module-postgresql/manifests/config.pp
Jari Bakken f9dbf4a9c9 Remove trailing commas.
This makes the module work on Puppet 2.7.1 (from Ubuntu 11.10).
2012-08-25 03:20:27 +02:00

64 lines
2.9 KiB
Puppet

# Class: postgresql::config
#
# Parameters:
#
# [*postgres_password*] - postgres db user password.
# [*ip_mask_deny_postgres_user*] - ip mask for denying remote access for postgres user; defaults to '0.0.0.0/0',
# meaning that all TCP access for postgres user is denied.
# [*ip_mask_allow_all_users*] - ip mask for allowing remote access for other users (besides postgres);
# defaults to '127.0.0.1/32', meaning only allow connections from localhost
# [*listen_addresses*] - what IP address(es) to listen on; comma-separated list of addresses; defaults to
# 'localhost', '*' = all
# [*pg_hba_conf_path*] - path to pg_hba.conf file
# [*postgresql_conf_path*] - path to postgresql.conf file
# [*manage_redhat_firewall*] - boolean indicating whether or not the module should open a port in the firewall on
# redhat-based systems; this parameter is likely to change in future versions. Possible
# changes include support for non-RedHat systems and finer-grained control over the
# firewall rule (currently, it simply opens up the postgres port to all TCP connections).
#
#
# Actions:
#
# Requires:
#
# Usage:
#
# class { 'postgresql::config':
# postgres_password => 'postgres',
# ip_mask_allow_all_users => '0.0.0.0/0',
# }
#
class postgresql::config(
$postgres_password = undef,
$ip_mask_deny_postgres_user = $postgresql::params::ip_mask_postgres_user,
$ip_mask_allow_all_users = $postgresql::params::ip_mask_all_users,
$listen_addresses = $postgresql::params::listen_addresses,
$pg_hba_conf_path = $postgresql::params::pg_hba_conf_path,
$postgresql_conf_path = $postgresql::params::postgresql_conf_path,
$manage_redhat_firewall = $postgresql::params::manage_redhat_firewall
) inherits postgresql::params {
# Basically, all this class needs to handle is passing parameters on
# to the "beforeservice" and "afterservice" classes, and ensure
# the proper ordering.
class { "postgresql::config::beforeservice":
ip_mask_deny_postgres_user => $ip_mask_deny_postgres_user,
ip_mask_allow_all_users => $ip_mask_allow_all_users,
listen_addresses => $listen_addresses,
pg_hba_conf_path => $pg_hba_conf_path,
postgresql_conf_path => $postgresql_conf_path,
manage_redhat_firewall => $manage_redhat_firewall,
}
class { "postgresql::config::afterservice":
postgres_password => $postgres_password,
}
Class['postgresql::config'] ->
Class['postgresql::config::beforeservice'] ->
Service['postgresqld'] ->
Class['postgresql::config::afterservice']
}