aboutsummaryrefslogtreecommitdiff
path: root/modules/role/manifests
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2018-06-18 14:09:05 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2018-06-26 00:50:56 +0200
commitf568173a3d8a43ac30fa9294a75c260042b9e415 (patch)
tree7f816c955a576a884791035cf815ea67ac465ba3 /modules/role/manifests
parenta1c3146595f8f6c7b78adfca8388dd35083b4c7f (diff)
downloadPuppet-f568173a3d8a43ac30fa9294a75c260042b9e415.tar.gz
Puppet-f568173a3d8a43ac30fa9294a75c260042b9e415.tar.zst
Puppet-f568173a3d8a43ac30fa9294a75c260042b9e415.zip
Add postgresql_master profile
Diffstat (limited to 'modules/role/manifests')
-rw-r--r--modules/role/manifests/etherpad.pp52
1 files changed, 6 insertions, 46 deletions
diff --git a/modules/role/manifests/etherpad.pp b/modules/role/manifests/etherpad.pp
index 476a210..a43f146 100644
--- a/modules/role/manifests/etherpad.pp
+++ b/modules/role/manifests/etherpad.pp
@@ -66,54 +66,14 @@ class role::etherpad (
66 subscribe => Aur::Package["etherpad-lite"], 66 subscribe => Aur::Package["etherpad-lite"],
67 } 67 }
68 68
69 $web_host = "outils-1.v.immae.eu" 69 $web_host = "outils-1.v.immae.eu"
70 $pg_db = "etherpad-lite" 70 $pg_db = "etherpad-lite"
71 $pg_user = "etherpad-lite" 71 $pg_user = "etherpad-lite"
72 $pg_password = generate_password(24, $password_seed, "postgres_etherpad") 72 $pg_password = generate_password(24, $password_seed, "postgres_etherpad")
73 73
74 file { "/var/lib/postgres/data/certs": 74 profile::postgresql_master { "postgresql master for etherpad":
75 ensure => directory, 75 letsencrypt_host => $web_host,
76 mode => "0700", 76 backup_hosts => ["backup-1"],
77 owner => $::profile::postgresql::pg_user,
78 group => $::profile::postgresql::pg_user,
79 require => File["/var/lib/postgres"],
80 }
81
82 file { "/var/lib/postgres/data/certs/cert.pem":
83 source => "file:///etc/letsencrypt/live/$web_host/cert.pem",
84 mode => "0600",
85 links => "follow",
86 owner => $::profile::postgresql::pg_user,
87 group => $::profile::postgresql::pg_user,
88 require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
89 }
90
91 file { "/var/lib/postgres/data/certs/privkey.pem":
92 source => "file:///etc/letsencrypt/live/$web_host/privkey.pem",
93 mode => "0600",
94 links => "follow",
95 owner => $::profile::postgresql::pg_user,
96 group => $::profile::postgresql::pg_user,
97 require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
98 }
99
100 postgresql::server::config_entry { "wal_level":
101 value => "logical",
102 }
103
104 postgresql::server::config_entry { "ssl":
105 value => "on",
106 require => Letsencrypt::Certonly[$web_host],
107 }
108
109 postgresql::server::config_entry { "ssl_cert_file":
110 value => "/var/lib/postgres/data/certs/cert.pem",
111 require => Letsencrypt::Certonly[$web_host],
112 }
113
114 postgresql::server::config_entry { "ssl_key_file":
115 value => "/var/lib/postgres/data/certs/privkey.pem",
116 require => Letsencrypt::Certonly[$web_host],
117 } 77 }
118 78
119 postgresql::server::db { $pg_db: 79 postgresql::server::db { $pg_db: