projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
give access to the PG ddtp cluster to the ddtp role
[mirror/dsa-puppet.git] / modules / roles / manifests / rtmaster.pp
diff --git a/modules/roles/manifests/rtmaster.pp b/modules/roles/manifests/rtmaster.pp
index 7c469b6..38a6d7e 100644 (file)
--- a/modules/roles/manifests/rtmaster.pp
+++ b/modules/roles/manifests/rtmaster.pp
@@ -1,7 +1,28 @@
-class roles::rtmaster {
+# rt.debian.org
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::rtmaster (
+  String  $db_address,
+  Integer $db_port,
+) {
   include apache2
   ssl::service { 'rt.debian.org':
     notify => Exec['service apache2 reload'],
     key    => true,
   }
+
+  # Note that there is also role specific config in exim4.conf
+  exim::vdomain { 'rt.debian.org':
+    mail_user  => 'rt',
+    mail_group => 'rt',
+  }
+
+  @@postgres::cluster::hba_entry { "rt-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    database => 'rtdb',
+    user     => 'rtuser',
+    address  => $base::public_addresses,
+  }
 }
Unnamed repository; edit this file 'description' to name the repository.