manage danzi/main pg_hba

[mirror/dsa-puppet.git] / modules / roles / manifests / sso.pp

diff --git a/modules/roles/manifests/sso.pp b/modules/roles/manifests/sso.pp
index 4da64eb..dc2837f 100644 (file)
--- a/modules/roles/manifests/sso.pp
+++ b/modules/roles/manifests/sso.pp
@@ -1,7 +1,13 @@
 # Debian SSO class.
 #
 # This sets up the web service as well as the LDAP backend for ftmg
-class roles::sso {
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::sso (
+  String  $db_address,
+  Integer $db_port,
+) {
   include apache2
   include roles::sso_rp
 
@@ -55,4 +61,12 @@ class roles::sso {
     source => 'puppet:///modules/roles/sso/openssh-ldap.schema',
     notify => Service['slapd'],
   }
+
+  @@postgres::cluster::hba_entry { "debsso-${::fqdn}":
+    tag      => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port  => $db_port,
+    database => 'debsso',
+    user     => ['debsso', 'debssoweb'],
+    address  => $base::public_addresses,
+  }
 }