From 9ef1146408b1635d28895833adb8d0b0d18b9d5a Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Mon, 30 Sep 2019 10:04:23 +0200
Subject: [PATCH] add missing new files for pet role

---
 modules/roles/manifests/pet.pp                |  2 +-
 .../roles/manifests/pet/db_guest_access.pp    | 25 +++++++++++++++++++
 modules/roles/manifests/pet/params.pp         |  9 +++++++
 3 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 modules/roles/manifests/pet/db_guest_access.pp
 create mode 100644 modules/roles/manifests/pet/params.pp

diff --git a/modules/roles/manifests/pet.pp b/modules/roles/manifests/pet.pp
index 27a264af4..ca3ce3b72 100644
--- a/modules/roles/manifests/pet.pp
+++ b/modules/roles/manifests/pet.pp
@@ -5,7 +5,7 @@
 class roles::pet (
   String  $db_address = $roles::pet::params::db_address,
   Integer $db_port    = $roles::pet::params::db_port,
-) {
+) inherits roles::pet::params {
   include apache2
   ssl::service { 'pet.debian.net': notify  => Exec['service apache2 reload'], key => true, }
   ssl::service { 'pet-devel.debian.net': notify  => Exec['service apache2 reload'], key => true, }
diff --git a/modules/roles/manifests/pet/db_guest_access.pp b/modules/roles/manifests/pet/db_guest_access.pp
new file mode 100644
index 000000000..ac76e4cce
--- /dev/null
+++ b/modules/roles/manifests/pet/db_guest_access.pp
@@ -0,0 +1,25 @@
+# pet guest access to DB
+#
+# @param db_address       hostname of the postgres server for this service
+# @param db_port          port of the postgres server for this service
+# @param database         list of databases to give access to
+# @param address          hosts to give access
+# @param connection_type  connection type
+class roles::pet::db_guest_access (
+  String  $db_address     = $roles::pet::params::db_address,
+  Integer $db_port        = $roles::pet::params::db_port,
+  Array[String] $database = ['pet'],
+  Enum['local', 'host', 'hostssl'] $connection_type = 'hostssl',
+  Optional[Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]]] $address = $base::public_addresses,
+) inherits roles::pet::params {
+  @@postgres::cluster::hba_entry { "pet-guest-${::fqdn}":
+    tag             => "postgres::cluster::${db_port}::hba::${db_address}",
+    pg_port         => $db_port,
+    database        => $database,
+    user            => 'guest',
+    address         => $address,
+    connection_type => $connection_type,
+    method          => 'trust',
+    order           => '25',
+  }
+}
diff --git a/modules/roles/manifests/pet/params.pp b/modules/roles/manifests/pet/params.pp
new file mode 100644
index 000000000..ab73a2b67
--- /dev/null
+++ b/modules/roles/manifests/pet/params.pp
@@ -0,0 +1,9 @@
+# pet parameters
+#
+# @param db_address     hostname of the postgres server for this service
+# @param db_port        port of the postgres server for this service
+class roles::pet::params (
+  String  $db_address = $roles::pet::db_address,
+  Integer $db_port    = $roles::pet::db_port,
+) {
+}
-- 
2.20.1