Boolean $do_role = false,
Boolean $do_hba = false,
) {
+ include postgres::backup_source
+
$datadir = "/var/lib/postgresql/${pg_version}/${pg_cluster}"
file { "${datadir}/.nobackup":
content => ''
}
}
- # Send connections to the port to the pg-backup chain
- # there, the register_backup_clienthost class will have
- # realized the exported allows from the backup servers.
- #
- # Any non-matching traffic will fall through and it can
- # be allowed elsewhere
- #
- # this rule is only needed for clusters that we do not manage
- # with postgres::cluster. Hopefully these will go away with time
- ferm::rule::simple { "dsa-postgres-backup-${pg_port}":
- description => 'Check for postgres access from backup host',
- port => $pg_port,
- target => 'pg-backup',
- }
-
postgres::cluster::hba_entry { "backup-replication::${pg_version}::${pg_cluster}":
pg_version => $pg_version,
pg_cluster => $pg_cluster,