1 # This resource manages an individual rule that applies to the file defined in
3 define postgresql::pg_hba_rule(
11 $target = $postgresql::params::pg_hba_conf_path,
14 include postgresql::params
16 validate_re($type, '^(local|host|hostssl|hostnossl)$',
17 "The type you specified [${type}] must be one of: local, host, hostssl, hostnosssl")
18 validate_re($auth_method, '^(trust|reject|md5|crypt|password|gss|sspi|krb5|ident|peer|ldap|radius|cert|pam)$',
19 "The auth_method you specified [${auth_method}] must be one of: trust, reject, md5, crypt, password, krb5, ident, ldap, pam")
21 if($type =~ /^host/ and $address == undef) {
22 fail('You must specify an address property when type is host based')
25 # This is required to make sure concat::setup is initialized first. This
26 # probably points to a bug inside ripienaar-concat.
29 # Create a rule fragment
30 $fragname = "pg_hba_rule_${name}"
31 concat::fragment { $fragname:
33 content => template('postgresql/pg_hba_rule.conf'),
39 Class['concat::setup']->
40 Concat::Fragment[$fragname]