From a85e03ef753199a0219a3314e0cff28fc2613a6a Mon Sep 17 00:00:00 2001 From: alex Date: Sun, 18 Jun 2023 12:47:04 +0200 Subject: [PATCH] Allow configuring hba, listen on all addresses --- .../puppet/modules/postgres/manifests/init.pp | 12 +++++++++++- personal_infra/puppet/site/pg.h1.int.pdp7.net.pp | 10 +++++++++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/personal_infra/puppet/modules/postgres/manifests/init.pp b/personal_infra/puppet/modules/postgres/manifests/init.pp index 5213db6..40fd572 100644 --- a/personal_infra/puppet/modules/postgres/manifests/init.pp +++ b/personal_infra/puppet/modules/postgres/manifests/init.pp @@ -1,4 +1,4 @@ -class postgres { +class postgres($pg_hba_conf) { package {'pgdg-redhat-repo': source => 'https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm', } @@ -9,6 +9,16 @@ class postgres { creates => '/var/lib/pgsql/15/data/PG_VERSION', } -> + [ + file {'/var/lib/pgsql/15/data/pg_hba.conf': + # template at /usr/pgsql-15/share/pg_hba.conf.sample + content => $pg_hba_conf, + }, + exec {'/bin/sed -i "s/#listen_addresses = \'localhost\'/listen_addresses = \'*\' /" /var/lib/pgsql/15/data/postgresql.conf': + unless => '/bin/grep "listen_addresses = \'\\*\'" /var/lib/pgsql/15/data/postgresql.conf', + } + ] + ~> service {'postgresql-15': ensure => running, enable => true, diff --git a/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp b/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp index b964548..944c5c1 100644 --- a/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp +++ b/personal_infra/puppet/site/pg.h1.int.pdp7.net.pp @@ -1,3 +1,11 @@ node 'pg.h1.int.pdp7.net' { - class {'postgres':} + class {'postgres': + pg_hba_conf => @(EOT) + # TYPE DATABASE USER ADDRESS METHOD + # "local" is for Unix domain socket connections only + local all all peer + host k8s_test k8s_test k8s-test.h1.int.pdp7.net trust + | EOT + , + } } -- 2.47.3