1 define profile::postgresql::base_pg_hba_rules (
2 Optional[String] $pg_path = undef,
3 String $pg_user = "postgres",
4 String $pg_group = "postgres",
6 unless empty($pg_path) {
7 concat { "$pg_path/pg_hba.conf":
12 require => File[$pg_path],
15 Postgresql::Server::Pg_hba_rule {
16 target => "$pg_path/pg_hba.conf",
17 postgresql_version => "10",
21 postgresql::server::pg_hba_rule { "$title - local access as postgres user":
22 description => 'Allow local access to postgres user',
26 auth_method => 'ident',
29 postgresql::server::pg_hba_rule { "$title - localhost access as postgres user":
30 description => 'Allow localhost access to postgres user',
34 address => "127.0.0.1/32",
38 postgresql::server::pg_hba_rule { "$title - localhost ip6 access as postgres user":
39 description => 'Allow localhost access to postgres user',
47 postgresql::server::pg_hba_rule { "$title - deny access to postgresql user":
48 description => 'Deny remote access to postgres user',
52 address => "0.0.0.0/0",
53 auth_method => 'reject',
56 postgresql::server::pg_hba_rule { "$title - local access":
57 description => 'Allow local access with password',
65 postgresql::server::pg_hba_rule { "$title - local access with same name":
66 description => 'Allow local access with same name',
70 auth_method => 'ident',