aboutsummaryrefslogtreecommitdiff
path: root/modules/profile
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2018-02-18 11:52:05 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2018-02-18 11:52:05 +0100
commit159db2fd0619f93d330bbe9815ece76beca34aba (patch)
tree9d25a3aa1303f5ae738e84f8f68ce1bdfb77901f /modules/profile
parentf17c2d0b1679b41a6e80ef921645ab65b6257548 (diff)
downloadPuppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.gz
Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.zst
Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.zip
Add localhost access for postgres
Diffstat (limited to 'modules/profile')
-rw-r--r--modules/profile/manifests/postgresql.pp20
1 files changed, 19 insertions, 1 deletions
diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp
index 50e510e..8dcc4cb 100644
--- a/modules/profile/manifests/postgresql.pp
+++ b/modules/profile/manifests/postgresql.pp
@@ -33,6 +33,24 @@ class profile::postgresql {
33 auth_method => 'ident', 33 auth_method => 'ident',
34 order => "a1", 34 order => "a1",
35 } 35 }
36 postgresql::server::pg_hba_rule { 'localhost access as postgres user':
37 description => 'Allow localhost access to postgres user',
38 type => 'host',
39 database => 'all',
40 user => $pg_user,
41 address => "127.0.0.1/32",
42 auth_method => 'md5',
43 order => "a2",
44 }
45 postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user':
46 description => 'Allow localhost access to postgres user',
47 type => 'host',
48 database => 'all',
49 user => $pg_user,
50 address => "::1/128",
51 auth_method => 'md5',
52 order => "a3",
53 }
36 postgresql::server::pg_hba_rule { 'deny access to postgresql user': 54 postgresql::server::pg_hba_rule { 'deny access to postgresql user':
37 description => 'Deny remote access to postgres user', 55 description => 'Deny remote access to postgres user',
38 type => 'host', 56 type => 'host',
@@ -40,7 +58,7 @@ class profile::postgresql {
40 user => $pg_user, 58 user => $pg_user,
41 address => "0.0.0.0/0", 59 address => "0.0.0.0/0",
42 auth_method => 'reject', 60 auth_method => 'reject',
43 order => "a2", 61 order => "a4",
44 } 62 }
45 63
46 postgresql::server::pg_hba_rule { 'local access': 64 postgresql::server::pg_hba_rule { 'local access':