X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fsnapshot_db.pp;h=c620c8793feb45577e20d8c5eb990fb7a47d31ce;hb=HEAD;hp=93f71bdcdec228ee35d93bafce658d2786dab8a0;hpb=add63b4edd7236df5114ae7fc84c3ff984cc0de0;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/snapshot_db.pp b/modules/roles/manifests/snapshot_db.pp
index 93f71bdcd..c620c8793 100644
--- a/modules/roles/manifests/snapshot_db.pp
+++ b/modules/roles/manifests/snapshot_db.pp
@@ -1,10 +1,23 @@
-# db server providing (secondary) snapshot databases
+# db server providing snapshot databases
+#
+# @param db_port          port of the snapshot cluster
+# @param guest_addresses  addresses to allow for the guest account
+# @param upstream_db_server  if this node is a replica, name of the upstream db server
+# @param upstream_db_port    if this node is a replica, port of the upstream db server
+# @param upstream_db_role    if this node is a replica, replication role on the upstream db server
 class roles::snapshot_db (
+  Integer $db_port,
+  Array[Stdlib::IP::Address] $guest_addresses = ['127.0.0.1', '::1'],
+  Optional[String] $upstream_db_server = undef,
+  Optional[Integer] $upstream_db_port = undef,
+  String $upstream_db_role = "repuser-${::hostname}",
 ) {
   $now = Timestamp()
   $date = $now.strftime('%F')
 
-  if versioncmp($date, '2020-01-15') <= 0 {
+  if versioncmp($::lsbmajdistrelease, '9') <= 0 {
+    $ensure = 'absent'
+  } elsif versioncmp($date, '2020-01-15') <= 0 {
     $ensure = 'present'
   } else {
     $ensure = 'absent'
@@ -26,4 +39,26 @@ class roles::snapshot_db (
       | EOF
   }
 
+
+  postgres::cluster::hba_entry { 'snapshot-guest':
+    pg_port  => $db_port,
+    database => 'snapshot',
+    user     => 'guest',
+    address  => $guest_addresses,
+    method   => 'trust',
+    order    => '20',
+  }
+
+  if $upstream_db_server {
+    if !$upstream_db_port {
+      fail ('Also need a port if we have a upstream_db_server')
+    }
+    @@postgres::cluster::hba_entry { "snapshot-replica-to-${::fqdn}":
+      tag      => "postgres::cluster::${upstream_db_port}::hba::${upstream_db_server}",
+      pg_port  => $upstream_db_port,
+      database => 'replication',
+      user     => $upstream_db_role,
+      address  => $base::public_addresses,
+    }
+  }
 }