opuppet/module-postgresql
5
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #138 from kbarber/ticket/master/128-provide_more_custom_parameters_for_custom_packaging

Browse source 
Ticket/master/128 provide more custom parameters for custom packaging
This commit is contained in:
Chris Price 2013-02-25 10:01:17 -08:00
commit 673e47ee94
15 changed files with 299 additions and 127 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
README.md
View file

@ -164,6 +164,39 @@ This will set the default database locale for all databases created with this mo
####`charset`
This will set the default charset for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `UTF8`.
####`datadir`
This setting can be used to override the default postgresql data directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro.
####`confdir`
This setting can be used to override the default postgresql configuration directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro.
####`bindir`
This setting can be used to override the default postgresql binaries directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro.
####`client_package_name`
This setting can be used to override the default postgresql client package name. If not specified, the module will use whatever package name is the default for your OS distro.
####`server_package_name`
This setting can be used to override the default postgresql server package name. If not specified, the module will use whatever package name is the default for your OS distro.
####`devel_package_name`
This setting can be used to override the default postgresql devel package name. If not specified, the module will use whatever package name is the default for your OS distro.
####`java_package_name`
This setting can be used to override the default postgresql java package name. If not specified, the module will use whatever package name is the default for your OS distro.
####`service_name`
This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro.
####`user`
This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'.
####`group`
This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'.
####`run_initdb`
This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro.
###Class: postgresql::server
Here are the options that you can set in the `config_hash` parameter of `postgresql::server`:

3
lib/puppet/provider/postgresql_psql/ruby.rb
View file

@ -51,7 +51,8 @@ Puppet::Type.type(:postgresql_psql).provide(:ruby) do
end
def run_sql_command(sql)
command = %{psql #{"-d #{resource[:db]}" if resource[:db]} -t -c "#{sql.gsub('"', '\"')}"}
command = %{#{resource[:psql_path]} #{"-d #{resource[:db]}" if resource[:db]} -t -c "#{sql.gsub('"', '\"')}"}
if resource[:cwd]
Dir.chdir resource[:cwd] do
Puppet::Util::SUIDManager.run_and_capture(command, resource[:psql_user], resource[:psql_group])

5
lib/puppet/type/postgresql_psql.rb
View file

@ -49,6 +49,11 @@ Puppet::Type.newtype(:postgresql_psql) do
desc "The name of the database to execute the SQL command against."
end
newparam(:psql_path) do
desc "The path to psql executable."
defaultto("psql")
end
newparam(:psql_user) do
desc "The system user account under which the psql command should be executed."
defaultto("postgres")

2
manifests/config/afterservice.pp
View file

@ -28,7 +28,7 @@ class postgresql::config::afterservice(
# for pg_hba.conf.
exec { 'set_postgres_postgrespw':
# This command works w/no password because we run it as postgres system user
command => "psql -c \"ALTER ROLE postgres PASSWORD '${postgres_password}'\"",
command => "psql -c \"ALTER ROLE ${postgresql::params::user} PASSWORD '${postgres_password}'\"",
user => $postgresql::params::user,
group => $postgresql::params::group,
logoutput => true,

16
manifests/database.pp
View file

@ -27,6 +27,13 @@ define postgresql::database(
) {
include postgresql::params
# Set the defaults for the postgresql_psql resource
Postgresql_psql {
psql_user => $postgresql::params::user,
psql_group => $postgresql::params::group,
psql_path => $postgresql::params::psql_path,
}
# Optionally set the locale switch. Older versions of createdb may not accept
# --locale, so if the parameter is undefined its safer not to pass it.
if ($postgresql::params::version != '8.1') {
@ -52,23 +59,20 @@ define postgresql::database(
postgresql_psql { "Check for existence of db '${dbname}'":
command => 'SELECT 1',
unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'",
cwd => $postgresql::params::datadir,
require => Class['postgresql::server']
} ~>
exec { $createdb_command :
refreshonly => true,
user => 'postgres',
cwd => $postgresql::params::datadir,
user => $postgresql::params::user,
logoutput => on_failure,
} ~>
# This will prevent users from connecting to the database unless they've been
# granted privileges.
postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE ${dbname} FROM public":
db => 'postgres',
postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public":
db => $postgresql::params::user,
refreshonly => true,
cwd => $postgresql::params::datadir,
}
}

24
manifests/database_grant.pp
View file

@ -25,16 +25,22 @@
# in the modules or not.
define postgresql::database_grant(
# TODO: mysql supports an array of privileges here. We should do that if we
# port this to ruby.
$privilege,
$db,
$role,
$psql_db = 'postgres',
$psql_user ='postgres'
# TODO: mysql supports an array of privileges here. We should do that if we
# port this to ruby.
$privilege,
$db,
$role,
$psql_db = $postgresql::params::user,
$psql_user = $postgresql::params::user
) {
include postgresql::params
Postgresql_psql {
psql_user => $postgresql::params::user,
psql_group => $postgresql::params::group,
psql_path => $postgresql::params::psql_path,
}
# TODO: FIXME: only works on databases, due to using has_database_privilege
# TODO: this is a terrible hack; if they pass "ALL" as the desired privilege,
@ -50,11 +56,9 @@ define postgresql::database_grant(
default => $privilege,
}
postgresql_psql {"GRANT ${privilege} ON database ${db} TO ${role}":
postgresql_psql {"GRANT ${privilege} ON database \"${db}\" TO \"${role}\"":
db => $psql_db,
psql_user => $psql_user,
unless => "SELECT 1 WHERE has_database_privilege('${role}', '${db}', '${unless_privilege}')",
cwd => $postgresql::params::datadir,
}
}

12
manifests/database_user.pp
View file

@ -38,12 +38,12 @@
#
define postgresql::database_user(
$password_hash,
$createdb = false,
$createrole = false,
$db = 'postgres',
$superuser = false,
$user = $title
$password_hash,
$createdb = false,
$createrole = false,
$db = $postgresql::params::user,
$superuser = false,
$user = $title
) {
postgresql::role { $user:
db => $db,

95
manifests/init.pp
View file

@ -10,6 +10,7 @@
# For examples, see the files in the `tests` directory; in particular,
# `/server-yum-postgresql-org.pp`.
#
# === Parameters
#
# [*version*]
# The postgresql version to install. If not specified, the
@ -26,15 +27,70 @@
# set to `true`. It determines which package repository should
# be used to install the postgres packages. Currently supported
# values include `yum.postgresql.org`.
#
# [*locale*]
# This setting defines the default locale for initdb and createdb
# commands. This default to 'undef' which is effectively 'C'.
# [*charset*]
# Sets the default charset to be used for initdb and createdb.
# Defaults to 'UTF8'.
# [*datadir*]
# This setting can be used to override the default postgresql
# data directory for the target platform. If not specified, the
# module will use whatever directory is the default for your
# OS distro.
# [*confdir*]
# This setting can be used to override the default postgresql
# configuration directory for the target platform. If not
# specified, the module will use whatever directory is the
# default for your OS distro.
# [*bindir*]
# This setting can be used to override the default postgresql
# binaries directory for the target platform. If not
# specified, the module will use whatever directory is the
# default for your OS distro.
# [*client_package_name*]
# This setting can be used to override the default
# postgresql client package name. If not specified, the module
# will use whatever package name is the default for your
# OS distro.
# [*server_package_name*]
# This setting can be used to override the default
# postgresql server package name. If not specified, the module
# will use whatever package name is the default for your
# OS distro.
# [*devel_package_name*]
# This setting can be used to override the default
# postgresql devel package name. If not specified, the module
# will use whatever package name is the default for your
# OS distro.
# [*java_package_name*]
# This setting can be used to override the default
# postgresql java package name. If not specified, the module
# will use whatever package name is the default for your
# OS distro.
# [*service_name*]
# This setting can be used to override the default
# postgresql service name. If not specified, the module
# will use whatever service name is the default for your
# OS distro.
# [*user*]
# This setting can be used to override the default
# postgresql super user and owner of postgresql related files
# in the file system. If not specified, the module will use
# the user name 'postgres'.
# [*group*]
# This setting can be used to override the default
# postgresql user group to be used for related files
# in the file system. If not specified, the module will use
# the group name 'postgres'.
# [*run_initdb*]
# This setting can be used to explicitly call the initdb
# operation after server package is installed and before
# the postgresql service is started. If not specified, the
# module will decide whether to call initdb or not depending
# on your OS distro.
#
# === Examples:
# === Examples
#
# class { 'postgresql':
# version => '9.2',
@ -47,13 +103,36 @@ class postgresql (
$manage_package_repo = false,
$package_source = undef,
$locale = undef,
$charset = 'UTF8'
$charset = 'UTF8',
$datadir = undef,
$confdir = undef,
$bindir = undef,
$client_package_name = undef,
$server_package_name = undef,
$devel_package_name = undef,
$java_package_name = undef,
$service_name = undef,
$user = undef,
$group = undef,
$run_initdb = undef
) {
class { 'postgresql::params':
version => $version,
manage_package_repo => $manage_package_repo,
package_source => $package_source,
locale => $locale,
charset => $charset,
version => $version,
manage_package_repo => $manage_package_repo,
package_source => $package_source,
locale => $locale,
charset => $charset,
custom_datadir => $datadir,
custom_confdir => $confdir,
custom_bindir => $bindir,
custom_client_package_name => $client_package_name,
custom_server_package_name => $server_package_name,
custom_devel_package_name => $devel_package_name,
custom_java_package_name => $java_package_name,
custom_service_name => $service_name,
custom_user => $user,
custom_group => $group,
run_initdb => $run_initdb,
}
}

4
manifests/initdb.pp
View file

@ -19,9 +19,9 @@
class postgresql::initdb(
$datadir = $postgresql::params::datadir,
$encoding = $postgresql::params::charset,
$group = 'postgres',
$group = $postgresql::params::group,
$initdb_path = $postgresql::params::initdb_path,
$user = 'postgres'
$user = $postgresql::params::user
) inherits postgresql::params {
# Build up the initdb command.
#

121
manifests/params.pp
View file

@ -28,14 +28,25 @@
# correct paths to the postgres dirs.
class postgresql::params(
$version = $::postgres_default_version,
$manage_package_repo = false,
$package_source = undef,
$locale = undef,
$charset = 'UTF8'
$version = $::postgres_default_version,
$manage_package_repo = false,
$package_source = undef,
$locale = undef,
$charset = 'UTF8',
$custom_datadir = undef,
$custom_confdir = undef,
$custom_bindir = undef,
$custom_client_package_name = undef,
$custom_server_package_name = undef,
$custom_devel_package_name = undef,
$custom_java_package_name = undef,
$custom_service_name = undef,
$custom_user = undef,
$custom_group = undef,
$run_initdb = undef,
) {
$user = 'postgres'
$group = 'postgres'
$user = pick($custom_user, 'postgres')
$group = pick($custom_group, 'postgres')
$ip_mask_deny_postgres_user = '0.0.0.0/0'
$ip_mask_allow_all_users = '127.0.0.1/32'
$listen_addresses = 'localhost'
@ -46,32 +57,32 @@ class postgresql::params(
if ($manage_package_repo) {
case $::osfamily {
'RedHat': {
$rh_pkg_source = pick($package_source, 'yum.postgresql.org')
case $::osfamily {
'RedHat': {
$rh_pkg_source = pick($package_source, 'yum.postgresql.org')
case $rh_pkg_source {
'yum.postgresql.org': {
class { 'postgresql::package_source::yum_postgresql_org':
version => $version
}
}
default: {
fail("Unsupported package source '${rh_pkg_source}' for ${::osfamily} OS family. Currently the only supported source is 'yum.postgresql.org'")
case $rh_pkg_source {
'yum.postgresql.org': {
class { 'postgresql::package_source::yum_postgresql_org':
version => $version
}
}
}
'Debian': {
class { 'postgresql::package_source::apt_postgresql_org': }
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} currently only supports osfamily RedHat and Debian")
default: {
fail("Unsupported package source '${rh_pkg_source}' for ${::osfamily} OS family. Currently the only supported source is 'yum.postgresql.org'")
}
}
}
'Debian': {
class { 'postgresql::package_source::apt_postgresql_org': }
}
default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} currently only supports osfamily RedHat and Debian")
}
}
}
# This is a bit hacky, but if the puppet nodes don't have pluginsync enabled,
@ -93,37 +104,37 @@ class postgresql::params(
# Amazon Linux's OS Family is 'Linux', operating system 'Amazon'.
case $::osfamily {
'RedHat', 'Linux': {
$needs_initdb = true
$needs_initdb = pick($run_initdb, true)
$firewall_supported = true
$persist_firewall_command = '/sbin/iptables-save > /etc/sysconfig/iptables'
if $version == $::postgres_default_version {
$client_package_name = 'postgresql'
$server_package_name = 'postgresql-server'
$devel_package_name = 'postgresql-devel'
$java_package_name = 'postgresql-jdbc'
$service_name = 'postgresql'
$bindir = '/usr/bin'
$datadir = '/var/lib/pgsql/data'
$confdir = $datadir
$client_package_name = pick($custom_client_package_name, 'postgresql')
$server_package_name = pick($custom_server_package_name, 'postgresql-server')
$devel_package_name = pick($custom_devel_package_name, 'postgresql-devel')
$java_package_name = pick($custom_java_package_name, 'postgresql-jdbc')
$service_name = pick($custom_service_name, 'postgresql')
$bindir = pick($custom_bindir, '/usr/bin')
$datadir = pick($custom_datadir, '/var/lib/pgsql/data')
$confdir = pick($custom_confdir, $datadir)
} else {
$version_parts = split($version, '[.]')
$package_version = "${version_parts[0]}${version_parts[1]}"
$client_package_name = "postgresql${package_version}"
$server_package_name = "postgresql${package_version}-server"
$devel_package_name = "postgresql${package_version}-devel"
$java_package_name = "postgresql${package_version}-jdbc"
$service_name = "postgresql-${version}"
$bindir = "/usr/pgsql-${version}/bin"
$datadir = "/var/lib/pgsql/${version}/data"
$confdir = $datadir
$client_package_name = pick($custom_client_package_name, "postgresql${package_version}")
$server_package_name = pick($custom_server_package_name, "postgresql${package_version}-server")
$devel_package_name = pick($custom_devel_package_name, "postgresql${package_version}-devel")
$java_package_name = pick($custom_java_package_name, "postgresql${package_version}-jdbc")
$service_name = pick($custom_service_name, "postgresql-${version}")
$bindir = pick($custom_bindir, "/usr/pgsql-${version}/bin")
$datadir = pick($custom_datadir, "/var/lib/pgsql/${version}/data")
$confdir = pick($custom_confdir, $datadir)
}
$service_status = undef
}
'Debian': {
$needs_initdb = false
$needs_initdb = pick($run_initdb, false)
$firewall_supported = false
# TODO: not exactly sure yet what the right thing to do for Debian/Ubuntu is.
#$persist_firewall_command = '/sbin/iptables-save > /etc/iptables/rules.v4'
@ -131,26 +142,25 @@ class postgresql::params(
case $::operatingsystem {
'Debian': {
$service_name = 'postgresql'
$service_name = pick($custom_service_name, 'postgresql')
}
'Ubuntu': {
# thanks, ubuntu
if($::lsbmajdistrelease == '10' and !$manage_package_repo) {
$service_name = "postgresql-${version}"
$service_name = pick($custom_service_name, "postgresql-${version}")
} else {
$service_name = 'postgresql'
$service_name = pick($custom_service_name, 'postgresql')
}
}
}
$client_package_name = "postgresql-client-${version}"
$server_package_name = "postgresql-${version}"
$devel_package_name = 'libpq-dev'
$java_package_name = 'libpostgresql-jdbc-java'
$bindir = "/usr/lib/postgresql/${version}/bin"
$datadir = "/var/lib/postgresql/${version}/main"
$confdir = "/etc/postgresql/${version}/main"
$client_package_name = pick($custom_client_package_name, "postgresql-client-${version}")
$server_package_name = pick($custom_server_package_name, "postgresql-${version}")
$devel_package_name = pick($custom_devel_package_name, 'libpq-dev')
$java_package_name = pick($custom_java_package_name, 'libpostgresql-jdbc-java')
$bindir = pick($custom_bindir, "/usr/lib/postgresql/${version}/bin")
$datadir = pick($custom_datadir, "/var/lib/postgresql/${version}/main")
$confdir = pick($custom_confdir, "/etc/postgresql/${version}/main")
$service_status = "/etc/init.d/${service_name} status | /bin/egrep -q 'Running clusters: .+|online'"
}
@ -164,4 +174,5 @@ class postgresql::params(
$psql_path = "${bindir}/psql"
$pg_hba_conf_path = "${confdir}/pg_hba.conf"
$postgresql_conf_path = "${confdir}/postgresql.conf"
}

3
manifests/psql.pp
View file

@ -21,7 +21,7 @@ define postgresql::psql(
$unless,
$command = $title,
$refreshonly = false,
$user = 'postgres'
$user = $postgresql::params::user
) {
include postgresql::params
@ -35,6 +35,7 @@ define postgresql::psql(
}
$psql = "${postgresql::params::psql_path} ${no_password_option} --tuples-only --quiet --dbname ${db}"
$quoted_command = regsubst($command, '"', '\\"', 'G')
$quoted_unless = regsubst($unless, '"', '\\"', 'G')

15
manifests/role.pp
View file

@ -27,16 +27,21 @@ define postgresql::role(
) {
include postgresql::params
Postgresql_psql {
psql_user => $postgresql::params::user,
psql_group => $postgresql::params::group,
psql_path => $postgresql::params::psql_path,
}
$login_sql = $login ? { true => 'LOGIN' , default => 'NOLOGIN' }
$createrole_sql = $createrole ? { true => 'CREATEROLE', default => 'NOCREATEROLE' }
$createdb_sql = $createdb ? { true => 'CREATEDB' , default => 'NOCREATEDB' }
$superuser_sql = $superuser ? { true => 'SUPERUSER' , default => 'NOSUPERUSER' }
# TODO: FIXME: Will not correct the superuser / createdb / createrole / login status of a role that already exists
postgresql_psql {"CREATE ROLE ${username} ENCRYPTED PASSWORD '${password_hash}' ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql}":
db => $db,
psql_user => 'postgres',
unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}'",
cwd => $postgresql::params::datadir,
postgresql_psql {"CREATE ROLE \"${username}\" ENCRYPTED PASSWORD '${password_hash}' ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql}":
db => $db,
psql_user => $postgresql::params::user,
unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}'",
}
}

15
manifests/tablespace.pp
View file

@ -29,26 +29,31 @@ define postgresql::tablespace(
{
include postgresql::params
Postgresql_psql {
psql_user => $postgresql::params::user,
psql_group => $postgresql::params::group,
psql_path => $postgresql::params::psql_path,
}
if ($owner == undef) {
$owner_section = ''
}
else {
$owner_section = "OWNER ${owner}"
$owner_section = "OWNER \"${owner}\""
}
$create_tablespace_command = "CREATE TABLESPACE ${spcname} ${owner_section} LOCATION '${location}'"
$create_tablespace_command = "CREATE TABLESPACE \"${spcname}\" ${owner_section} LOCATION '${location}'"
file { $location:
ensure => directory,
owner => 'postgres',
group => 'postgres',
owner => $postgresql::params::user,
group => $postgresql::params::group,
mode => '0700',
}
postgresql_psql { "Create tablespace '${spcname}'":
command => $create_tablespace_command,
unless => "SELECT spcname FROM pg_tablespace WHERE spcname='${spcname}'",
cwd => $postgresql::params::datadir,
require => [Class['postgresql::server'], File[$location]],
}
}

54
manifests/validate_db_connection.pp
View file

@ -42,36 +42,36 @@
#
define postgresql::validate_db_connection(
$database_host,
$database_name,
$database_password,
$database_username,
$database_port = 5432
$database_host,
$database_name,
$database_password,
$database_username,
$database_port = 5432
) {
require postgresql::client
require postgresql::client
# TODO: port to ruby
$psql = "${postgresql::params::psql_path} --tuples-only --quiet -h ${database_host} -U ${database_username} -p ${database_port} --dbname ${database_name}"
# TODO: port to ruby
$psql = "${postgresql::params::psql_path} --tuples-only --quiet -h ${database_host} -U ${database_username} -p ${database_port} --dbname ${database_name}"
$exec_name = "validate postgres connection for ${database_host}/${database_name}"
exec { $exec_name:
command => '/bin/false',
unless => "/bin/echo \"SELECT 1\" | ${psql}",
cwd => '/tmp',
environment => "PGPASSWORD=${database_password}",
logoutput => 'on_failure',
require => Package['postgresql-client'],
}
$exec_name = "validate postgres connection for ${database_host}/${database_name}"
exec { $exec_name:
command => '/bin/false',
unless => "/bin/echo \"SELECT 1\" | ${psql}",
cwd => '/tmp',
environment => "PGPASSWORD=${database_password}",
logoutput => 'on_failure',
require => Package['postgresql-client'],
}
# This is a little bit of puppet magic. What we want to do here is make
# sure that if the validation and the database instance creation are being
# applied on the same machine, then the database resource is applied *before*
# the validation resource. Otherwise, the validation is guaranteed to fail
# on the first run.
#
# We accomplish this by using Puppet's resource collection syntax to search
# for the Database resource in our current catalog; if it exists, the
# appropriate relationship is created here.
Database<|title == $database_name|> -> Exec[$exec_name]
# This is a little bit of puppet magic. What we want to do here is make
# sure that if the validation and the database instance creation are being
# applied on the same machine, then the database resource is applied *before*
# the validation resource. Otherwise, the validation is guaranteed to fail
# on the first run.
#
# We accomplish this by using Puppet's resource collection syntax to search
# for the Database resource in our current catalog; if it exists, the
# appropriate relationship is created here.
Database<|title == $database_name|> -> Exec[$exec_name]
}

24
spec/unit/classes/init_spec.rb
View file

@ -8,4 +8,28 @@ describe 'postgresql', :type => :class do
}
end
it { should include_class("postgresql") }
context 'support override params' do
let(:params) {{
:version => '8.4',
:manage_package_repo => true,
:package_source => '',
:locale => 'en_NG',
:charset => 'UTF8',
:datadir => '/srv/pgdata',
:confdir => '/opt/pg/etc',
:bindir => '/opt/pg/bin',
:client_package_name => 'my-postgresql-client',
:server_package_name => 'my-postgresql-server',
:devel_package_name => 'my-postgresql-devel',
:java_package_name => 'my-postgresql-java',
:service_name => 'my-postgresql',
:user => 'my-postgresql',
:group => 'my-postgresql',
:run_initdb => true,
}}
it { should include_class("postgresql") }
it { should include_class("postgresql::params") }
end
end