1 files changed, 25 insertions, 26 deletions
diff --git a/modules/profile/manifests/postgresql_master.pp b/modules/profile/manifests/postgresql_master.pp
index 3f68890..9966f0d 100644
--- a/modules/profile/manifests/postgresql_master.pp
+++ b/modules/profile/manifests/postgresql_master.pp
@@ -52,36 +52,35 @@ define profile::postgresql_master (
  $backup_hosts.each |$backup_host| {
    ensure_packages(["pam_ldap"])
-    $facts["ldapvar"]["other"].each |$host| {
+    $host = find_host($facts["ldapvar"]["other"], $backup_host)
-      if ($host["cn"][0] == $backup_host) {
+    unless empty($host) {
-        $host["ipHostNumber"].each |$ip| {
+      $host["ipHostNumber"].each |$ip| {
-          $infos = split($ip, "/")
+        $infos = split($ip, "/")
-          $ipaddress = $infos[0]
+        $ipaddress = $infos[0]
-          if (length($infos) == 1 and $ipaddress =~ /:/) {
+        if (length($infos) == 1 and $ipaddress =~ /:/) {
-            $mask = "128"
+          $mask = "128"
-          } elsif (length($infos) == 1) {
+        } elsif (length($infos) == 1) {
-            $mask = "32"
+          $mask = "32"
-          } else {
+        } else {
-            $mask = $infos[1]
+          $mask = $infos[1]
-          }
-          postgresql::server::pg_hba_rule { "allow TCP access to replication user from backup for replication from $ipaddress/$mask":
-            type        => 'hostssl',
-            database    => 'replication',
-            user        => $backup_host,
-            address     => "$ipaddress/$mask",
-            auth_method => 'pam',
-            order       => "06-01",
-          }
        }
-        postgresql::server::role { $backup_host:
+        postgresql::server::pg_hba_rule { "allow TCP access to replication user from backup for replication from $ipaddress/$mask":
-          replication => true,
+          type        => 'hostssl',
+          database    => 'replication',
+          user        => $backup_host,
+          address     => "$ipaddress/$mask",
+          auth_method => 'pam',
+          order       => "06-01",
        }
+      }
-        postgresql_replication_slot { regsubst($backup_host, '-', "_", "G"):
+      postgresql::server::role { $backup_host:
-          ensure => present
+        replication => true,
-        }
+      }
+      postgresql_replication_slot { regsubst($backup_host, '-', "_", "G"):
+        ensure => present
      }
    }

diff --git a/modules/profile/manifests/postgresql_master.pp b/modules/profile/manifests/postgresql_master.pp index 3f68890..9966f0d 100644 --- a/modules/profile/manifests/postgresql_master.pp +++ b/modules/profile/manifests/postgresql_master.pp
@@ -52,36 +52,35 @@ define profile::postgresql_master (
52	$backup_hosts.each \|$backup_host\| {	52	$backup_hosts.each \|$backup_host\| {
53	ensure_packages(["pam_ldap"])	53	ensure_packages(["pam_ldap"])
54		54
55	$facts["ldapvar"]["other"].each \|$host\| {	55	$host = find_host($facts["ldapvar"]["other"], $backup_host)
56	if ($host["cn"][0] == $backup_host) {	56	unless empty($host) {
57	$host["ipHostNumber"].each \|$ip\| {	57	$host["ipHostNumber"].each \|$ip\| {
58	$infos = split($ip, "/")	58	$infos = split($ip, "/")
59	$ipaddress = $infos[0]	59	$ipaddress = $infos[0]
60	if (length($infos) == 1 and $ipaddress =~ /:/) {	60	if (length($infos) == 1 and $ipaddress =~ /:/) {
61	$mask = "128"	61	$mask = "128"
62	} elsif (length($infos) == 1) {	62	} elsif (length($infos) == 1) {
63	$mask = "32"	63	$mask = "32"
64	} else {	64	} else {
65	$mask = $infos[1]	65	$mask = $infos[1]
66	}
67
68	postgresql::server::pg_hba_rule { "allow TCP access to replication user from backup for replication from $ipaddress/$mask":
69	type => 'hostssl',
70	database => 'replication',
71	user => $backup_host,
72	address => "$ipaddress/$mask",
73	auth_method => 'pam',
74	order => "06-01",
75	}
76	}	66	}
77		67
78	postgresql::server::role { $backup_host:	68	postgresql::server::pg_hba_rule { "allow TCP access to replication user from backup for replication from $ipaddress/$mask":
79	replication => true,	69	type => 'hostssl',
		70	database => 'replication',
		71	user => $backup_host,
		72	address => "$ipaddress/$mask",
		73	auth_method => 'pam',
		74	order => "06-01",
80	}	75	}
		76	}
81		77
82	postgresql_replication_slot { regsubst($backup_host, '-', "_", "G"):	78	postgresql::server::role { $backup_host:
83	ensure => present	79	replication => true,
84	}	80	}
		81
		82	postgresql_replication_slot { regsubst($backup_host, '-', "_", "G"):
		83	ensure => present
85	}	84	}
86	}	85	}
87		86