X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fprofile%2Fmanifests%2Fpostgresql.pp;h=2cd1bcc652052beaf6e3e2fa121b50acd45a3c62;hb=a859ab30660104d25485824afa1c23de454bb5ed;hp=8dcc4cb7ca4b13364ca31192bb786dbe19aaaeaa;hpb=159db2fd0619f93d330bbe9815ece76beca34aba;p=perso%2FImmae%2FProjets%2FPuppet.git

diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp
index 8dcc4cb..2cd1bcc 100644
--- a/modules/profile/manifests/postgresql.pp
+++ b/modules/profile/manifests/postgresql.pp
@@ -1,5 +1,5 @@
 class profile::postgresql {
-  $password_seed = lookup("base_installation::puppet_pass_seed") |$key| { {} }
+  $password_seed = lookup("base_installation::puppet_pass_seed")
 
   class { '::postgresql::globals':
     encoding             => 'UTF-8',
@@ -22,7 +22,8 @@ class profile::postgresql {
   }
 
   class { '::postgresql::server':
-    postgres_password => generate_password(24, $password_seed, "postgres")
+    postgres_password => generate_password(24, $password_seed, "postgres"),
+    listen_addresses  => "*",
   }
 
   postgresql::server::pg_hba_rule { 'local access as postgres user':
@@ -31,7 +32,7 @@ class profile::postgresql {
     database    => 'all',
     user        => $pg_user,
     auth_method => 'ident',
-    order       => "a1",
+    order       => "00-01",
   }
   postgresql::server::pg_hba_rule { 'localhost access as postgres user':
     description => 'Allow localhost access to postgres user',
@@ -40,7 +41,7 @@ class profile::postgresql {
     user        => $pg_user,
     address     => "127.0.0.1/32",
     auth_method => 'md5',
-    order       => "a2",
+    order       => "00-02",
   }
   postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user':
     description => 'Allow localhost access to postgres user',
@@ -49,7 +50,7 @@ class profile::postgresql {
     user        => $pg_user,
     address     => "::1/128",
     auth_method => 'md5',
-    order       => "a3",
+    order       => "00-03",
   }
   postgresql::server::pg_hba_rule { 'deny access to postgresql user':
     description => 'Deny remote access to postgres user',
@@ -58,7 +59,7 @@ class profile::postgresql {
     user        => $pg_user,
     address     => "0.0.0.0/0",
     auth_method => 'reject',
-    order       => "a4",
+    order       => "00-04",
   }
 
   postgresql::server::pg_hba_rule { 'local access':
@@ -67,7 +68,7 @@ class profile::postgresql {
     database    => 'all',
     user        => 'all',
     auth_method => 'md5',
-    order       => "b1",
+    order       => "10-01",
   }
 
   postgresql::server::pg_hba_rule { 'local access with same name':
@@ -76,7 +77,7 @@ class profile::postgresql {
     database    => 'all',
     user        => 'all',
     auth_method => 'ident',
-    order       => "b2",
+    order       => "10-02",
   }
 
 }