X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fsso.pp;h=dc2837f882b6e21d688b03b8cdda31f5709d9271;hb=015fa6b401098df522b1adf8e574a88d581ef340;hp=4da64ebd298ac540221b19e882922c6170368772;hpb=be81cf0c1d53ed7b206b91f73e5ab77c8b1ef5d0;p=mirror%2Fdsa-puppet.git

diff --git a/modules/roles/manifests/sso.pp b/modules/roles/manifests/sso.pp
index 4da64ebd2..dc2837f88 100644
--- a/modules/roles/manifests/sso.pp
+++ b/modules/roles/manifests/sso.pp
@@ -1,7 +1,13 @@
 # Debian SSO class.
 #
 # This sets up the web service as well as the LDAP backend for ftmg
-class roles::sso {
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::sso (
+  String  $db_address,
+  Integer $db_port,
+) {
   include apache2
   include roles::sso_rp
 
@@ -55,4 +61,12 @@ class roles::sso {
     source => 'puppet:///modules/roles/sso/openssh-ldap.schema',
     notify => Service['slapd'],
   }
+
+  @@postgres::cluster::hba_entry { "debsso-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    database => 'debsso',
+    user     => ['debsso', 'debssoweb'],
+    address  => $base::public_addresses,
+  }
 }