[cubicweb/postgresql] add custom pg_hba line in pillar & get postgresql to listen on the network optionnaly
authorArthur Lutz <arthur.lutz@logilab.fr>
Fri, 10 Jul 2015 18:03:08 +0200
changeset 48 1c70821b96bf
parent 47 4c22b98c66b0
child 49 9f0e63dcce57
[cubicweb/postgresql] add custom pg_hba line in pillar & get postgresql to listen on the network optionnaly
cubicweb/postgres/init.sls
cubicweb/postgres/pg_hba.conf.jinja
pillar.example
--- a/cubicweb/postgres/init.sls	Fri Jul 10 18:02:15 2015 +0200
+++ b/cubicweb/postgres/init.sls	Fri Jul 10 18:03:08 2015 +0200
@@ -50,6 +50,31 @@
     - watch_in:
         service: pg-server
 
+{% if pillar.get('pg_listen', False) %}
+{% if psql_version >= '9.4' %}
+/etc/postgresql/{{ psql_version }}/main/postgresql.conf:
+  file.append:
+    - text: 
+      - "# appended by salt"
+      - "include_dir 'conf.d'"
+
+/etc/postgresql/{{ psql_version }}/main/conf.d/listen.conf:
+  file.managed:
+    - contents: |
+       listen_addresses = '*'
+    - watch_in:
+       service: pg-server
+{% else %}
+/etc/postgresql/{{ psql_version }}/main/postgresql.conf:
+  file.append:
+    - text:
+       - listen_addresses = '*'
+    - watch_in:
+       service: pg-server
+{% endif %}
+{% endif %}
+
+
 {% for vhostname, vhost in pillar['cubicweb_apps'].iteritems() %}
  {% for name, config in vhost.iteritems() %}
 
--- a/cubicweb/postgres/pg_hba.conf.jinja	Fri Jul 10 18:02:15 2015 +0200
+++ b/cubicweb/postgres/pg_hba.conf.jinja	Fri Jul 10 18:03:08 2015 +0200
@@ -88,6 +88,7 @@
 {% for user in users %}
 local  all             {{ user }}                          md5
 {% endfor %}
+{{ pillar.get('custom_pg_hba_lines','') }}
 # "local" is for Unix domain socket connections only
 local   all             all                                     peer
 # IPv4 local connections:
--- a/pillar.example	Fri Jul 10 18:02:15 2015 +0200
+++ b/pillar.example	Fri Jul 10 18:03:08 2015 +0200
@@ -10,6 +10,11 @@
 
 postgresql:
   enable: True # set to True to install postgresql on same host
+#make postresql listen on the network
+#pg_listen: False
+#Insert pg_hdba lines 
+#custom_pg_hba_lines: | 
+#    host    all             all             10.1.1.3/32            md5
 
 cubicweb_repo: production # set to acceptance if you want more recent versions of cubicweb 
 
@@ -87,4 +92,4 @@
           blog: cubicweb-blog: 1.9.7-1 # be careful, no version depency checks are done there
 ## install base cw cubes
 cw-basecubes:
-  install: True
\ No newline at end of file
+  install: True