X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fdebsources.pp;h=a1bad3b67a1dbed73dbad4fa1a9954de8b017e36;hb=HEAD;hp=dd5237e5a058158e60679398c7e8f5bf4d53e205;hpb=43027472aba9b781f311863d36fc8cbdcb882479;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/manifests/debsources.pp b/modules/roles/manifests/debsources.pp index dd5237e5a..a1bad3b67 100644 --- a/modules/roles/manifests/debsources.pp +++ b/modules/roles/manifests/debsources.pp @@ -1,13 +1,41 @@ -class roles::debsources { - ssl::service { 'sources.debian.org': - notify => Exec['service apache2 reload'], - key => true, - } - - include apache2::ssl - package { 'libapache2-mod-wsgi': ensure => installed, } - apache2::site { 'sources.debian.org': - site => 'sources.debian.org', - source => 'puppet:///modules/roles/debsources/sources.debian.org.conf', - } +# sources.debian.org role + +# @param db_address hostname of the postgres server for this service +# @param db_port port of the postgres server for this service +class roles::debsources ( + String $db_address, + Integer $db_port, +) { + include apache2 + include apache2::ssl + + apache2::module { 'http2': } + + package { 'libapache2-mod-wsgi': ensure => installed, } + + apache2::site { 'sources.debian.org': + site => 'sources.debian.org', + source => 'puppet:///modules/roles/debsources/sources.debian.org.conf', + } + ssl::service { 'sources.debian.org': + notify => Exec['service apache2 reload'], + key => true, + } + + @@postgres::cluster::hba_entry { "debsources-${::fqdn}": + tag => "postgres::cluster::${db_port}::hba::${db_address}", + pg_port => $db_port, + database => 'debsources', + user => ['debsource_admin', 'debsource_updater'], + address => $base::public_addresses, + } + + @@postgres::cluster::hba_entry { "debsources-guest-${::fqdn}": + tag => "postgres::cluster::${db_port}::hba::${db_address}", + pg_port => $db_port, + database => 'debsources', + user => ['guest'], + method => 'trust', + address => $base::public_addresses, + } }