6367e359ea
When the psql command runs from a directory it does not have permission to access, it outputs an error. This error trips up the unless SQL command, causing the other SQL commands to run even if not needed. Rather than ignore stderr (which might hide something else), or use an arbitrary directory like /tmp, this code sets the cwd to the data directory, which will exist and be owned by the postgres user. If someone uses the postgres_psql type and customises the psql_user parameter, they should also set an appropriate cwd.
54 lines
1.8 KiB
Puppet
54 lines
1.8 KiB
Puppet
# puppet-postgresql
|
|
# For all details and documentation:
|
|
# http://github.com/inkling/puppet-postgresql
|
|
#
|
|
# Copyright 2012- Inkling Systems, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# TODO: in order to match up more closely with the mysql module, this probably
|
|
# needs to be moved over to ruby, and add support for ensurable.
|
|
|
|
define postgresql::database(
|
|
$dbname = $title,
|
|
$charset = 'UTF8')
|
|
{
|
|
include postgresql::params
|
|
|
|
if ($postgresql::params::version != '8.1') {
|
|
$locale_option = '--locale=C'
|
|
}
|
|
|
|
$createdb_command = "${postgresql::params::createdb_path} --template=template0 --encoding '${charset}' ${locale_option} '${dbname}'"
|
|
|
|
postgresql_psql { "Check for existence of db '$dbname'":
|
|
command => "SELECT 1",
|
|
unless => "SELECT datname FROM pg_database WHERE datname='$dbname'",
|
|
cwd => $postgresql::params::datadir,
|
|
} ~>
|
|
|
|
exec { $createdb_command :
|
|
refreshonly => true,
|
|
user => 'postgres',
|
|
cwd => $postgresql::params::datadir,
|
|
} ~>
|
|
|
|
# This will prevent users from connecting to the database unless they've been
|
|
# granted privileges.
|
|
postgresql_psql {"REVOKE CONNECT ON DATABASE $dbname FROM public":
|
|
db => 'postgres',
|
|
refreshonly => true,
|
|
cwd => $postgresql::params::datadir,
|
|
}
|
|
|
|
}
|