1 files changed, 6 insertions, 46 deletions
diff --git a/modules/role/manifests/etherpad.pp b/modules/role/manifests/etherpad.pp
index 476a210..a43f146 100644
--- a/modules/role/manifests/etherpad.pp
+++ b/modules/role/manifests/etherpad.pp
@@ -66,54 +66,14 @@ class role::etherpad (
    subscribe => Aur::Package["etherpad-lite"],
  }
-  $web_host = "outils-1.v.immae.eu"
+  $web_host    = "outils-1.v.immae.eu"
-  $pg_db               = "etherpad-lite"
+  $pg_db       = "etherpad-lite"
-  $pg_user             = "etherpad-lite"
+  $pg_user     = "etherpad-lite"
  $pg_password = generate_password(24, $password_seed, "postgres_etherpad")
-  file { "/var/lib/postgres/data/certs":
+  profile::postgresql_master { "postgresql master for etherpad":
-    ensure  => directory,
+    letsencrypt_host => $web_host,
-    mode    => "0700",
+    backup_hosts     => ["backup-1"],
-    owner   => $::profile::postgresql::pg_user,
-    group   => $::profile::postgresql::pg_user,
-    require => File["/var/lib/postgres"],
-  }
-  file { "/var/lib/postgres/data/certs/cert.pem":
-    source  => "file:///etc/letsencrypt/live/$web_host/cert.pem",
-    mode    => "0600",
-    links   => "follow",
-    owner   => $::profile::postgresql::pg_user,
-    group   => $::profile::postgresql::pg_user,
-    require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
-  }
-  file { "/var/lib/postgres/data/certs/privkey.pem":
-    source  => "file:///etc/letsencrypt/live/$web_host/privkey.pem",
-    mode    => "0600",
-    links   => "follow",
-    owner   => $::profile::postgresql::pg_user,
-    group   => $::profile::postgresql::pg_user,
-    require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
-  }
-  postgresql::server::config_entry { "wal_level":
-    value   => "logical",
-  }
-  postgresql::server::config_entry { "ssl":
-    value   => "on",
-    require => Letsencrypt::Certonly[$web_host],
-  }
-  postgresql::server::config_entry { "ssl_cert_file":
-    value   => "/var/lib/postgres/data/certs/cert.pem",
-    require => Letsencrypt::Certonly[$web_host],
-  }
-  postgresql::server::config_entry { "ssl_key_file":
-    value   => "/var/lib/postgres/data/certs/privkey.pem",
-    require => Letsencrypt::Certonly[$web_host],
  }
  postgresql::server::db { $pg_db:

diff --git a/modules/role/manifests/etherpad.pp b/modules/role/manifests/etherpad.pp index 476a210..a43f146 100644 --- a/modules/role/manifests/etherpad.pp +++ b/modules/role/manifests/etherpad.pp
@@ -66,54 +66,14 @@ class role::etherpad (
66	subscribe => Aur::Package["etherpad-lite"],	66	subscribe => Aur::Package["etherpad-lite"],
67	}	67	}
68		68
69	$web_host = "outils-1.v.immae.eu"	69	$web_host = "outils-1.v.immae.eu"
70	$pg_db = "etherpad-lite"	70	$pg_db = "etherpad-lite"
71	$pg_user = "etherpad-lite"	71	$pg_user = "etherpad-lite"
72	$pg_password = generate_password(24, $password_seed, "postgres_etherpad")	72	$pg_password = generate_password(24, $password_seed, "postgres_etherpad")
73		73
74	file { "/var/lib/postgres/data/certs":	74	profile::postgresql_master { "postgresql master for etherpad":
75	ensure => directory,	75	letsencrypt_host => $web_host,
76	mode => "0700",	76	backup_hosts => ["backup-1"],
77	owner => $::profile::postgresql::pg_user,
78	group => $::profile::postgresql::pg_user,
79	require => File["/var/lib/postgres"],
80	}
81
82	file { "/var/lib/postgres/data/certs/cert.pem":
83	source => "file:///etc/letsencrypt/live/$web_host/cert.pem",
84	mode => "0600",
85	links => "follow",
86	owner => $::profile::postgresql::pg_user,
87	group => $::profile::postgresql::pg_user,
88	require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
89	}
90
91	file { "/var/lib/postgres/data/certs/privkey.pem":
92	source => "file:///etc/letsencrypt/live/$web_host/privkey.pem",
93	mode => "0600",
94	links => "follow",
95	owner => $::profile::postgresql::pg_user,
96	group => $::profile::postgresql::pg_user,
97	require => [Letsencrypt::Certonly[$web_host], File["/var/lib/postgres/data/certs"]]
98	}
99
100	postgresql::server::config_entry { "wal_level":
101	value => "logical",
102	}
103
104	postgresql::server::config_entry { "ssl":
105	value => "on",
106	require => Letsencrypt::Certonly[$web_host],
107	}
108
109	postgresql::server::config_entry { "ssl_cert_file":
110	value => "/var/lib/postgres/data/certs/cert.pem",
111	require => Letsencrypt::Certonly[$web_host],
112	}
113
114	postgresql::server::config_entry { "ssl_key_file":
115	value => "/var/lib/postgres/data/certs/privkey.pem",
116	require => Letsencrypt::Certonly[$web_host],
117	}	77	}
118		78
119	postgresql::server::db { $pg_db:	79	postgresql::server::db { $pg_db: