projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
11c5ee4
)
udd: no ssl needed on localhost
author
Peter Palfrader
<peter@palfrader.org>
Mon, 30 Sep 2019 06:07:51 +0000
(08:07 +0200)
committer
Peter Palfrader
<peter@palfrader.org>
Mon, 30 Sep 2019 06:07:51 +0000
(08:07 +0200)
modules/roles/manifests/buildd_master/db_guest_access.pp
patch
|
blob
|
history
modules/roles/manifests/udd.pp
patch
|
blob
|
history
modules/roles/manifests/udd/db_guest_access.pp
patch
|
blob
|
history
diff --git
a/modules/roles/manifests/buildd_master/db_guest_access.pp
b/modules/roles/manifests/buildd_master/db_guest_access.pp
index
f2c24a4
..
bf77a37
100644
(file)
--- a/
modules/roles/manifests/buildd_master/db_guest_access.pp
+++ b/
modules/roles/manifests/buildd_master/db_guest_access.pp
@@
-1,22
+1,25
@@
# wanna-build guest access to DB
#
# wanna-build guest access to DB
#
-# @param db_address hostname of the postgres server for this service
-# @param db_port port of the postgres server for this service
-# @param database list of databases to give access to
-# @param address hosts to give access
+# @param db_address hostname of the postgres server for this service
+# @param db_port port of the postgres server for this service
+# @param database list of databases to give access to
+# @param address hosts to give access
+# @param connection_type connection type
class roles::buildd_master::db_guest_access (
String $db_address = $roles::buildd_master::params::db_address,
Integer $db_port = $roles::buildd_master::params::db_port,
Array[String] $database = ['wanna-build'],
class roles::buildd_master::db_guest_access (
String $db_address = $roles::buildd_master::params::db_address,
Integer $db_port = $roles::buildd_master::params::db_port,
Array[String] $database = ['wanna-build'],
+ Enum['local', 'host', 'hostssl'] $connection_type = 'hostssl',
Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
) inherits roles::buildd_master::params {
@@postgres::cluster::hba_entry { "buildd_master-guest-${::fqdn}":
Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
) inherits roles::buildd_master::params {
@@postgres::cluster::hba_entry { "buildd_master-guest-${::fqdn}":
- tag => "postgres::cluster::${db_port}::hba::${db_address}",
- pg_port => $db_port,
- database => $database,
- user => 'guest',
- address => $address,
- method => 'trust',
- order => '25',
+ tag => "postgres::cluster::${db_port}::hba::${db_address}",
+ pg_port => $db_port,
+ database => $database,
+ user => 'guest',
+ address => $address,
+ connection_type => $connection_type,
+ method => 'trust',
+ order => '25',
}
}
}
}
diff --git
a/modules/roles/manifests/udd.pp
b/modules/roles/manifests/udd.pp
index
16c8b9f
..
7aebd39
100644
(file)
--- a/
modules/roles/manifests/udd.pp
+++ b/
modules/roles/manifests/udd.pp
@@
-12,7
+12,8
@@
class roles::udd {
include roles::buildd_master::db_guest_access
class { 'roles::udd::db_guest_access':
include roles::buildd_master::db_guest_access
class { 'roles::udd::db_guest_access':
- database => ['udd', 'udd-dev'],
- address => ['127.0.0.1', '::1'],
+ database => ['udd', 'udd-dev'],
+ address => ['127.0.0.1', '::1'],
+ connection_type => 'host',
}
}
}
}
diff --git
a/modules/roles/manifests/udd/db_guest_access.pp
b/modules/roles/manifests/udd/db_guest_access.pp
index
773b5d7
..
4dc8f02
100644
(file)
--- a/
modules/roles/manifests/udd/db_guest_access.pp
+++ b/
modules/roles/manifests/udd/db_guest_access.pp
@@
-1,22
+1,25
@@
# udd guest access to DB
#
# udd guest access to DB
#
-# @param db_address hostname of the postgres server for this service
-# @param db_port port of the postgres server for this service
-# @param database list of databases to give access to
-# @param address hosts to give access
+# @param db_address hostname of the postgres server for this service
+# @param db_port port of the postgres server for this service
+# @param database list of databases to give access to
+# @param address hosts to give access
+# @param connection_type connection type
class roles::udd::db_guest_access (
String $db_address = $roles::udd::params::db_address,
Integer $db_port = $roles::udd::params::db_port,
Array[String] $database = ['udd'],
class roles::udd::db_guest_access (
String $db_address = $roles::udd::params::db_address,
Integer $db_port = $roles::udd::params::db_port,
Array[String] $database = ['udd'],
+ Enum['local', 'host', 'hostssl'] $connection_type = 'hostssl',
Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
) inherits roles::udd::params {
@@postgres::cluster::hba_entry { "udd-guest-${::fqdn}":
Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
) inherits roles::udd::params {
@@postgres::cluster::hba_entry { "udd-guest-${::fqdn}":
- tag => "postgres::cluster::${db_port}::hba::${db_address}",
- pg_port => $db_port,
- database => $database,
- user => 'guest',
- address => $address,
- method => 'trust',
- order => '25',
+ tag => "postgres::cluster::${db_port}::hba::${db_address}",
+ pg_port => $db_port,
+ database => $database,
+ user => 'guest',
+ address => $address,
+ connection_type => $connection_type,
+ method => 'trust',
+ order => '25',
}
}
}
}