X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fnm.pp;h=2bfb33730af624c989a7cb201d7ed46e212d0301;hb=7cf8c9b7d5e06b37a84700146b4e9ed71f2da575;hp=96951e87764abfd6153acea843a60a4995459995;hpb=8352e57f7cf214a09275fd8b2d25ba7be6fbdaf0;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/nm.pp b/modules/roles/manifests/nm.pp
index 96951e877..2bfb33730 100644
--- a/modules/roles/manifests/nm.pp
+++ b/modules/roles/manifests/nm.pp
@@ -1,7 +1,33 @@
-class roles::nm {
+# nm.debian.org role
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::nm (
+  String  $db_address,
+  Integer $db_port,
+) {
   include apache2
+  include roles::sso_rp
+
   ssl::service { 'nm.debian.org':
     notify => Exec['service apache2 reload'],
     key    => true,
   }
+
+  exim::vdomain { 'nm.debian.org':
+    owner => 'nm',
+    group => 'nm',
+  }
+
+  @@postgres::cluster::hba_entry { "nm-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    database => ['nm', 'contributors'],
+    user     => ['nm', 'nmweb'],
+    address  => $base::public_addresses,
+  }
+
+  dsa_systemd::linger { 'nm': }
+
+  include roles::postgresql::ftp_master_dak_replica::db_guest_access::ubc
 }