ ip_mask_allow_all_users => '0.0.0.0/0',
+ ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'],
+ postgres_password => 'TPSrep0rt!',
+}
+```
+
+After configuration, test your settings from the command line:
+
+```shell
+psql -h localhost -U postgres
+psql -h my.postgres.server -U
+```
+
+If you get an error message from these commands, your permission settings restrict access from the location you're trying to connect from. Depending on whether you want to allow connections from that location, you might need to adjust your permissions.
+
+For more details about server configuration parameters, consult the [PostgreSQL Runtime Configuration documentation](http://www.postgresql.org/docs/current/static/runtime-config.html).
+
+### Create a database
+
+You can set up a variety of PostgreSQL databases with the `postgresql::server::db` defined type. For instance, to set up a database for PuppetDB:
+
+```puppet
+class { 'postgresql::server':
+}
+
+postgresql::server::db { 'mydatabasename':
+ user => 'mydatabaseuser',
+ password => postgresql_password('mydatabaseuser', 'mypassword'),
+}
+```
+
+### Manage users, roles, and permissions
+
+To manage users, roles, and permissions:
+
+```puppet
+class { 'postgresql::server':
+}
+
+postgresql::server::role { 'marmot':
+ password_hash => postgresql_password('marmot', 'mypasswd'),
+}
+
+postgresql::server::database_grant { 'test1':
+ privilege => 'ALL',
+ db => 'test1',
+ role => 'marmot',
+}
+
+postgresql::server::table_grant { 'my_table of test2':
+ privilege => 'ALL',
+ table => 'my_table',
+ db => 'test2',
+ role => 'marmot',
+}
+```
+
+This example grants **all** privileges on the test1 database and on the `my_table` table of the test2 database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use.
+
+### Manage ownership of DB objects
+
+To change the ownership of all objects within a database using REASSIGN OWNED:
+
+```puppet
+postgresql::server::reassign_owned_by { 'new owner is meerkat':
+ db => 'test_db',
+ old_owner => 'marmot',
+ new_owner => 'meerkat',
+}
+```
+
+This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership of all tables, sequences, functions and views currently owned by the role 'marmot' to be owned by the role 'meerkat' instead.
+
+This applies to objects within the nominated database, 'test_db' only.
+
+For Postgresql >= 9.3, the ownership of the database is also updated.
+
+### Override defaults
+
+The `postgresql::globals` class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing.
+
+For example, to overwrite the default `locale` and `encoding` for all classes, use the following:
+
+```puppet
+class { 'postgresql::globals':
+ encoding => 'UTF-8',
+ locale => 'en_US.UTF-8',
+}
+
+class { 'postgresql::server':
+}
+```
+
+To use a specific version of the PostgreSQL package:
+
+```puppet
+class { 'postgresql::globals':
+ manage_package_repo => true,
+ version => '9.2',
+}
+
+class { 'postgresql::server':
+}
+```
+
+### Manage remote users, roles, and permissions
+
+Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a [`connect_settings`](#connect_settings) hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands.
+
+The `connect_settings` hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', and 'PGSSLKEY'. See the [PostgreSQL Environment Variables](http://www.postgresql.org/docs/9.4/static/libpq-envars.html) documentation for a complete list of variables.
+
+Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the `connect_settings` hash is omitted or empty, then Puppet connects to the local PostgreSQL instance.
+
+You can provide a `connect_settings` hash for each of the Puppet resources, or you can set a default `connect_settings` hash in `postgresql::globals`. Configuring `connect_settings` per resource allows SQL objects to be created on multiple databases by multiple users.
+
+```puppet
+$connection_settings_super2 = {
+ 'PGUSER' => 'super2',
+ 'PGPASSWORD' => 'foobar2',
+ 'PGHOST' => '127.0.0.1',
+ 'PGPORT' => '5432',
+ 'PGDATABASE' => 'postgres',
+}
+
+include postgresql::server
+
+# Connect with no special settings, i.e domain sockets, user postgres
+postgresql::server::role { 'super2':
+ password_hash => 'foobar2',
+ superuser => true,
+
+ connect_settings => {},
+}
+
+# Now using this new user connect via TCP
+postgresql::server::database { 'db1':
+ connect_settings => $connection_settings_super2,
+ require => Postgresql::Server::Role['super2'],
+}
+```
+
+### Create an access rule for pg_hba.conf
+
+To create an access rule for `pg_hba.conf`:
+
+```puppet
+postgresql::server::pg_hba_rule { 'allow application network to access app database':
+ description => 'Open up PostgreSQL for access from 200.1.2.0/24',
+ type => 'host',
+ database => 'app',
+ user => 'app',
+ address => '200.1.2.0/24',
+ auth_method => 'md5',
+}
+```
+
+This would create a ruleset in `pg_hba.conf` similar to:
+
+```
+# Rule Name: allow application network to access app database
+# Description: Open up PostgreSQL for access from 200.1.2.0/24
+# Order: 150
+host app app 200.1.2.0/24 md5
+```
+
+By default, `pg_hba_rule` requires that you include `postgresql::server`. However, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following:
+
+```puppet
+postgresql::server::pg_hba_rule { 'allow application network to access app database':
+ description => 'Open up postgresql for access from 200.1.2.0/24',
+ type => 'host',
+ database => 'app',
+ user => 'app',
+ address => '200.1.2.0/24',
+ auth_method => 'md5',
+ target => '/path/to/pg_hba.conf',
+ postgresql_version => '9.4',
+}
+```
+
+### Create user name maps for pg_ident.conf
+
+To create a user name map for the pg_ident.conf:
+
+```puppet
+postgresql::server::pg_ident_rule { 'Map the SSL certificate of the backup server as a replication user':
+ map_name => 'sslrepli',
+ system_username => 'repli1.example.com',
+ database_username => 'replication',
+}
+```
+
+This would create a user name map in `pg_ident.conf` similar to:
+
+```
+#Rule Name: Map the SSL certificate of the backup server as a replication user
+#Description: none
+#Order: 150
+sslrepli repli1.example.com replication
+```
+
+### Create recovery configuration
+
+To create the recovery configuration file (`recovery.conf`):
+
+```puppet
+postgresql::server::recovery { 'Create a recovery.conf file with the following defined parameters':
+ restore_command => 'cp /mnt/server/archivedir/%f %p',
+ archive_cleanup_command => undef,
+ recovery_end_command => undef,
+ recovery_target_name => 'daily backup 2015-01-26',
+ recovery_target_time => '2015-02-08 22:39:00 EST',
+ recovery_target_xid => undef,
+ recovery_target_inclusive => true,
+ recovery_target => 'immediate',
+ recovery_target_timeline => 'latest',
+ pause_at_recovery_target => true,
+ standby_mode => 'on',
+ primary_conninfo => 'host=localhost port=5432',
+ primary_slot_name => undef,
+ trigger_file => undef,
+ recovery_min_apply_delay => 0,
+}
+```
+
+The above creates this `recovery.conf` config file:
+
+```
+restore_command = 'cp /mnt/server/archivedir/%f %p'
+recovery_target_name = 'daily backup 2015-01-26'
+recovery_target_time = '2015-02-08 22:39:00 EST'
+recovery_target_inclusive = true
+recovery_target = 'immediate'
+recovery_target_timeline = 'latest'
+pause_at_recovery_target = true
+standby_mode = 'on'
+primary_conninfo = 'host=localhost port=5432'
+recovery_min_apply_delay = 0
+```
+
+Only the specified parameters are recognized in the template. The `recovery.conf` is only be created if at least one parameter is set **and** [manage_recovery_conf](#manage_recovery_conf) is set to true.
+
+### Validate connectivity
+
+To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the `postgresql_conn_validator` resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration.
+
+Example usage:
+
+```puppet
+postgresql_conn_validator { 'validate my postgres connection':
+ host => 'my.postgres.host',
+ db_username => 'mydbuser',
+ db_password => 'mydbpassword',
+ db_name => 'mydbname',
+}->
+exec { 'rake db:migrate':
+ cwd => '/opt/myrubyapp',
+}
+```
+
+## Reference
+
+The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the settings below, they provide a decent amount of control over your security settings.
+
+**Classes:**
+
+* [postgresql::client](#postgresqlclient)
+* [postgresql::globals](#postgresqlglobals)
+* [postgresql::lib::devel](#postgresqllibdevel)
+* [postgresql::lib::java](#postgresqllibjava)
+* [postgresql::lib::perl](#postgresqllibperl)
+* [postgresql::lib::python](#postgresqllibpython)
+* [postgresql::server](#postgresqlserver)
+* [postgresql::server::plperl](#postgresqlserverplperl)
+* [postgresql::server::contrib](#postgresqlservercontrib)
+* [postgresql::server::postgis](#postgresqlserverpostgis)
+
+**Defined Types:**
+
+* [postgresql::server::config_entry](#postgresqlserverconfig_entry)
+* [postgresql::server::database](#postgresqlserverdatabase)
+* [postgresql::server::database_grant](#postgresqlserverdatabase_grant)
+* [postgresql::server::db](#postgresqlserverdb)
+* [postgresql::server::extension](#postgresqlserverextension)
+* [postgresql::server::grant](#postgresqlservergrant)
+* [postgresql::server::grant_role](#postgresqlservergrant_role)
+* [postgresql::server::pg_hba_rule](#postgresqlserverpg_hba_rule)
+* [postgresql::server::pg_ident_rule](#postgresqlserverpg_ident_rule)
+* [postgresql::server::reassign_owned_by](#postgresqlserverreassign_owned_by)
+* [postgresql::server::recovery](#postgresqlserverrecovery)
+* [postgresql::server::role](#postgresqlserverrole)
+* [postgresql::server::schema](#postgresqlserverschema)
+* [postgresql::server::table_grant](#postgresqlservertable_grant)
+* [postgresql::server::tablespace](#postgresqlservertablespace)
+
+**Types:**
+
+* [postgresql_psql](#custom-resource-postgresql_psql)
+* [postgresql_replication_slot](#custom-resource-postgresql_replication_slot)
+* [postgresql_conf](#custom-resource-postgresql_conf)
+* [postgresql_conn_validator](#custom-resource-postgresql_conn_validator)
+
+**Functions:**
+
+* [postgresql_password](#function-postgresql_password)
+* [postgresql_acls_to_resources_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset)
+
+### Classes
+
+#### postgresql::client
+
+Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install.
+
+>**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version.
+
+##### `package_ensure`
+
+Whether the PostgreSQL client package resource should be present.
+
+Valid values: 'present', 'absent'.
+
+Default value: 'present'.
+
+##### `package_name`
+
+Sets the name of the PostgreSQL client package.
+
+Default value: 'file'.
+
+#### postgresql::lib::docs
+
+Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install.
+
+**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version.
+
+##### `package_name`
+
+Specifies the name of the PostgreSQL docs package.
+
+##### `package_ensure`
+
+Whether the PostgreSQL docs package resource should be present.
+
+Valid values: 'present', 'absent'.
+
+Default value: 'present'.
+
+#### postgresql::globals
+
+**Note:** Most server-specific defaults should be overridden in the `postgresql::server` class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as `version` or `manage_package_repo`.
+
+##### `bindir`
+
+Overrides the default PostgreSQL binaries directory for the target platform.
+
+Default value: OS dependent.
+
+##### `client_package_name`
+
+Overrides the default PostgreSQL client package name.
+
+Default value: OS dependent.
+
+##### `confdir`
+
+Overrides the default PostgreSQL configuration directory for the target platform.
+
+Default value: OS dependent.
+
+##### `contrib_package_name`
+
+Overrides the default PostgreSQL contrib package name.
+
+Default value: OS dependent.
+
+##### `createdb_path`
+
+**Deprecated.** Path to the `createdb` command.
+
+Default value: '${bindir}/createdb'.
+
+##### `datadir`
+
+Overrides the default PostgreSQL data directory for the target platform.
+
+Default value: OS dependent.
+
+**Note:** Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set `needs_initdb = true` to allow Puppet to initialize the database in the new datadir (`needs_initdb` defaults to true on other systems).
+
+**Warning:** If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original.
+
+##### `default_database`
+
+Specifies the name of the default database to connect with.
+
+Default value: 'postgres' (for most systems).
+
+##### `devel_package_name`
+
+Overrides the default PostgreSQL devel package name.
+
+Default value: OS dependent.
+
+##### `docs_package_name`
+
+Optional.
+
+Overrides the default PostgreSQL docs package name.
+
+Default value: OS dependent.
+
+##### `encoding`
+
+Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well.
+
+Default value: Dependent on the operating system's default encoding.
+
+##### `group`
+
+Overrides the default postgres user group to be used for related files in the file system.
+
+Default value: 'postgres'.
+
+##### `initdb_path`
+
+Path to the `initdb` command.
+
+##### `java_package_name`
+
+Overrides the default PostgreSQL java package name.
+
+Default value: OS dependent.
+
+##### `locale`
+
+Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the `template1` initialization, so it becomes a default outside of the module as well.
+
+Default value: `undef`, which is effectively 'C'.
+
+**On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.**
+
+##### `data_checksums`
+
+Optional boolean to turn on data checksums during `initdb`.
+
+Default value: `undef`, which is the same as `false`.
+
+##### `timezone`
+
+Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information.
+
+##### `logdir`
+
+Overrides the default PostgreSQL log directory.
+
+Default value: initdb's default path.
+
+##### `manage_package_repo`
+
+Sets up official PostgreSQL repositories on your host if set to `true`.
+
+Default value: `false`.
+
+##### `module_workdir`
+
+Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option.
+
+Default value: '/tmp'.
+
+##### `needs_initdb`
+
+Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started.
+
+Default value: OS dependent.
+
+##### `perl_package_name`
+
+Overrides the default PostgreSQL Perl package name.
+
+Default value: OS dependent.
+
+##### `pg_hba_conf_defaults`
+
+Disables the defaults supplied with the module for `pg_hba.conf` if set to `false`. This is useful if you want to override the defaults. Be sure that your changes align with the rest of the module, as some access is required to perform some operations, such as basic `psql` operations.
+
+Default value: The globals value set in `postgresql::globals::manage_pg_hba_conf` which defaults to `true`.
+
+##### `pg_hba_conf_path`
+
+Specifies the path to your `pg_hba.conf` file.
+
+Default value: '${confdir}/pg_hba.conf'.
+
+##### `pg_ident_conf_path`
+
+Specifies the path to your `pg_ident.conf` file.
+
+Default value: '${confdir}/pg_ident.conf'.
+
+##### `plperl_package_name`
+
+Overrides the default PostgreSQL PL/Perl package name.
+
+Default value: OS dependent.
+
+##### `plpython_package_name`
+
+Overrides the default PostgreSQL PL/Python package name.
+
+Default value: OS dependent.
+
+##### `postgis_version`
+
+Defines the version of PostGIS to install, if you install PostGIS.
+
+Default value: The lowest available with the version of PostgreSQL to be installed.
+
+##### `postgresql_conf_path`
+
+Sets the path to your `postgresql.conf` file.
+
+Default value: '${confdir}/postgresql.conf'.
+
+##### `psql_path`
+
+Sets the path to the `psql` command.
+
+##### `python_package_name`
+
+Overrides the default PostgreSQL Python package name.
+
+Default value: OS dependent.
+
+##### `recovery_conf_path`
+
+Path to your `recovery.conf` file.
+
+##### `repo_proxy`
+
+Sets the proxy option for the official PostgreSQL yum-repositories only. This is useful if your server is behind a corporate firewall and needs to use proxy servers for outside connectivity.
+
+Debian is currently not supported.
+
+##### `repo_baseurl`
+
+Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository.
+
+Default value: The official PostgreSQL repository.
+
+##### `server_package_name`
+
+Overrides the default PostgreSQL server package name.
+
+Default value: OS dependent.
+
+##### `service_name`
+
+Overrides the default PostgreSQL service name.
+
+Default value: OS dependent.
+
+##### `service_provider`
+
+Overrides the default PostgreSQL service provider.
+
+Default value: OS dependent.
+
+##### `service_status`
+
+Overrides the default status check command for your PostgreSQL service.
+
+Default value: OS dependent.
+
+##### `user`
+
+Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
+
+Default value: 'postgres'.
+
+##### `version`
+
+The version of PostgreSQL to install and manage.
+
+Default value: OS system default.
+
+##### `xlogdir`
+
+Overrides the default PostgreSQL xlog directory.
+
+Default value: initdb's default path.
+
+#### postgresql::lib::devel
+
+Installs the packages containing the development libraries for PostgreSQL and symlinks `pg_config` into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`).
+
+##### `link_pg_config`
+
+If the bin directory used by the PostgreSQL page is not `/usr/bin` or `/usr/local/bin`, symlinks `pg_config` from the package's bin dir into `usr/bin` (not applicable to Debian systems). Set to `false` to disable this behavior.
+
+Valid values: `true`, `false`.
+
+Default value: `true`.
+
+##### `package_ensure`
+
+Overrides the 'ensure' parameter during package installation.
+
+Default value: 'present'.
+
+##### `package_name`
+
+Overrides the default package name for the distribution you are installing to.
+
+Default value: 'postgresql-devel' or 'postgresql<version>-devel' depending on your distro.
+
+#### postgresql::lib::java
+
+Installs PostgreSQL bindings for Java (JDBC). Set the following parameters if you have a custom version you would like to install.
+
+**Note:** Make sure to add any necessary yum or apt repositories if specifying a custom version.
+
+##### `package_ensure`
+
+Specifies whether the package is present.
+
+Valid values: 'present', 'absent'.
+
+Default value: 'present'.
+
+##### `package_name`
+
+Specifies the name of the PostgreSQL java package.
+
+#### postgresql::lib::perl
+
+Installs the PostgreSQL Perl libraries.
+
+##### `package_ensure`
+
+Specifies whether the package is present.
+
+Valid values: 'present', 'absent'.
+
+Default value: 'present'.
+
+##### `package_name`
+
+Specifies the name of the PostgreSQL perl package to install.
+
+#### postgresql::server::plpython
+
+Installs the PL/Python procedural language for PostgreSQL.
+
+##### `package_name`
+
+Specifies the name of the postgresql PL/Python package.
+
+##### `package_ensure`
+
+Specifies whether the package is present.
+
+Valid values: 'present', 'absent'.
+
+Default value: 'present'.
+
+#### postgresql::lib::python
+
+Installs PostgreSQL Python libraries.
+
+##### `package_ensure`
+
+Specifies whether the package is present.
+
+Valid values: 'present', 'absent'.
+
+Default value: 'present'.
+
+##### `package_name`
+
+The name of the PostgreSQL Python package.
+
+#### postgresql::server
+
+##### `createdb_path`
+
+**Deprecated.** Specifies the path to the `createdb` command.
+
+Default value: '${bindir}/createdb'.
+
+##### `default_database`
+
+Specifies the name of the default database to connect with. On most systems this is 'postgres'.
+
+##### `default_connect_settings`
+
+Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined-types. i.e. `postgresql::server::role`
+
+##### `encoding`
+
+Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the `template1` initialization, so it becomes a default outside of the module as well.
+
+Default value: `undef`.
+
+##### `group`
+
+Overrides the default postgres user group to be used for related files in the file system.
+
+Default value: OS dependent default.
+
+##### `initdb_path`
+
+Specifies the path to the `initdb` command.
+
+Default value: '${bindir}/initdb'.
+
+##### `ipv4acls`
+
+Lists strings for access control for connection method, users, databases, IPv4 addresses;
+
+see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information.
+
+##### `ipv6acls`
+
+Lists strings for access control for connection method, users, databases, IPv6 addresses.
+
+see [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) on `pg_hba.conf` for information.
+
+##### `ip_mask_allow_all_users`
+
+Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting.
+
+Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet.
+
+Default value: '127.0.0.1/32'.
+
+##### `ip_mask_deny_postgres_user`
+
+Specifies the IP mask from which remote connections should be denied for the postgres superuser.
+
+Default value: '0.0.0.0/0', which denies any remote connection.
+
+##### `locale`
+
+Sets the default database locale for all databases created with this module. On certain operating systems this is used during the `template1` initialization as well, so it becomes a default outside of the module.
+
+Default value: `undef`, which is effectively 'C'.
+
+**On Debian, you must ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.**
+
+##### `manage_pg_hba_conf`
+
+Whether to manage the `pg_hba.conf`.
+
+If set to `true`, Puppet overwrites this file.
+
+If set to `false`, Puppet does not modify the file.
+
+Valid values: `true`, `false`.
+
+Default value: `true`
+
+##### `manage_pg_ident_conf`
+
+Overwrites the pg_ident.conf file.
+
+If set to `true`, Puppet overwrites the file.
+
+If set to `false`, Puppet does not modify the file.
+
+Valid values: `true`, `false`.
+
+Default value: `true`.
+
+##### `manage_recovery_conf`
+
+Specifies whether or not manage the `recovery.conf`.
+
+If set to `true`, Puppet overwrites this file.
+
+Valid values: `true`, `false`.
+
+Default value: `false`.
+
+##### `needs_initdb`
+
+Explicitly calls the `initdb` operation after server package is installed, and before the PostgreSQL service is started.
+
+Default value: OS dependent.
+
+##### `package_ensure`
+
+Passes a value through to the `package` resource when creating the server instance.
+
+Default value: `undef`.
+
+##### `package_name`
+
+Specifies the name of the package to use for installing the server software.
+
+Default value: OS dependent.
+
+##### `pg_hba_conf_defaults`
+
+If `false`, disables the defaults supplied with the module for `pg_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example.
+
+##### `pg_hba_conf_path`
+
+Specifies the path to your `pg_hba.conf` file.
+
+##### `pg_ident_conf_path`
+
+Specifies the path to your `pg_ident.conf` file.
+
+Default value: '${confdir}/pg_ident.conf'.
+
+##### `plperl_package_name`
+
+Sets the default package name for the PL/Perl extension.
+
+Default value: OS dependent.
+
+##### `plpython_package_name`
+
+Sets the default package name for the PL/Python extension.
+
+Default value: OS dependent.
+
+##### `port`
+
+Specifies the port for the PostgreSQL server to listen on. **Note:** The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change.
+
+Default value: 5432. Meaning the Postgres server listens on TCP port 5432.
+
+##### `postgres_password`
+
+Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called `postgres` and no password.
+
+Default value: `undef`.
+
+##### `postgresql_conf_path`
+
+Specifies the path to your `postgresql.conf` file.
+
+Default value: '${confdir}/postgresql.conf'.
+
+##### `psql_path`
+
+Specifies the path to the `psql` command.
+
+Default value: OS dependent.
+
+##### `service_manage`
+
+Defines whether or not Puppet should manage the service.
+
+Default value: `true`.
+
+##### `service_name`
+
+Overrides the default PostgreSQL service name.
+
+Default value: OS dependent.
+
+##### `service_provider`
+
+Overrides the default PostgreSQL service provider.
+
+Default value: `undef`.
+
+##### `service_reload`
+
+Overrides the default reload command for your PostgreSQL service.
+
+Default value: OS dependent.
+
+##### `service_restart_on_change`
+
+Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active.
+
+Default value: `true`.