aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--modules/profile/manifests/postgresql.pp20
1 files changed, 19 insertions, 1 deletions
diff --git a/modules/profile/manifests/postgresql.pp b/modules/profile/manifests/postgresql.pp
index 50e510e..8dcc4cb 100644
--- a/modules/profile/manifests/postgresql.pp
+++ b/modules/profile/manifests/postgresql.pp
@@ -33,6 +33,24 @@ class profile::postgresql {
33 auth_method => 'ident', 33 auth_method => 'ident',
34 order => "a1", 34 order => "a1",
35 } 35 }
36 postgresql::server::pg_hba_rule { 'localhost access as postgres user':
37 description => 'Allow localhost access to postgres user',
38 type => 'host',
39 database => 'all',
40 user => $pg_user,
41 address => "127.0.0.1/32",
42 auth_method => 'md5',
43 order => "a2",
44 }
45 postgresql::server::pg_hba_rule { 'localhost ip6 access as postgres user':
46 description => 'Allow localhost access to postgres user',
47 type => 'host',
48 database => 'all',
49 user => $pg_user,
50 address => "::1/128",
51 auth_method => 'md5',
52 order => "a3",
53 }
36 postgresql::server::pg_hba_rule { 'deny access to postgresql user': 54 postgresql::server::pg_hba_rule { 'deny access to postgresql user':
37 description => 'Deny remote access to postgres user', 55 description => 'Deny remote access to postgres user',
38 type => 'host', 56 type => 'host',
@@ -40,7 +58,7 @@ class profile::postgresql {
40 user => $pg_user, 58 user => $pg_user,
41 address => "0.0.0.0/0", 59 address => "0.0.0.0/0",
42 auth_method => 'reject', 60 auth_method => 'reject',
43 order => "a2", 61 order => "a4",
44 } 62 }
45 63
46 postgresql::server::pg_hba_rule { 'local access': 64 postgresql::server::pg_hba_rule { 'local access':