roles::pet::params::db_address: bmdb1.debian.org
roles::pet::params::db_port: 5435
+roles::postgresql::ftp_master_dak_replica::db_guest_access::bm:db_address: bmdb1.debian.org
+roles::postgresql::ftp_master_dak_replica::db_guest_access::bm:db_port: 5434
+
roles::qamaster::db_address: bmdb1.debian.org
roles::qamaster::db_port: 5435
- roles::postgresql::ftp_master_dak_replica
postgres::backup_server::register_backup_clienthost::allow_read_hosts: ['fasolo']
-roles::postgresql::server::manage_clusters_hba: [5440, 5435]
+roles::postgresql::server::manage_clusters_hba: yes
# is api_ftp_master the right role to put this in?
include roles::udd::db_guest_access
+ include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
}
# The UDD database is used to display FTBFS bugs on the web interface
include roles::udd::db_guest_access
+ include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
+
@@postgres::cluster::hba_entry { "qa-buildlogchecks-${::fqdn}":
tag => "postgres::cluster::${qa_buildlogchecks_db_port}::hba::${qa_buildlogchecks_db_address}",
pg_port => $qa_buildlogchecks_db_port,
user => ['nm', 'nmweb'],
address => $base::public_addresses,
}
+
+ include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
}
--- /dev/null
+# ftp_master_dak_replica guest access to DB
+#
+# @param db_address hostname of the postgres server for this service
+# @param db_port port of the postgres server for this service
+# @param database list of databases to give access to
+# @param address hosts to give access
+# @param connection_type connection type
+class roles::postgresql::ftp_master_dak_replica::db_guest_access::bm (
+ String $db_address,
+ Integer $db_port,
+ Array[String] $database = ['projectb'],
+ Enum['local', 'host', 'hostssl'] $connection_type = 'hostssl',
+ Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
+) {
+ @@postgres::cluster::hba_entry { "dak-projectb-guest-${::fqdn}":
+ tag => "postgres::cluster::${db_port}::hba::${db_address}",
+ pg_port => $db_port,
+ database => $database,
+ user => 'guest',
+ address => $address,
+ connection_type => $connection_type,
+ method => 'trust',
+ order => '25',
+ }
+}
}
include roles::udd::db_guest_access
+ include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
@@postgres::cluster::hba_entry { "qa-${::fqdn}":
tag => "postgres::cluster::${db_port}::hba::${db_address}",
) {
include roles::buildd_master::db_guest_access
include roles::udd::db_guest_access
+ include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
@@postgres::cluster::hba_entry { "release-${::fqdn}":
tag => "postgres::cluster::${db_port}::hba::${db_address}",
include roles::buildd_master::db_guest_access
include roles::pet::db_guest_access
+ include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm
class { 'roles::udd::db_guest_access':
database => ['udd', 'udd-dev'],