From 43fff1fc191e08503bb43a5b9fb28f0f2c93665e Mon Sep 17 00:00:00 2001 From: Julien Cristau Date: Fri, 4 Oct 2019 15:39:47 +0200 Subject: [PATCH] give udd access to the projectb copy on danzi --- data/common.yaml | 3 +++ .../db_guest_access/ubc.pp | 25 +++++++++++++++++++ modules/roles/manifests/udd.pp | 1 + 3 files changed, 29 insertions(+) create mode 100644 modules/roles/manifests/postgresql/ftp_master_dak_replica/db_guest_access/ubc.pp diff --git a/data/common.yaml b/data/common.yaml index 15a8188f2..11973469f 100644 --- a/data/common.yaml +++ b/data/common.yaml @@ -74,6 +74,9 @@ roles::pet::params::db_port: 5435 roles::postgresql::ftp_master_dak_replica::db_guest_access::bm::db_address: bmdb1.debian.org roles::postgresql::ftp_master_dak_replica::db_guest_access::bm::db_port: 5434 +roles::postgresql::ftp_master_dak_replica::db_guest_access::ubc::db_address: danzi.debian.org +roles::postgresql::ftp_master_dak_replica::db_guest_access::ubc::db_port: 5435 + roles::qamaster::db_address: bmdb1.debian.org roles::qamaster::db_port: 5435 diff --git a/modules/roles/manifests/postgresql/ftp_master_dak_replica/db_guest_access/ubc.pp b/modules/roles/manifests/postgresql/ftp_master_dak_replica/db_guest_access/ubc.pp new file mode 100644 index 000000000..b3092a31c --- /dev/null +++ b/modules/roles/manifests/postgresql/ftp_master_dak_replica/db_guest_access/ubc.pp @@ -0,0 +1,25 @@ +# ftp_master_dak_replica guest access to DB +# +# @param db_address hostname of the postgres server for this service +# @param db_port port of the postgres server for this service +# @param database list of databases to give access to +# @param address hosts to give access +# @param connection_type connection type +class roles::postgresql::ftp_master_dak_replica::db_guest_access::bm ( + String $db_address, + Integer $db_port, + Array[String] $database = ['projectb'], + Enum['local', 'host', 'hostssl'] $connection_type = 'hostssl', + Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses, +) { + @@postgres::cluster::hba_entry { "dak-projectb-guest-${::fqdn}": + tag => "postgres::cluster::${db_port}::hba::${db_address}", + pg_port => $db_port, + database => $database, + user => 'guest', + address => $address, + connection_type => $connection_type, + method => 'trust', + order => '25', + } +} diff --git a/modules/roles/manifests/udd.pp b/modules/roles/manifests/udd.pp index ed5a56494..0ee8b7238 100644 --- a/modules/roles/manifests/udd.pp +++ b/modules/roles/manifests/udd.pp @@ -12,6 +12,7 @@ class roles::udd { include roles::buildd_master::db_guest_access include roles::pet::db_guest_access include roles::postgresql::ftp_master_dak_replica::db_guest_access::bm + include roles::postgresql::ftp_master_dak_replica::db_guest_access::ubc class { 'roles::udd::db_guest_access': database => ['udd', 'udd-dev'], -- 2.20.1