From 11c5ee4c16d5782ce590995baabe054b969ce5a8 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Mon, 30 Sep 2019 08:04:05 +0200 Subject: [PATCH] buildd/udd: do guest access earlier --- modules/postgres/manifests/cluster/hba_entry.pp | 3 +++ modules/roles/manifests/buildd_master/db_guest_access.pp | 2 +- modules/roles/manifests/udd/db_guest_access.pp | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/modules/postgres/manifests/cluster/hba_entry.pp b/modules/postgres/manifests/cluster/hba_entry.pp index 8294ffa16..6a7f7dc4b 100644 --- a/modules/postgres/manifests/cluster/hba_entry.pp +++ b/modules/postgres/manifests/cluster/hba_entry.pp @@ -6,6 +6,9 @@ # See the upstream documentation at https://www.postgresql.org/docs/11/auth-pg-hba-conf.html # for details. # +# Default order is 50, postgres::cluster puts the md5 localhost rules at 30, +# so guest/trust access should probably go at 25. +# # @param pg_port port of the postgres cluster # @param pg_cluster cluster name # @param pg_version pg version of the cluster diff --git a/modules/roles/manifests/buildd_master/db_guest_access.pp b/modules/roles/manifests/buildd_master/db_guest_access.pp index bacd7dbac..f2c24a4be 100644 --- a/modules/roles/manifests/buildd_master/db_guest_access.pp +++ b/modules/roles/manifests/buildd_master/db_guest_access.pp @@ -17,6 +17,6 @@ class roles::buildd_master::db_guest_access ( user => 'guest', address => $address, method => 'trust', - order => '30', + order => '25', } } diff --git a/modules/roles/manifests/udd/db_guest_access.pp b/modules/roles/manifests/udd/db_guest_access.pp index 38af91ed4..773b5d741 100644 --- a/modules/roles/manifests/udd/db_guest_access.pp +++ b/modules/roles/manifests/udd/db_guest_access.pp @@ -17,6 +17,6 @@ class roles::udd::db_guest_access ( user => 'guest', address => $address, method => 'trust', - order => '30', + order => '25', } } -- 2.20.1