Add localhost access for postgres

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-02-18 11:52:05 +0100
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2018-02-18 11:52:05 +0100
commit: 159db2fd0619f93d330bbe9815ece76beca34aba (patch)
tree: 9d25a3aa1303f5ae738e84f8f68ce1bdfb77901f
parent: f17c2d0b1679b41a6e80ef921645ab65b6257548 (diff)
download: Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.gz
Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.zst
Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.zip
1 files changed, 19 insertions, 1 deletions
diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp
index 50e510e..8dcc4cb 100644
--- a/modules/profile/manifests/postgresql.pp
+++ b/modules/profile/manifests/postgresql.pp
@@ -33,6 +33,24 @@ class profile::postgresql {
    auth_method => 'ident',
    order       => "a1",
  }
+  postgresql::server::pg_hba_rule { 'localhost access as postgres user':
+    description => 'Allow localhost access to postgres user',
+    type        => 'host',
+    database    => 'all',
+    user        => $pg_user,
+    address     => "127.0.0.1/32",
+    auth_method => 'md5',
+    order       => "a2",
+  }
+  postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user':
+    description => 'Allow localhost access to postgres user',
+    type        => 'host',
+    database    => 'all',
+    user        => $pg_user,
+    address     => "::1/128",
+    auth_method => 'md5',
+    order       => "a3",
+  }
  postgresql::server::pg_hba_rule { 'deny access to postgresql user':
    description => 'Deny remote access to postgres user',
    type        => 'host',
@@ -40,7 +58,7 @@ class profile::postgresql {
    user        => $pg_user,
    address     => "0.0.0.0/0",
    auth_method => 'reject',
-    order       => "a2",
+    order       => "a4",
  }
  postgresql::server::pg_hba_rule { 'local access':
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-02-18 11:52:05 +0100
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2018-02-18 11:52:05 +0100
commit	159db2fd0619f93d330bbe9815ece76beca34aba (patch)
tree	9d25a3aa1303f5ae738e84f8f68ce1bdfb77901f
parent	f17c2d0b1679b41a6e80ef921645ab65b6257548 (diff)
download	Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.gz Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.zst Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.zip

diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp index 50e510e..8dcc4cb 100644 --- a/modules/profile/manifests/postgresql.pp +++ b/modules/profile/manifests/postgresql.pp
@@ -33,6 +33,24 @@ class profile::postgresql {
33	auth_method => 'ident',	33	auth_method => 'ident',
34	order => "a1",	34	order => "a1",
35	}	35	}
		36	postgresql::server::pg_hba_rule { 'localhost access as postgres user':
		37	description => 'Allow localhost access to postgres user',
		38	type => 'host',
		39	database => 'all',
		40	user => $pg_user,
		41	address => "127.0.0.1/32",
		42	auth_method => 'md5',
		43	order => "a2",
		44	}
		45	postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user':
		46	description => 'Allow localhost access to postgres user',
		47	type => 'host',
		48	database => 'all',
		49	user => $pg_user,
		50	address => "::1/128",
		51	auth_method => 'md5',
		52	order => "a3",
		53	}
36	postgresql::server::pg_hba_rule { 'deny access to postgresql user':	54	postgresql::server::pg_hba_rule { 'deny access to postgresql user':
37	description => 'Deny remote access to postgres user',	55	description => 'Deny remote access to postgres user',
38	type => 'host',	56	type => 'host',
@@ -40,7 +58,7 @@ class profile::postgresql {
40	user => $pg_user,	58	user => $pg_user,
41	address => "0.0.0.0/0",	59	address => "0.0.0.0/0",
42	auth_method => 'reject',	60	auth_method => 'reject',
43	order => "a2",	61	order => "a4",
44	}	62	}
45		63
46	postgresql::server::pg_hba_rule { 'local access':	64	postgresql::server::pg_hba_rule { 'local access':