projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
give access to the PG ddtp cluster to the ddtp role
[mirror/dsa-puppet.git]
/
modules
/
roles
/
manifests
/
ddtp.pp
diff --git
a/modules/roles/manifests/ddtp.pp
b/modules/roles/manifests/ddtp.pp
index
e18f4e3
..
6398d2a
100644
(file)
--- a/
modules/roles/manifests/ddtp.pp
+++ b/
modules/roles/manifests/ddtp.pp
@@
-1,6
+1,11
@@
# ddtp.debian.org service
#
# ddtp.debian.org service
#
-class roles::ddtp {
+# @param db_address hostname of the postgres server for this service
+# @param db_port port of the postgres server for this service
+class roles::ddtp (
+ String $db_address,
+ Integer $db_port,
+) {
include apache2
ssl::service { 'ddtp.debian.org':
include apache2
ssl::service { 'ddtp.debian.org':
@@
-8,4
+13,12
@@
class roles::ddtp {
key => true,
}
onion::service { 'ddtp.debian.org': port => 80, target_address => 'ddtp.debian.org', target_port => 80, direct => true }
key => true,
}
onion::service { 'ddtp.debian.org': port => 80, target_address => 'ddtp.debian.org', target_port => 80, direct => true }
+
+ @@postgres::cluster::hba_entry { "ddtp-${::fqdn}":
+ tag => "postgres::cluster::${db_port}::hba::${db_address}",
+ pg_port => $db_port,
+ database => ['ddtp'],
+ user => 'ddtp',
+ address => $base::public_addresses,
+ }
}
}