]>
Commit | Line | Data |
---|---|---|
39e05b4e IB |
1 | class role::cryptoportfolio::postgresql inherits role::cryptoportfolio { |
2 | $password_seed = lookup("base_installation::puppet_pass_seed") | |
3 | ||
4 | $pg_password = generate_password(24, $password_seed, "postgres_cryptoportfolio") | |
39e05b4e | 5 | |
3925777d IB |
6 | profile::postgresql::master { "postgresql master for cryptoportfolio": |
7 | letsencrypt_host => $web_host, | |
8 | backup_hosts => ["backup-1"], | |
39e05b4e IB |
9 | } |
10 | ||
11 | postgresql::server::db { $pg_db: | |
12 | user => $pg_user, | |
13 | password => postgresql_password($pg_user, $pg_password), | |
14 | } | |
39e05b4e IB |
15 | |
16 | postgresql::server::pg_hba_rule { 'allow localhost TCP access to cryptoportfolio user': | |
3925777d | 17 | type => 'local', |
39e05b4e IB |
18 | database => $pg_db, |
19 | user => $pg_user, | |
3925777d | 20 | auth_method => 'ident', |
39e05b4e IB |
21 | order => "05-01", |
22 | } | |
6d1c9c43 | 23 | |
3925777d IB |
24 | # cleanup |
25 | postgresql_psql { "DROP PUBLICATION ${pg_db}_publication": | |
26 | db => $pg_db, | |
27 | onlyif => "SELECT 1 FROM pg_catalog.pg_publication WHERE pubname = '${pg_db}_publication'", | |
28 | } -> | |
29 | postgresql_replication_slot { $pg_user_replication: | |
30 | ensure => absent | |
31 | } -> | |
32 | postgresql_psql { "DROP OWNED BY $pg_user_replication": | |
33 | db => $pg_db, | |
34 | onlyif => "SELECT 1 FROM pg_user WHERE usename='$pg_user_replication'" | |
35 | } -> | |
36 | postgresql::server::role { $pg_user_replication: | |
37 | ensure => absent, | |
6d1c9c43 | 38 | } |
3925777d | 39 | # /cleanup |
6d1c9c43 | 40 | |
39e05b4e | 41 | } |