X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Frole%2Fmanifests%2Fbackup%2Fpostgresql.pp;h=ee62a0022ed2fb3efdacd480f8d734780904ed18;hb=2f3d3a34ab0b3fd31bd84e4c935954740313dbed;hp=aef177b776a64b1bf30ee75639e015ba72f611ba;hpb=cc278743bffea94197755c0d114389f5fd69596a;p=perso%2FImmae%2FProjets%2FPuppet.git diff --git a/modules/role/manifests/backup/postgresql.pp b/modules/role/manifests/backup/postgresql.pp index aef177b..ee62a00 100644 --- a/modules/role/manifests/backup/postgresql.pp +++ b/modules/role/manifests/backup/postgresql.pp @@ -121,16 +121,38 @@ class role::backup::postgresql inherits role::backup { } else { $pg_backup_host = $host["vars"]["real_hostname"][0] } + + $pg_path = "$mountpoint/$pg_backup_host/postgresql" + $pg_backup_path = "$mountpoint/$pg_backup_host/postgresql_backup" + $pg_host = "$pg_backup_host" + $pg_port = $pg_infos["dbport"] + if has_key($host["vars"], "postgresql_backup_port") { $pg_listen_port = $host["vars"]["postgresql_backup_port"][0] + file { "$pg_path/certs": + ensure => directory, + mode => "0700", + owner => $pg_user, + group => $pg_group, + } -> + ssl::self_signed_certificate { $backup_host_cn: + common_name => $backup_host_cn, + country => "FR", + days => "3650", + organization => "Immae", + owner => $pg_user, + group => $pg_group, + directory => "$pg_path/certs", + before => File["$pg_path/postgresql.conf"], + } + $ssl_key = "$pg_path/certs/$backup_host_cn.key" + $ssl_cert = "$pg_path/certs/$backup_host_cn.crt" } else { $pg_listen_port = undef + $ssl_key = undef + $ssl_cert = undef } - $pg_path = "$mountpoint/$pg_backup_host/postgresql" - $pg_backup_path = "$mountpoint/$pg_backup_host/postgresql_backup" - $pg_host = "$pg_backup_host" - $pg_port = $pg_infos["dbport"] unless empty($host) { $host["ipHostNumber"].each |$ip| {