opuppet/module-postgresql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
module-postgresql/manifests/server/config.pp

182 lines
6.5 KiB
ObjectPascal
Raw Normal View History

Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
# PRIVATE CLASS: do not call directly
class postgresql::server::config {
$ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user
$ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users
$listen_addresses = $postgresql::server::listen_addresses
Add support for port parameter to postgresql::server, fix underlying assumptions that port=5432
2014-04-17 21:09:07 +02:00
$port = $postgresql::server::port
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
$ipv4acls = $postgresql::server::ipv4acls
$ipv6acls = $postgresql::server::ipv6acls
$pg_hba_conf_path = $postgresql::server::pg_hba_conf_path
Create the pg_ident_rule defined type This allows us to declare user map as easilly as pg_hba entries.
2014-07-24 22:04:02 +02:00
$pg_ident_conf_path = $postgresql::server::pg_ident_conf_path
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
$postgresql_conf_path = $postgresql::server::postgresql_conf_path
(MODULES-1761) Provide defined resource for managing recovery.conf Currently there is no resource to use for creating the recovery.conf This resource can create a recovery.conf for replication with all currently supported parameters
2015-02-07 07:28:54 +01:00
$recovery_conf_path = $postgresql::server::recovery_conf_path
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
$pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults
$user = $postgresql::server::user
$group = $postgresql::server::group
Fixed deprecation warning for class param in server.pp. Changed subclasses of server to use ::_version, which will be assigned the value from globals or (deprecated) class param.
2014-08-18 11:26:06 +02:00
$version = $postgresql::server::_version
(MODULES-2181) Fix variable scope for systemd-override $manage_package_repo wasn't in scope for the template systemd-override.erb This was causing all RHEL7 systems with manage_package_repo on to fail on startup using systemctl, as the proper path to the original service file is set incorrectly. This patch adds the manage_package_repo to the top of the ::config class, and adds some basic tests in config_spec.rb to ensure we don't regress on this. Signed-off-by: Ken Barber <ken@bob.sh>
2015-07-01 15:14:59 +02:00
$manage_package_repo = $postgresql::server::manage_package_repo
Add a parameter to (un)manage pg_hba.conf
2013-10-02 14:43:21 +02:00
$manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf
Fixes the accidental erasing of pg_ident.conf Even with manage_pg_ident_conf to false, or undef (witch defaults to false), a concat object would be created, erasing the pg_ident.conf file
2014-08-01 23:27:16 +02:00
$manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf
(MODULES-1761) Provide defined resource for managing recovery.conf Currently there is no resource to use for creating the recovery.conf This resource can create a recovery.conf for replication with all currently supported parameters
2015-02-07 07:28:54 +01:00
$manage_recovery_conf = $postgresql::server::manage_recovery_conf
Adds support for PGDATA changing in config_entry.pp Ensure that data_directory is set in the config. per GitHub user tbd - PR#510 / PR#494 that was filed against wrong module branch" Adds acceptance test for non default PGDATA, based on alternative_port_spec.rb Fixes unit test for data directory
2014-10-21 12:59:07 +02:00
$datadir = $postgresql::server::datadir
Allow management of logdir and add logdir parameter
2014-12-09 23:48:45 +01:00
$logdir = $postgresql::server::logdir
(MODULES-2211) Fixed systemd-override for RedHat systems with unmanaged Yum repos This change lets the params class compute the name of the correct systemd unit file via $service_name.
2015-07-29 10:53:00 +02:00
$service_name = $postgresql::server::service_name
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
if ($manage_pg_hba_conf == true) {
# Prepare the main pg_hba file
concat { $pg_hba_conf_path:
owner => $user,
group => $group,
mode => '0640',
warn => true,
notify => Class['postgresql::server::reload'],
}
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
if $pg_hba_conf_defaults {
Postgresql::Server::Pg_hba_rule {
database => 'all',
user => 'all',
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
}
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
# Lets setup the base rules
$local_auth_option = $version ? {
'8.1' => 'sameuser',
default => undef,
}
postgresql::server::pg_hba_rule { 'local access as postgres user':
type => 'local',
user => $user,
auth_method => 'ident',
auth_option => $local_auth_option,
order => '001',
}
postgresql::server::pg_hba_rule { 'local access to database with same name':
type => 'local',
auth_method => 'ident',
auth_option => $local_auth_option,
order => '002',
}
postgresql::server::pg_hba_rule { 'allow localhost TCP access to postgresql user':
type => 'host',
user => $user,
address => '127.0.0.1/32',
auth_method => 'md5',
order => '003',
}
postgresql::server::pg_hba_rule { 'deny access to postgresql user':
type => 'host',
user => $user,
address => $ip_mask_deny_postgres_user,
auth_method => 'reject',
order => '004',
}
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
postgresql::server::pg_hba_rule { 'allow access to all users':
type => 'host',
address => $ip_mask_allow_all_users,
auth_method => 'md5',
order => '100',
}
postgresql::server::pg_hba_rule { 'allow access to ipv6 localhost':
type => 'host',
address => '::1/128',
auth_method => 'md5',
order => '101',
Add a parameter to (un)manage pg_hba.conf
2013-10-02 14:43:21 +02:00
}
Add support for port parameter to postgresql::server, fix underlying assumptions that port=5432
2014-04-17 21:09:07 +02:00
}
disabling pg_hba_conf_defaults should not disable ipv4acls and ipv6acls rules
2015-05-28 15:37:02 +02:00
# ipv4acls are passed as an array of rule strings, here we transform
# them into a resources hash, and pass the result to create_resources
$ipv4acl_resources = postgresql_acls_to_resources_hash($ipv4acls,
'ipv4acls', 10)
create_resources('postgresql::server::pg_hba_rule', $ipv4acl_resources)
# ipv6acls are passed as an array of rule strings, here we transform
# them into a resources hash, and pass the result to create_resources
$ipv6acl_resources = postgresql_acls_to_resources_hash($ipv6acls,
'ipv6acls', 102)
create_resources('postgresql::server::pg_hba_rule', $ipv6acl_resources)
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
}
Add support for port parameter to postgresql::server, fix underlying assumptions that port=5432
2014-04-17 21:09:07 +02:00
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
# We must set a "listen_addresses" line in the postgresql.conf if we
# want to allow any connections from remote hosts.
postgresql::server::config_entry { 'listen_addresses':
value => $listen_addresses,
}
postgresql::server::config_entry { 'port':
value => $port,
}
Adds support for PGDATA changing in config_entry.pp Ensure that data_directory is set in the config. per GitHub user tbd - PR#510 / PR#494 that was filed against wrong module branch" Adds acceptance test for non default PGDATA, based on alternative_port_spec.rb Fixes unit test for data directory
2014-10-21 12:59:07 +02:00
postgresql::server::config_entry { 'data_directory':
value => $datadir,
}
Allow management of logdir and add logdir parameter
2014-12-09 23:48:45 +01:00
if $logdir {
postgresql::server::config_entry { 'log_directory':
value => $logdir,
}
}
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
# RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden
# in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later.
Fix Fedora support by configuring systemd, not /etc/sysconfig
2014-07-08 14:58:28 +02:00
if ($::osfamily == 'RedHat') and ($::operatingsystemrelease !~ /^7/) and ($::operatingsystem != 'Fedora') {
Remove the ensure => absent uninstall code. This is likely to be a controversial change so I wanted to put some explanation of our reasoning into the commit message. This gets kind of complex so I'll start with the problem and then the reasoning. Problem: We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Reasoning: Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. WAIT A MINUTE: We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? When this work is finished I'm going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself.
2014-07-02 16:45:07 +02:00
file { '/etc/sysconfig/pgsql/postgresql':
ensure => present,
replace => false,
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
}
Link to the sysconfig file for the init script of the PGDG postgresql server package
2014-10-23 10:48:53 +02:00
# The init script from the packages of the postgresql.org repository
# sources an alternate sysconfig file.
# I. e. /etc/sysconfig/pgsql/postgresql-9.3 for PostgreSQL 9.3
# Link to the sysconfig file set by this puppet module
file { "/etc/sysconfig/pgsql/postgresql-${version}":
ensure => link,
target => '/etc/sysconfig/pgsql/postgresql',
require => File[ '/etc/sysconfig/pgsql/postgresql' ],
}
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
}
Create the pg_ident_rule defined type This allows us to declare user map as easilly as pg_hba entries.
2014-07-24 22:04:02 +02:00
Link to the sysconfig file for the init script of the PGDG postgresql server package
2014-10-23 10:48:53 +02:00
Create the pg_ident_rule defined type This allows us to declare user map as easilly as pg_hba entries.
2014-07-24 22:04:02 +02:00
if ($manage_pg_ident_conf == true) {
concat { $pg_ident_conf_path:
owner => $user,
group => $group,
Improve port changing support. This makes Debian 6 work, and hopefully Ubuntu 10.04 too.
2014-09-03 22:17:19 +02:00
force => true, # do not crash if there is no pg_ident_rules
Create the pg_ident_rule defined type This allows us to declare user map as easilly as pg_hba entries.
2014-07-24 22:04:02 +02:00
mode => '0640',
warn => true,
notify => Class['postgresql::server::reload'],
}
}
Fix data directory handling The change introduced in b781849882ee5b36135f8d3abafa449721e19565 added a complex operation that was not handled correctly for all operating systems. This fix includes the following corrections: - Change the systemd config and reload systemd for datadir changes in RHEL 7, and move configuration for this into postgresql::server::config since it is managing both the PGDATA and PGPORT variables - Make sure Debian systems stop the service before changing the datadir - Recreate cert links after running initdb in Debian and early ubuntu - Change the port in the port spec to avoid selinux issues - Turn off selinux in pgdata spec to avoid selinux issues - Correct syntax for describing presence of a directory in pgdata spec - Move the pgdata spec to the end of the tests so that puppet doesn't have to manager purging and recreating the original datadir - Update README to describe all caveats of using this parameter
2014-10-31 23:27:34 +01:00
(MODULES-1761) Provide defined resource for managing recovery.conf Currently there is no resource to use for creating the recovery.conf This resource can create a recovery.conf for replication with all currently supported parameters
2015-02-07 07:28:54 +01:00
if ($manage_recovery_conf == true) {
concat { $recovery_conf_path:
owner => $user,
group => $group,
force => true, # do not crash if there is no recovery conf file
mode => '0640',
warn => true,
notify => Class['postgresql::server::reload'],
}
}
Fix data directory handling The change introduced in b781849882ee5b36135f8d3abafa449721e19565 added a complex operation that was not handled correctly for all operating systems. This fix includes the following corrections: - Change the systemd config and reload systemd for datadir changes in RHEL 7, and move configuration for this into postgresql::server::config since it is managing both the PGDATA and PGPORT variables - Make sure Debian systems stop the service before changing the datadir - Recreate cert links after running initdb in Debian and early ubuntu - Change the port in the port spec to avoid selinux issues - Turn off selinux in pgdata spec to avoid selinux issues - Correct syntax for describing presence of a directory in pgdata spec - Move the pgdata spec to the end of the tests so that puppet doesn't have to manager purging and recreating the original datadir - Update README to describe all caveats of using this parameter
2014-10-31 23:27:34 +01:00
if $::osfamily == 'RedHat' {
if $::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora' {
file { 'systemd-override':
ensure => present,
(MODULES-2211) Fixed systemd-override for RedHat systems with unmanaged Yum repos This change lets the params class compute the name of the correct systemd unit file via $service_name.
2015-07-29 10:53:00 +02:00
path => "/etc/systemd/system/${service_name}.service",
Fix data directory handling The change introduced in b781849882ee5b36135f8d3abafa449721e19565 added a complex operation that was not handled correctly for all operating systems. This fix includes the following corrections: - Change the systemd config and reload systemd for datadir changes in RHEL 7, and move configuration for this into postgresql::server::config since it is managing both the PGDATA and PGPORT variables - Make sure Debian systems stop the service before changing the datadir - Recreate cert links after running initdb in Debian and early ubuntu - Change the port in the port spec to avoid selinux issues - Turn off selinux in pgdata spec to avoid selinux issues - Correct syntax for describing presence of a directory in pgdata spec - Move the pgdata spec to the end of the tests so that puppet doesn't have to manager purging and recreating the original datadir - Update README to describe all caveats of using this parameter
2014-10-31 23:27:34 +01:00
owner => root,
group => root,
content => template('postgresql/systemd-override.erb'),
notify => [ Exec['restart-systemd'], Class['postgresql::server::service'] ],
before => Class['postgresql::server::reload'],
}
Fix lint warnings
2015-01-11 05:27:57 +01:00
exec { 'restart-systemd':
Fix data directory handling The change introduced in b781849882ee5b36135f8d3abafa449721e19565 added a complex operation that was not handled correctly for all operating systems. This fix includes the following corrections: - Change the systemd config and reload systemd for datadir changes in RHEL 7, and move configuration for this into postgresql::server::config since it is managing both the PGDATA and PGPORT variables - Make sure Debian systems stop the service before changing the datadir - Recreate cert links after running initdb in Debian and early ubuntu - Change the port in the port spec to avoid selinux issues - Turn off selinux in pgdata spec to avoid selinux issues - Correct syntax for describing presence of a directory in pgdata spec - Move the pgdata spec to the end of the tests so that puppet doesn't have to manager purging and recreating the original datadir - Update README to describe all caveats of using this parameter
2014-10-31 23:27:34 +01:00
command => 'systemctl daemon-reload',
refreshonly => true,
path => '/bin:/usr/bin:/usr/local/bin'
}
}
}
Major rewrite to solve order dependencies and unclear public API This is a very very large change to the module. It started out as a fix to add postgresl::server::config_entry, and quickly became a rewrite to fix a lot of ordering issues inherent in the API. Since this changes the Public API it is considered a backwards compatible change. See the upgrading guide in README.md for more details as to what has been modified in this patch. Signed-off-by: Ken Barber <ken@bob.sh>
2013-08-27 22:43:47 +02:00
}
Reference in a new issue Copy permalink