$backup_hosts.each |$backup_host| {
ensure_packages(["pam_ldap"])
- $facts["ldapvar"]["other"].each |$host| {
- if ($host["cn"][0] == $backup_host) {
- $host["ipHostNumber"].each |$ip| {
- $infos = split($ip, "/")
- $ipaddress = $infos[0]
- if (length($infos) == 1 and $ipaddress =~ /:/) {
- $mask = "128"
- } elsif (length($infos) == 1) {
- $mask = "32"
- } else {
- $mask = $infos[1]
- }
-
- postgresql::server::pg_hba_rule { "allow TCP access to replication user from backup for replication from $ipaddress/$mask":
- type => 'hostssl',
- database => 'replication',
- user => $backup_host,
- address => "$ipaddress/$mask",
- auth_method => 'pam',
- order => "06-01",
- }
+ $host = find_host($facts["ldapvar"]["other"], $backup_host)
+ unless empty($host) {
+ $host["ipHostNumber"].each |$ip| {
+ $infos = split($ip, "/")
+ $ipaddress = $infos[0]
+ if (length($infos) == 1 and $ipaddress =~ /:/) {
+ $mask = "128"
+ } elsif (length($infos) == 1) {
+ $mask = "32"
+ } else {
+ $mask = $infos[1]
}
- postgresql::server::role { $backup_host:
- replication => true,
+ postgresql::server::pg_hba_rule { "allow TCP access to replication user from backup for replication from $ipaddress/$mask":
+ type => 'hostssl',
+ database => 'replication',
+ user => $backup_host,
+ address => "$ipaddress/$mask",
+ auth_method => 'pam',
+ order => "06-01",
}
+ }
- postgresql_replication_slot { regsubst($backup_host, '-', "_", "G"):
- ensure => present
- }
+ postgresql::server::role { $backup_host:
+ replication => true,
+ }
+
+ postgresql_replication_slot { regsubst($backup_host, '-', "_", "G"):
+ ensure => present
}
}
projects / perso / Immae / Projets / Puppet.git / commitdiff
