modules/postgres/manifests/cluster.pp

   1 # postgresql cluster configuration
   2 #
   3 # @param pg_version      pg version of the cluster
   4 # @param pg_cluster      cluster name
   5 # @param pg_port         port of the postgres cluster
   6 # @param manage_hba      manage pg_hba
   7 # @param confdir         directory where the configuration resides
   8 define postgres::cluster(
   9   String $pg_version,
  10   String $pg_cluster = 'main',
  11   Integer $pg_port = 5432,
  12   Boolean $manage_hba = false,
  13   String $confdir = "/etc/postgresql/${pg_version}/${pg_cluster}",
  14 ) {
  15   $reload = "postgresql ${pg_version}/${pg_cluster} reload"
  16   exec { $reload:
  17     command     => "systemctl reload postgresql@${pg_version}-${pg_cluster}.service",
  18     refreshonly => true,
  19   }
  20
  21   ferm::rule::simple { "postgres::cluster::hba_entry::${pg_version}::${pg_cluster}":
  22     description => "check access to pg${pg_version}/${pg_cluster}",
  23     port        => $pg_port,
  24     target      => "pg-${pg_port}",
  25   }
  26
  27   if $manage_hba {
  28     concat { "postgres::cluster::${pg_version}::${pg_cluster}::hba":
  29       path           => "${confdir}/pg_hba.conf",
  30       mode           => '0440',
  31       group          => 'postgres',
  32       ensure_newline => true,
  33       notify         => Exec[$reload],
  34     }
  35     concat::fragment{ "postgres::cluster::pg_hba-head::${pg_version}::${pg_cluster}":
  36       target  => "postgres::cluster::${pg_version}::${pg_cluster}::hba",
  37       order   => '00',
  38       content => template('postgres/cluster/pg_hba.conf-head.erb'),
  39     }
  40     Concat::Fragment <| tag == "postgres::cluster::${pg_version}::${pg_cluster}::hba" |>
  41   }
  42 }