Replication

[perso/Immae/Projets/Puppet.git] / modules / profile / manifests / postgresql.pp

diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp
index 50e510e3950c68bfa71efcb3064ac950ec3e3e15..1024c6657c62ee3f71b1ed1b191efa5bf9fc4574 100644 (file)
--- a/modules/profile/manifests/postgresql.pp
+++ b/modules/profile/manifests/postgresql.pp
@@ -22,7 +22,8 @@ class profile::postgresql {
   }
 
   class { '::postgresql::server':
-    postgres_password => generate_password(24, $password_seed, "postgres")
+    postgres_password => generate_password(24, $password_seed, "postgres"),
+    listen_addresses  => "*",
   }
 
   postgresql::server::pg_hba_rule { 'local access as postgres user':
@@ -33,6 +34,24 @@ class profile::postgresql {
     auth_method => 'ident',
     order       => "a1",
   }
+  postgresql::server::pg_hba_rule { 'localhost access as postgres user':
+    description => 'Allow localhost access to postgres user',
+    type        => 'host',
+    database    => 'all',
+    user        => $pg_user,
+    address     => "127.0.0.1/32",
+    auth_method => 'md5',
+    order       => "a2",
+  }
+  postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user':
+    description => 'Allow localhost access to postgres user',
+    type        => 'host',
+    database    => 'all',
+    user        => $pg_user,
+    address     => "::1/128",
+    auth_method => 'md5',
+    order       => "a3",
+  }
   postgresql::server::pg_hba_rule { 'deny access to postgresql user':
     description => 'Deny remote access to postgres user',
     type        => 'host',
@@ -40,7 +59,7 @@ class profile::postgresql {
     user        => $pg_user,
     address     => "0.0.0.0/0",
     auth_method => 'reject',
-    order       => "a2",
+    order       => "a4",
   }
 
   postgresql::server::pg_hba_rule { 'local access':