From be81cf0c1d53ed7b206b91f73e5ab77c8b1ef5d0 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 29 Sep 2019 22:23:44 +0200 Subject: [PATCH] manage danzi/debconf pg_hba --- data/common.yaml | 3 +++ data/nodes/danzi.debian.org.yaml | 2 +- modules/roles/manifests/debconf_wafer.pp | 17 ++++++++++++++++- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/data/common.yaml b/data/common.yaml index 780bedb32..c40138685 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -54,6 +54,9 @@ roles::debsources::db_port: 5440 roles::tracker::db_address: danzi.debian.org roles::tracker::db_port: 5432 +roles::debconf_wafer::db_address: danzi.debian.org +roles::debconf_wafer::db_port: 5434 + roles::ftp_master::db_port: 5433 roles::postgresql::ftp_master_dak_replica::db_server: fasolo.debian.org diff --git a/data/nodes/danzi.debian.org.yaml b/data/nodes/danzi.debian.org.yaml index 6f982f36f..db7730537 100644 --- a/data/nodes/danzi.debian.org.yaml +++ b/data/nodes/danzi.debian.org.yaml @@ -2,4 +2,4 @@ classes: - roles::postgresql::server -roles::postgresql::server::manage_clusters_hba: [5432] +roles::postgresql::server::manage_clusters_hba: [5432, 5434] diff --git a/modules/roles/manifests/debconf_wafer.pp b/modules/roles/manifests/debconf_wafer.pp index e799875b6..b0c2c5ed5 100644 --- a/modules/roles/manifests/debconf_wafer.pp +++ b/modules/roles/manifests/debconf_wafer.pp @@ -1,4 +1,11 @@ -class roles::debconf_wafer { +# debconf's wafer role + +# @param db_address hostname of the postgres server for this service +# @param db_port port of the postgres server for this service +class roles::debconf_wafer ( + String $db_address, + Integer $db_port, +) { include apache2 include apache2::ssl include apache2::expires @@ -44,5 +51,13 @@ class roles::debconf_wafer { site => 'debconf20.debconf.org', source => 'puppet:///modules/roles/debconf_wafer/debconf20.debconf.org', } + + @@postgres::cluster::hba_entry { "debconf-wafer-${::fqdn}": + tag => "postgres::cluster::${db_port}::hba::${db_address}", + pg_port => $db_port, + user => ['debconf18', 'debconf19', 'debconf20', 'wafertest'], + database => 'sameuser', + address => $base::public_addresses, + } } -- 2.20.1