class roles::pet (
String $db_address = $roles::pet::params::db_address,
Integer $db_port = $roles::pet::params::db_port,
-) {
+) inherits roles::pet::params {
include apache2
ssl::service { 'pet.debian.net': notify => Exec['service apache2 reload'], key => true, }
ssl::service { 'pet-devel.debian.net': notify => Exec['service apache2 reload'], key => true, }
--- /dev/null
+# pet guest access to DB
+#
+# @param db_address hostname of the postgres server for this service
+# @param db_port port of the postgres server for this service
+# @param database list of databases to give access to
+# @param address hosts to give access
+# @param connection_type connection type
+class roles::pet::db_guest_access (
+ String $db_address = $roles::pet::params::db_address,
+ Integer $db_port = $roles::pet::params::db_port,
+ Array[String] $database = ['pet'],
+ Enum['local', 'host', 'hostssl'] $connection_type = 'hostssl',
+ Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
+) inherits roles::pet::params {
+ @@postgres::cluster::hba_entry { "pet-guest-${::fqdn}":
+ tag => "postgres::cluster::${db_port}::hba::${db_address}",
+ pg_port => $db_port,
+ database => $database,
+ user => 'guest',
+ address => $address,
+ connection_type => $connection_type,
+ method => 'trust',
+ order => '25',
+ }
+}
--- /dev/null
+# pet parameters
+#
+# @param db_address hostname of the postgres server for this service
+# @param db_port port of the postgres server for this service
+class roles::pet::params (
+ String $db_address = $roles::pet::db_address,
+ Integer $db_port = $roles::pet::db_port,
+) {
+}
projects / mirror / dsa-puppet.git / commitdiff