]>
Commit | Line | Data |
---|---|---|
d2f031ec IB |
1 | class profile::postgresql::pam_ldap_pgbouncer ( |
2 | String $pg_user = "postgres" | |
3 | ) { | |
4 | include "profile::pam_ldap" | |
5 | ||
6 | $password_seed = lookup("base_installation::puppet_pass_seed") | |
7 | $ldap_server = lookup("base_installation::ldap_server") | |
8 | $ldap_base = lookup("base_installation::ldap_base") | |
9 | $ldap_dn = lookup("base_installation::ldap_dn") | |
10 | $ldap_password = generate_password(24, $password_seed, "ldap") | |
11 | $ldap_attribute = "uid" | |
12 | $ldap_filter = lookup("role::backup::postgresql::pgbouncer_access_filter", { "default_value" => undef }) | |
13 | ||
14 | if empty($ldap_filter) { | |
15 | fail("need ldap filter for pgbouncer") | |
16 | } | |
17 | ||
18 | file { "/etc/pam_ldap.d/pgbouncer.conf": | |
19 | ensure => "present", | |
20 | mode => "0600", | |
21 | owner => $pg_user, | |
22 | group => "root", | |
23 | content => template("profile/postgresql/pam_ldap_pgbouncer.conf.erb"), | |
24 | require => File["/etc/pam_ldap.d"], | |
25 | } -> | |
26 | file { "/etc/pam.d/pgbouncer": | |
27 | ensure => "present", | |
28 | mode => "0644", | |
29 | owner => "root", | |
30 | group => "root", | |
31 | source => "puppet:///modules/profile/postgresql/pam_pgbouncer" | |
32 | } | |
33 | } |