1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
class role::cryptoportfolio::postgresql inherits role::cryptoportfolio {
$password_seed = lookup("base_installation::puppet_pass_seed")
$pg_password = generate_password(24, $password_seed, "postgres_cryptoportfolio")
profile::postgresql::master { "postgresql master for cryptoportfolio":
letsencrypt_host => $web_host,
backup_hosts => ["backup-1"],
}
postgresql::server::db { $pg_db:
user => $pg_user,
password => postgresql_password($pg_user, $pg_password),
}
postgresql::server::pg_hba_rule { 'allow localhost TCP access to cryptoportfolio user':
type => 'local',
database => $pg_db,
user => $pg_user,
auth_method => 'ident',
order => "05-01",
}
# cleanup
postgresql_psql { "DROP PUBLICATION ${pg_db}_publication":
db => $pg_db,
onlyif => "SELECT 1 FROM pg_catalog.pg_publication WHERE pubname = '${pg_db}_publication'",
} ->
postgresql_replication_slot { $pg_user_replication:
ensure => absent
} ->
postgresql_psql { "DROP OWNED BY $pg_user_replication":
db => $pg_db,
onlyif => "SELECT 1 FROM pg_user WHERE usename='$pg_user_replication'"
} ->
postgresql::server::role { $pg_user_replication:
ensure => absent,
}
# /cleanup
}
|