X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fnm.pp;h=e6488a6901810dd164b42048c57c82610b9aede5;hb=aa9c42f8411a80868291504714c39598095683b8;hp=f792de4cdd584a67fc70d3cf1c13a7236e9ac861;hpb=8e104735c829bddd66c9f0aacfa0f41e92eed57d;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/nm.pp b/modules/roles/manifests/nm.pp
index f792de4cd..e6488a690 100644
--- a/modules/roles/manifests/nm.pp
+++ b/modules/roles/manifests/nm.pp
@@ -1,5 +1,32 @@
-class roles::nm {
-	ssl::service { 'nm.debian.org':
-		notify  => Exec['service apache2 reload'],
-	}
+# nm.debian.org role
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::nm (
+  String  $db_address,
+  Integer $db_port,
+) {
+  include apache2
+  include roles::sso_rp
+
+  ssl::service { 'nm.debian.org':
+    notify => Exec['service apache2 reload'],
+    key    => true,
+  }
+
+  exim::vdomain { 'nm.debian.org':
+    owner => 'nm',
+    group => 'nm',
+  }
+
+  @@postgres::cluster::hba_entry { "nm-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    database => ['nm', 'contributors'],
+    user     => ['nm', 'nmweb'],
+    address  => $base::public_addresses,
+  }
+
+  include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
+  include roles::postgresql::ftp_master_dak_replica::db_guest_access::ubc
 }