Commit graph

143 commits

Author SHA1 Message Date
Bob van Bokkem
fad4c164ab syntax error near UTF8 2015-09-30 14:25:45 +02:00
François Conil
c1f4530634 Fixes MODULES_2059 - adds extension argument
This adds the ability to define the extension name separately from the
"title" of the resource, which allows you to add the extension to more
than one database.

As per the original ticket, extensions in postgresql can be defined on
a per database basis. By using the same name for both the extension and
the instance of postgresql::server::extension, you're getting duplicates
errors if you try to assign an extension to more than one database
2015-09-09 14:26:41 +10:00
David Schmitt
e42d787141 Merge pull request #677 from cavaliercoder/master
(MODULES-2211) Fixed systemd-override for RedHat systems with unmanaged Yum repos
2015-09-01 08:06:43 +01:00
Tom Hey
6a29636155 (MODULES-661) Remote DB support
Adds connection-settings (for remote DB support) when creating DB resources.

Connection-settings allows a hash of options that can be used
when connecting the a remote DB (such as PGHOST, PGPORT, PGPASSWORD
PGSSLKEY) and a special option DBVERSION indicating the version
of the remote database.

Including
- Puppet updates
- Documentation updates
- RSpec unit test updates
- RSpec acceptance test updates
- Some test coverage for connection-settings
- Working acceptance test...
    Basic vagrant setup:
    * Two boxes, server and client
    * Runs puppet code to on server to setup a postgres server that allows all connections and md5 connections, creates db puppet to look at
    * Runs puppet code on client to make a server that a psql command can be run against puppet db on other server
    * Does some fancy stuff to get the fact of the IP from the first server to connect to
- Backwards compatible, with deprecation warnings around old parameters
2015-08-27 11:03:18 +01:00
Nick Walker
25c1bae73a Decouple pg_hba_rule from postgresql::server
This change allows the pg_hba_rule defined type to be used
even if you have not included postgresql::server.

By default it will continue with the same behavior as before,
however, you can now specify some extra parameters that were
previously coming directly from postgresql::server
2015-08-11 11:47:27 -07:00
Ryan Armstrong
f929cadd9c (MODULES-2211) Fixed systemd-override for RedHat systems with unmanaged Yum repos
This change lets the params class compute the name of the correct systemd unit file
via $service_name.
2015-07-29 16:53:00 +08:00
David Schmitt
d5efb1fea3 Merge pull request #665 from bmjen/squash-620
Support granting permission on sequences.
2015-07-02 19:18:48 +01:00
qha
c9ffadd31b Support granting permission on sequences.
add spec test for sequence grant and document postgresql::server::grant.
2015-07-02 10:33:15 -07:00
Morgan Haskel
d6435e47c6 Merge pull request #625 from covermymeds/update_pg_hba_rule
(#2056) Added 9.4, corrected past versions based on docs
2015-07-02 10:23:35 -07:00
Ken Barber
1d974be09f (MODULES-2181) Fix variable scope for systemd-override
$manage_package_repo wasn't in scope for the template systemd-override.erb
This was causing all RHEL7 systems with manage_package_repo on to fail on
startup using systemctl, as the proper path to the original service file
is set incorrectly.

This patch adds the manage_package_repo to the top of the ::config class,
and adds some basic tests in config_spec.rb to ensure we don't regress on
this.

Signed-off-by: Ken Barber <ken@bob.sh>
2015-07-01 14:13:29 -07:00
Travis Fields
c4c0402bd4 Merge pull request #527 from kimor79/psql-onlyif 2015-06-25 14:04:10 -07:00
Kimo Rosenbaum
39f15c313c Add onlyif parameter to postgresql_psql to only run command if onlyif returns true
Add option to only attempt table grant if table already exists

Make this slightly more generic
2015-06-25 13:54:02 -07:00
CJ Estel
51fc426be8 Added 9.4, corrected past versions based on docs
adjusted spec to have correct values with change
2015-06-25 16:00:42 -04:00
Hunter Haugen
cb57b323d6 Merge pull request #633 from b0e/master
disabling pg_hba_conf_defaults should not disable ipv4acls and ipv6ac…
2015-06-25 10:43:08 -07:00
Mickaël Canévet
6dbbb6ae9a Copy snakeoil certificate and key instead of symlinking
Since postgresql-9.1_9.1.16-0+deb7u1 on wheezy, postgresql can't read
snakeoil certificate as symlink anymore, so server does not restart.
This patch copies cert and key instead of symlinking so that it works
again.
2015-06-19 14:37:25 +02:00
Chris Denneen
9dc891d06d Fixed systemd override for manage_repo package versions 2015-06-12 10:29:50 -04:00
Hunter Haugen
b5b9c78d76 Merge pull request #623 from dirkweinhardt/MODULES-2049
(#2049) Make title of psql resource for schema creation unique
2015-05-29 10:12:47 -07:00
deVIAntCode
f9c0d91680 Add classes to install PL/Python and the postgresql-docs
See the README for usage and provided parameters.
2015-05-29 10:00:01 +01:00
Achim Ledermüller
eec3c9505a disabling pg_hba_conf_defaults should not disable ipv4acls and ipv6acls rules 2015-05-28 15:37:02 +02:00
dirkweinhardt
d9cc161595 Made title of psql resource for schema creation unique. 2015-05-19 10:12:28 +02:00
Bryan Jen
eb75ec2e36 Merge pull request #609 from hunner/antaflos-patch-2
Antaflos patch 2
2015-04-10 16:08:19 -07:00
JT (Jonny)
7e0547fbe5 Merge pull request #602 from buzzdeee/master
Reorder environment and require parameter, to unbreak
2015-03-31 16:45:13 +01:00
David Crome
81b4778b93 (MODULES-1761) Provide defined resource for managing recovery.conf
Currently there is no resource to use for creating the recovery.conf

This resource can create a recovery.conf for replication with all
currently supported parameters
2015-03-30 10:27:55 +02:00
Sebastian Reitenbach
d4713efce1 Reorder environment and require parameter, to unbreak
on OpenBSD puppet 3.7.4, with future parser, and ruby 2.1.5.

Without the change, ran into error:

Info: Loading facts
    Info: Loading facts
    Error: Could not retrieve catalog from remote server: Error 400 on SERVER: I
nvalid parameter environment on Postgresql_psql[CREATE ROLE puppetdb ENCRYPTED P
ASSWORD ****] at /etc/puppet/environments/production/modules/postgresql/manifest
s/server/role.pp:46 on node puppetdb.srv.intern
    Warning: Not using cache on failed catalog
    Error: Could not retrieve catalog; skipping run

I guess the future parser requires adhering to the order?
2015-03-29 13:43:26 +02:00
Reno Reckling
1ecc5bc8dd properly quote create and drop extension statements 2015-03-23 14:06:41 +01:00
Andreas Ntaflos
863a4b80de Fix setting postgres role password
Discussed in https://tickets.puppetlabs.com/browse/MODULES-1869

It seems env variables passed via `exec`'s `environment` parameter must
not be single-quoted, otherwise the single-quotes are interpreted
literally in the command strings in `command` and `unless`. For a
postgres password of `foobar` this leads to the `unless` code trying to
use literally `'foobar'` as password, and the `psql` line in `command`
setting literally `'$$foobar$$'` as password.
2015-03-19 03:16:27 +01:00
Ruben van Staveren
05c466c9d0 Provide postgresql_psql defaults for postgresql::server::initdb 2015-03-16 21:30:21 +01:00
Ruben van Staveren
977a7495f8 Fix indentation to 2 spaces 2015-03-16 21:22:08 +01:00
Ruben van Staveren
01b38f5bb4 postgresql::server::extension needs to have defaults for postgresql_psql
Using same pattern as with postgresql::server::database.
observed when installing the pg_trgm using pgsql 9.4
2015-03-16 21:22:07 +01:00
Krzysztof Suszyński
cfbf2f9308 Using enviromental varables to hide actual password in psql commands displayed in output and reports. 2015-03-12 10:57:19 -07:00
Colin Wood
83b4ac1661 Allow management of logdir and add logdir parameter 2015-03-12 10:40:46 -07:00
Hunter Haugen
9e9aa9da85 Merge pull request #564 from antaflos/idempotency_for_grant_all_tables
Make granting on ALL TABLES IN SCHEMA idempotent
2015-03-12 10:28:34 -07:00
Morgan Haskel
d348cdb4b6 Merge pull request #579 from sathieu/template_encoding
(MODULES-1834) Be less strict when changing template1 encoding
2015-03-12 10:06:53 -07:00
Mathieu Parent
f3a0db44ef (MODULES-1834) Be less strict when changing template1 encoding
We currently use: UTF8 != UTF-8
We should instead use: pg_char_to_encoding(UTF8) == pg_char_to_encoding(UTF-8)
2015-03-10 10:03:44 +01:00
Morgan Haskel
dcfe75eb95 Rework defaults for $object_name in postgresql::server::grant
You don't have access to parameters within the parameter list.
2015-03-06 15:49:07 -08:00
Sebastian Reitenbach
ef1681f5e5 Changes to support OpenBSD.
Added $service_reload parameter to params.pp, in order to allow
a reload of the postgresql server on OpenBSD, which apparently doesn't
have a service binary.
2015-03-06 14:11:33 -08:00
Andreas Ntaflos
dbbb7aa2b3 Make granting on ALL TABLES IN SCHEMA idempotent
Define a proper SELECT statement to feed into Postgresql_psql's
`unless` parameter that checks if there are any tables in the specified
schema for which the specified role *does not* have the specified
privilege. Only then allow the GRANT statement to be executed. For
details see comments.

Note that this, too, suffers from the problem that there is no feasible
way to check if a role has ALL PRIVILEGES on a table in plain SQL. By
terrible convention the INSERT privilege represents ALL PRIVILEGES here.
2015-03-05 17:18:42 +01:00
Andreas Ntaflos
aee6dba6f8 Use correct TCP port when checking password
The PostgreSQL server's port is specified in `postgresql::server::port`, so use it in the `unless` clause of `Exec['set_postgres_postgrespw']`. Failing to do so results in repeated invocations of the exec resource during Puppet runs when the server's port is not set to the default of 5432.
2015-02-27 04:48:15 +01:00
Sebastian Gerhards
a246e586be create role before database
Creating the role before creating the database is mandatory because otherwise
granting the access right to the database fails.
2015-02-23 11:57:05 +01:00
Mickaël Canévet
e1034d9bee Fix template1 encoding on debian 2015-02-19 08:37:31 +01:00
Hunter Haugen
f889a4612d Fix comment detection
On psql 8.1, `pg_catalog.shobj_description` does not exist. Also, if the
database to comment is not the current db then this warning will be
raised and the comment will not be applied: `WARNING:  database comments
may only be applied to the current database`

This fix uses the pg_* databases to find the comment based on the
database oid rather than the shared object description function.
2015-02-05 14:39:58 -08:00
Colleen Murphy
6d2b66cc3d Merge pull request #558 from hunner/fix_dbcomment
Fix comment detection
2015-02-04 22:48:28 -08:00
Hunter Haugen
bd80c54664 Fix comment detection
On psql 8.1, `pg_catalog.shobj_description` does not exist. Also, if the
database to comment is not the current db then this warning will be
raised and the comment will not be applied: `WARNING:  database comments
may only be applied to the current database`

This fix uses the pg_* databases to find the comment based on the
database oid rather than the shared object description function.
2015-02-04 13:41:11 -08:00
Hunter Haugen
50ae9efbad Require server package before user permissions
The postgresql user is created by the server package, but this file
resource may be evaluated before the package is installed resulting in
permission failures.
2015-02-04 13:39:33 -08:00
Colleen Murphy
d42b821969 Merge pull request #521 from raphink/dev/server_extension
Add postgresql::server::extension definition
2015-02-04 14:26:53 +01:00
juniorsysadmin
435d63297a (MODULES-1153) Add database comment parameter 2015-02-04 22:45:28 +11:00
juniorsysadmin
32ebbb5e34 Fix lint warnings 2015-01-21 10:46:29 +11:00
Tom De Vylder
0625b91d71 Fix invalid byte sequence in US-ASCII error 2015-01-09 13:33:30 +01:00
Morgan Haskel
7c520bd220 Merge pull request #538 from mattbostock/groupeseb-master
Allow per-schema grants and support for 'ALL TABLES IN SCHEMA'
2014-12-22 10:10:48 -08:00
Raphaël Pinson
807fefe5fa Add postgresql::server::extension definition 2014-12-08 16:27:33 +01:00