1 define profile::postgresql::base_pg_hba_rules (
2 Optional[String] $pg_path = undef,
3 String $pg_user = "postgres",
4 String $pg_group = "postgres",
6 unless empty($pg_path) {
7 concat { "$pg_path/pg_hba.conf":
12 require => File[$pg_path],
15 Postgresql::Server::Pg_hba_rule {
16 target => "$pg_path/pg_hba.conf",
17 postgresql_version => "10",
21 postgresql::server::pg_hba_rule { "$title - local access as postgres user":
22 description => 'Allow local access to postgres user',
26 auth_method => 'ident',
29 postgresql::server::pg_hba_rule { "$title - localhost access as postgres user":
30 description => 'Allow localhost access to postgres user',
34 address => "127.0.0.1/32",
38 postgresql::server::pg_hba_rule { "$title - localhost ip6 access as postgres user":
39 description => 'Allow localhost access to postgres user',
46 target => "$pg_path/pg_hba.conf",
47 postgresql_version => "10",
49 postgresql::server::pg_hba_rule { "$title - deny access to postgresql user":
50 description => 'Deny remote access to postgres user',
54 address => "0.0.0.0/0",
55 auth_method => 'reject',
58 postgresql::server::pg_hba_rule { "$title - local access":
59 description => 'Allow local access with password',
67 postgresql::server::pg_hba_rule { "$title - local access with same name":
68 description => 'Allow local access with same name',
72 auth_method => 'ident',