1 define profile::postgresql::ssl (
2 Optional[String] $cert = undef,
3 Optional[String] $key = undef,
4 Optional[String] $certname = undef,
5 Optional[Boolean] $copy_keys = true,
6 Optional[String] $pg_user = $profile::postgresql::pg_user,
7 Optional[String] $pg_group = $profile::postgresql::pg_user
10 $datadir = "$pg_dir/data"
12 file { "$datadir/certs":
17 require => File[$pg_dir],
20 if empty($cert) or empty($key) {
22 fail("A certificate name is necessary to generate ssl certificate")
25 ssl::self_signed_certificate { $certname:
26 common_name => $certname,
29 organization => "Immae",
32 directory => "$datadir/certs",
35 $ssl_key = "$datadir/certs/$backup_host_cn.key"
36 $ssl_cert = "$datadir/certs/$backup_host_cn.crt"
38 $ssl_key = "$datadir/certs/privkey.pem"
39 $ssl_cert = "$datadir/certs/cert.pem"
42 source => "file://$cert",
47 require => File["$datadir/certs"],
50 source => "file://$key",
55 require => File["$datadir/certs"],
62 postgresql::server::config_entry { "ssl":
66 postgresql::server::config_entry { "ssl_cert_file":
70 postgresql::server::config_entry { "ssl_key_file":