diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-02-18 11:52:05 +0100 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-02-18 11:52:05 +0100 |
commit | 159db2fd0619f93d330bbe9815ece76beca34aba (patch) | |
tree | 9d25a3aa1303f5ae738e84f8f68ce1bdfb77901f /modules/profile | |
parent | f17c2d0b1679b41a6e80ef921645ab65b6257548 (diff) | |
download | Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.gz Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.tar.zst Puppet-159db2fd0619f93d330bbe9815ece76beca34aba.zip |
Add localhost access for postgres
Diffstat (limited to 'modules/profile')
-rw-r--r-- | modules/profile/manifests/postgresql.pp | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp index 50e510e..8dcc4cb 100644 --- a/modules/profile/manifests/postgresql.pp +++ b/modules/profile/manifests/postgresql.pp | |||
@@ -33,6 +33,24 @@ class profile::postgresql { | |||
33 | auth_method => 'ident', | 33 | auth_method => 'ident', |
34 | order => "a1", | 34 | order => "a1", |
35 | } | 35 | } |
36 | postgresql::server::pg_hba_rule { 'localhost access as postgres user': | ||
37 | description => 'Allow localhost access to postgres user', | ||
38 | type => 'host', | ||
39 | database => 'all', | ||
40 | user => $pg_user, | ||
41 | address => "127.0.0.1/32", | ||
42 | auth_method => 'md5', | ||
43 | order => "a2", | ||
44 | } | ||
45 | postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user': | ||
46 | description => 'Allow localhost access to postgres user', | ||
47 | type => 'host', | ||
48 | database => 'all', | ||
49 | user => $pg_user, | ||
50 | address => "::1/128", | ||
51 | auth_method => 'md5', | ||
52 | order => "a3", | ||
53 | } | ||
36 | postgresql::server::pg_hba_rule { 'deny access to postgresql user': | 54 | postgresql::server::pg_hba_rule { 'deny access to postgresql user': |
37 | description => 'Deny remote access to postgres user', | 55 | description => 'Deny remote access to postgres user', |
38 | type => 'host', | 56 | type => 'host', |
@@ -40,7 +58,7 @@ class profile::postgresql { | |||
40 | user => $pg_user, | 58 | user => $pg_user, |
41 | address => "0.0.0.0/0", | 59 | address => "0.0.0.0/0", |
42 | auth_method => 'reject', | 60 | auth_method => 'reject', |
43 | order => "a2", | 61 | order => "a4", |
44 | } | 62 | } |
45 | 63 | ||
46 | postgresql::server::pg_hba_rule { 'local access': | 64 | postgresql::server::pg_hba_rule { 'local access': |