puppetlabs-postgresql-4.6.1/000755 000765 000024 00000000000 12631567457 020060 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/CHANGELOG.md000644 000765 000024 00000072006 12631567444 021672 0ustar00helencampbellstaff000000 000000 ## Supported Release 4.6.1 ###Summary Small release for support of newer PE versions. This increments the version of PE in the metadata.json file. ## 2015-09-01 - Supported Release 4.6.0 ### Summary This release adds a proxy feature for yum, Postgis improvements, and decoupling pg_hba_rule from postgresql::server. #### Features - Support setting a proxy for yum operations - Allow for undefined PostGIS version - Decouple pg_hba_rule from postgresql::server #### Bugfixes - Fix postgis default package name on RedHat ## 2015-07-27 - Supported Release 4.5.0 ### Summary This release adds sequence grants, some postgresql 9.4 fixes, and `onlyif` to the psql resource. ### Features - Add `onlyif` parameter to `postgresql_psql` - Add unsupported compatibility with Ubuntu 15.04 - Add unsupported compatibility with SLES 11/12 and OpenSuSE 13.2 - Add `postgresql::server::grant::onlyif_exists` attribute - Add `postgresql::server::table_grant::onlyif_exists` attribute - Add granting permissions on sequences ### Bugfixes - Added docs for `postgresql::server::grant` - Fix `pg_hba_conf_defaults => false` to not disable ipv4/ipv6 acls - Fix 9.4 for `postgresql::server::pg_hba_rule` ## 2015-07-07 - Supported Release 4.4.2 ### Summary This release fixes a bug introduced in 4.4.0. #### Bugfixes - Fixes `withenv` execution under Puppet 2.7. (MODULES-2185) ## 2015-07-01 - Supported Release 4.4.1 ### Summary This release fixes RHEL 7 & Fedora with manage_package_repo switched on. #### Bugfixes - Ensure manage_package_repo variable is in scope for systemd-override file for RHEL7 ## 2015-06-30 - Supported Release 4.4.0 ### Summary This release has several new features, bugfixes, and test improvements. #### Features - Adds a resource to manage recovery.conf. - Adds a parameter that allows the specification of a validate connection script in `postgresql::client`. - Adds support for plpython package management. - Adds support for postgresql-docs management. - Adds ability to make `postgresql::server::schema` titles unique. (MODULES-2049) - Updates puppetlabs-apt module dependency to support version 2.1.0. #### Bugfixes - Fix `postgresql_psql` parameter ordering to work on OpenBSD with Future Parser - Fix setting postgres role password (MODULES-1869) - Fix execution command with puppet <3.4 (MODULES-1923) - Fix Puppet.newtype deprecation warning (MODULES-2007) - Fix systemd override for manage_repo package versions - Fix Copy snakeoil certificate and key instead of symlinking #### Test Improvements - Allows setting BEAKER and BEAKER_RSPEC versions via environment variables. - Enables Unit testing on Travis CI with Puppet 4. - Cleans up spec_helper_acceptance.rb to use new puppet_install_helper gem. ## 2015-03-24 - Supported Release 4.3.0 ### Summary This release fixes compatibility with Puppet 4 and removes opportunities for local users to view the postgresql password. It also adds a new custom resource to aid in managing replication. #### Features - Add `postgresql::server::logdir` parameter to manage the logdir - Add `environment` parameter to `postgresql_psql` - Add `postgresql_replication_slot` custom resource #### Bugfixes - Fix for Puppet 4 - Don't print postgresql\_psql password in command - Allow `postgresql::validate_db_connection` for more than one host+port+database combo - Fix service command on Debian 8 and up - Fix `postgresql::server::extension` to work with custom user/group/port - Fix `postgresql::server::initdb` to work with custom user/group/port - Fix changing template1 encoding - Fix default `postgresql::server::grant::object_name` value - Fix idempotency of granting all tables in schema with `puppet::server::grant` - Fix lint warnings - Fix apt key to use 40 character key and bump puppetlabs-apt to >= 1.8.0 < 2.0.0 ##2015-03-10 - Supported Release 4.2.0 ###Summary This release has several new features including support for server extensions, improved grant support, and a number of bugfixes. ####Features - Changes to support OpenBSD - Add `service_reload` parameter to `postgresql::server` - Add `comment` parameter to `postgresql::server::database` (MODULES-1153) - Add `postgresql::server::extension` defined type - Add postgresql versions for utopic and jessie - Update `postgresql::server::grant` to support 'GRANT SCHEMA' and 'ALL TABLES IN SCHEMA' ####Bugfixes - Lint cleanup - Remove outdated upgrade info from README - Use correct TCP port when checking password - Create role before database - Fix template1 encoding on Debian - Require server package before user permissions - Fix `service_status` default for FreeBSD to allow PostgreSQL to start the first run - Fix invalid US-ASCII byte sequence in `postgresql::server::grant` comments - Reverted to default behavior for Debian systems as `pg_config` should not be overwritten (MODULES-1485) ##2014-11-04 - Supported Release 4.1.0 ###Summary This release adds the ability to change the PGDATA directory, and also includes documentation and test updates, future parser support, and a few other new features. ####Features - Future parser support - Documentation updates - Test updates - Add a link from `/etc/sysconfig/pgsql/postgresql-${version}` to `/etc/sysconfig/pgsql/postgresql` to support init scripts from the postgresql.org repo - Add support for changing the PGDATA directory - Set default versions for Fedora 21 and FreeBSD ##2014-09-03 - Supported Release 4.0.0 ###Summary This release removes the uninstall ability from the module, removes the firewall management, overhauls all of the acceptance testing, as well as adds better support for SuSE and Fedora. ###Backwards Incompatible changes. - Uninstall code removal. - Firewall management for Postgres. - Set manage_pg_ident_conf to true. ####Uninstallation removal We rely heavily on the ability to uninstall and reinstall postgres throughout our testing code, testing features like "can I move from the distribution packages to the upstream packages through the module" and over time we've learnt that the uninstall code simply doesn't work a lot of the time. It leaves traces of postgres behind or fails to remove certain packages on Ubuntu, and generally causes bits to be left on your system that you didn't expect. When we then reinstall things fail because it's not a true clean slate, and this causes us enormous problems during test. We've spent weeks and months working on these tests and they simply don't hold up well across the full range of PE platforms. Due to all these problems we've decided to take a stance on uninstalling in general. We feel that in 2014 it's completely reasonable and normal to have a good provisioning pipeline combined with your configuration management and the "correct" way to uninstall a fully installed service like postgresql is to simply reprovision the server without it in the first place. As a general rule this is how I personally like to work and I think is a good practice. ####I'm not OK with this! We understand that there are environments and situations in which it's not easy to do that. What if you accidently deployed Postgres on 100,000 nodes? In the future we're going to take a look at building some example 'profiles' to be found under examples/ within this module that can uninstall postgres on popular platforms. These can be modified and used in your specific case to uninstall postgresql. They will be much more brute force and reliant on deleting entire directories and require you to do more work up front in specifying where things are installed but we think it'll prove to be a much cleaner mechanism for this kind of thing rather than trying to weave it into the main module logic itself. ####Features - Removal of uninstall. - Removal of firewall management. - Tests ported to rspec3. - Acceptance tests rewritten. - Add a defined type for creating database schemas. - Add a pg_ident_rule defined type. - Set manage_pg_ident_conf to true. - Manage pg_ident.conf by default. - Improve selinux support for tablespace. - Remove deprecation warnings. - Support changing PGDATA on RedHat. - Add SLES 11 support. ####Bugfixes - Link pg_config binary into /usr/bin. - Fix fedora support by using systemd. - Initdb should create xlogdir if set. ##2014-08-27 - Supported Release 3.4.3 ###Summary This release fixes Ubuntu 10.04 with Facter 2.2. ####Features ####Bugfixes - Use a regular expression to match the major OS version on Ubuntu. ##2014-07-31 - Supported Release 3.4.2 ###Summary This release fixes recent Fedora versions. ####Features ####Bugfixes - Fix Fedora. ##2014-07-15 - Supported Release 3.4.1 ###Summary This release merely updates metadata.json so the module can be uninstalled and upgraded via the puppet module command. ##2014-04-14 - Supported Release 3.4.0 ###Summary This feature rolls up several important features, the biggest being PostGIS handling and allowing `port` to be set on postgresql::server in order to change the port that Postgres listens on. We've added support for RHEL7 and Ubuntu 14.04, as well as allowing you to manage the service via `service_ensure` finally. ####Features - Added `perl_package_name` for installing bindings. - Added `service_ensure` for allowing control of services. - Added `postgis_version` and postgis class for installing postgis. - Added `port` for selecting the port Postgres runs on. - Add support for RHEL7 and Ubuntu 14.04. - Add `default_db` to postgresql::server::database. - Widen the selection of unquoted parameters in postgresql_conf{} - Require the service within postgresql::server::reload for RHEL7. - Add `inherit` to postgresql::server::role. ####Bugfixes ##2014-03-04 - Supported Release 3.3.3 ###Summary This is a supported release. This release removes a testing symlink that can cause trouble on systems where /var is on a seperate filesystem from the modulepath. ####Features ####Bugfixes ####Known Bugs * SLES is not supported. ##2014-03-04 - Supported Release 3.3.2 ###Summary This is a supported release. It fixes a problem with updating passwords on postgresql.org distributed versions of PostgreSQL. ####Bugfixes - Correct psql path when setting password on custom versions. - Documentation updates - Test updates ####Known Bugs * SLES is not supported. ##2014-02-12 - Version 3.3.1 ####Bugfix: - Allow dynamic rubygems host ##2014-01-28 - Version 3.3.0 ###Summary This release rolls up a bunch of bugfixes our users have found and fixed for us over the last few months. This improves things for 9.1 users, and makes this module usable on FreeBSD. This release is dedicated to 'bma', who's suffering with Puppet 3.4.1 issues thanks to Puppet::Util::SUIDManager.run_and_capture. ####Features - Add lc_ config entry settings - Can pass template at database creation. - Add FreeBSD support. - Add support for customer `xlogdir` parameter. - Switch tests from rspec-system to beaker. (This isn't really a feature) ####Bugfixes - Properly fix the deprecated Puppet::Util::SUIDManager.run_and_capture errors. - Fix NOREPLICATION option for Postgres 9.1 - Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf - Add $postgresql::server::client_package_name, referred to by install.pp - Add missing service_provider/service_name descriptions in ::globals. - Fix several smaller typos/issues throughout. - Exec['postgresql_initdb'] needs to be done after $datadir exists - Prevent defined resources from floating in the catalog. - Fix granting all privileges on a table. - Add some missing privileges. - Remove deprecated and unused concat::fragment parameters. ##2013-11-05 - Version 3.2.0 ###Summary Add's support for Ubuntu 13.10 (and 14.04) as well as x, y, z. ####Features - Add versions for Ubuntu 13.10 and 14.04. - Use default_database in validate_db_connection instead of a hardcoded 'postgres' - Add globals/params layering for default_database. - Allow specification of default database name. ####Bugs - Fixes to the README. ##2013-10-25 - Version 3.1.0 ###Summary This is a minor feature and bug fix release. Firstly, the postgresql_psql type now includes a new parameter `search_path` which is equivalent to using `set search_path` which allows you to change the default schema search path. The default version of Fedora 17 has now been added, so that Fedora 17 users can enjoy the module. And finally we've extended the capabilities of the defined type postgresql::validate_db_connection so that now it can handle retrying and sleeping between retries. This feature has been monopolized to fix a bug we were seeing with startup race conditions, but it can also be used by remote systems to 'wait' for PostgreSQL to start before their Puppet run continues. ####Features - Defined $default_version for Fedora 17 (Bret Comnes) - add search_path attribute to postgresql_psql resource (Jeremy Kitchen) - (GH-198) Add wait and retry capability to validate_db_connection (Ken Barber) ####Bugs - enabling defined postgres user password without resetting on every puppet run (jonoterc) - periods are valid in configuration variables also (Jeremy Kitchen) - Add zero length string to join() function (Jarl Stefansson) - add require of install to reload class (cdenneen) - (GH-198) Fix race condition on postgresql startup (Ken Barber) - Remove concat::setup for include in preparation for the next concat release (Ken Barber) ##2013-10-14 - Version 3.0.0 Final release of 3.0, enjoy! ##2013-10-14 - Version 3.0.0-rc3 ###Summary Add a parameter to unmanage pg_hba.conf to fix a regression from 2.5, as well as allowing owner to be passed into x. ####Features - `manage_pg_hba_conf` parameter added to control pg_hba.conf management. - `owner` parameter added to server::db. ##2013-10-09 - Version 3.0.0-rc2 ###Summary A few bugfixes have been found since -rc1. ####Fixes - Special case for $datadir on Amazon - Fix documentation about username/password for the postgresql_hash function ##2013-10-01 - Version 3.0.0-rc1 ###Summary Version 3 was a major rewrite to fix some internal dependency issues, and to make the new Public API more clear. As a consequence a lot of things have changed for version 3 and older revisions that we will try to outline here. (NOTE: The format of this CHANGELOG differs to normal in an attempt to explain the scope of changes) * Server specific objects now moved under `postgresql::server::` namespace: To restructure server specific elements under the `postgresql::server::` namespaces the following objects were renamed as such: `postgresql::database` -> `postgresql::server::database` `postgresql::database_grant` -> `postgresql::server::database_grant` `postgresql::db` -> `postgresql::server::db` `postgresql::grant` -> `postgresql::server::grant` `postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` `postgresql::plperl` -> `postgresql::server::plperl` `postgresql::contrib` -> `postgresql::server::contrib` `postgresql::role` -> `postgresql::server::role` `postgresql::table_grant` -> `postgresql::server::table_grant` `postgresql::tablespace` -> `postgresql::server::tablespace` * New `postgresql::server::config_entry` resource for managing configuration: Previously we used the `file_line` resource to modify `postgresql.conf`. This new revision now adds a new resource named `postgresql::server::config_entry` for managing this file. For example: ```puppet postgresql::server::config_entry { 'check_function_bodies': value => 'off', } ``` If you were using `file_line` for this purpose, you should change to this new methodology. * `postgresql_puppet_extras.conf` has been removed: Now that we have a methodology for managing `postgresql.conf`, and due to concerns over the file management methodology using an `exec { 'touch ...': }` as a way to create an empty file the existing postgresql\_puppet\_extras.conf file is no longer managed by this module. If you wish to recreate this methodology yourself, use this pattern: ```puppet class { 'postgresql::server': } $extras = "/tmp/include.conf" file { $extras: content => 'max_connections = 123', notify => Class['postgresql::server::service'], }-> postgresql::server::config_entry { 'include': value => $extras, } ``` * All uses of the parameter `charset` changed to `encoding`: Since PostgreSQL uses the terminology `encoding` not `charset` the parameter has been made consisent across all classes and resources. * The `postgresql` base class is no longer how you set globals: The old global override pattern was less then optimal so it has been fixed, however we decided to demark this properly by specifying these overrides in the class `postgresql::global`. Consult the documentation for this class now to see what options are available. Also, some parameter elements have been moved between this and the `postgresql::server` class where it made sense. * `config_hash` parameter collapsed for the `postgresql::server` class: Because the `config_hash` was really passing data through to what was in effect an internal class (`postgresql::config`). And since we don't want this kind of internal exposure the parameters were collapsed up into the `postgresql::server` class directly. * Lots of changes to 'private' or 'undocumented' classes: If you were using these before, these have changed names. You should only use what is documented in this README.md, and if you don't have what you need you should raise a patch to add that feature to a public API. All internal classes now have a comment at the top indicating them as private to make sure the message is clear that they are not supported as Public API. * `pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules: The defaults should be good enough for most cases (if not raise a bug) but if you simply need an escape hatch, this setting will turn off the defaults. If you want to do this, it may affect the rest of the module so make sure you replace the rules with something that continues operation. * `postgresql::database_user` has now been removed: Use `postgresql::server::role` instead. * `postgresql::psql` resource has now been removed: Use `postgresql_psql` instead. In the future we may recreate this as a wrapper to add extra capability, but it will not match the old behaviour. * `postgresql_default_version` fact has now been removed: It didn't make sense to have this logic in a fact any more, the logic has been moved into `postgresql::params`. * `ripienaar/concat` is no longer used, instead we use `puppetlabs/concat`: The older concat module is now deprecated and moved into the `puppetlabs/concat` namespace. Functionality is more or less identical, but you may need to intervene during the installing of this package - as both use the same `concat` namespace. --- ##2013-09-09 Release 2.5.0 ###Summary The focus of this release is primarily to capture the fixes done to the types and providers to make sure refreshonly works properly and to set the stage for the large scale refactoring work of 3.0.0. ####Features ####Bugfixes - Use boolean for refreshonly. - Fix postgresql::plperl documentation. - Add two missing parameters to config::beforeservice - Style fixes ##2013-08-01 Release 2.4.1 ###Summary This minor bugfix release solves an idempotency issue when using plain text passwords for the password_hash parameter for the postgresql::role defined type. Without this, users would continually see resource changes everytime your run Puppet. ####Bugfixes - Alter role call not idempotent with cleartext passwords (Ken Barber) ##2013-07-19 Release 2.4.0 ###Summary This updates adds the ability to change permissions on tables, create template databases from normal databases, manage PL-Perl's postgres package, and disable the management of `pg_hba.conf`. ####Features - Add `postgresql::table_grant` defined resource - Add `postgresql::plperl` class - Add `manage_pg_hba_conf` parameter to the `postgresql::config` class - Add `istemplate` parameter to the `postgresql::database` define ####Bugfixes - Update `postgresql::role` class to be able to update roles when modified instead of only on creation. - Update tests - Fix documentation of `postgresql::database_grant` ##2.3.0 This feature release includes the following changes: * Add a new parameter `owner` to the `database` type. This can be used to grant ownership of a new database to a specific user. (Bruno Harbulot) * Add support for operating systems other than Debian/RedHat, as long as the user supplies custom values for all of the required paths, package names, etc. (Chris Price) * Improved integration testing (Ken Barber) ##2.2.1 This release fixes a bug whereby one of our shell commands (psql) were not ran from a globally accessible directory. This was causing permission denied errors when the command attempted to change user without changing directory. Users of previous versions might have seen this error: Error: Error executing SQL; psql returned 256: 'could not change directory to "/root" This patch should correct that. #### Detail Changes * Set /tmp as default CWD for postgresql_psql ##2.2.0 This feature release introduces a number of new features and bug fixes. First of all it includes a new class named `postgresql::python` which provides you with a convenient way of install the python Postgresql client libraries. class { 'postgresql::python': } You are now able to use `postgresql::database_user` without having to specify a password_hash, useful for different authentication mechanisms that do not need passwords (ie. cert, local etc.). We've also provided a lot more advanced custom parameters now for greater control of your Postgresql installation. Consult the class documentation for PuppetDB in the README. This release in particular has largely been contributed by the community members below, a big thanks to one and all. #### Detailed Changes * Add support for psycopg installation (Flaper Fesp and Dan Prince) * Added default PostgreSQL version for Ubuntu 13.04 (Kamil Szymanski) * Add ability to create users without a password (Bruno Harbulot) * Three Puppet 2.6 fixes (Dominic Cleal) * Add explicit call to concat::setup when creating concat file (Dominic Cleal) * Fix readme typo (Jordi Boggiano) * Update postgres_default_version for Ubuntu (Kamil Szymanski) * Allow to set connection for noew role (Kamil Szymanski) * Fix pg_hba_rule for postgres local access (Kamil Szymanski) * Fix versions for travis-ci (Ken Barber) * Add replication support (Jordi Boggiano) * Cleaned up and added unit tests (Ken Barber) * Generalization to provide more flexability in postgresql configuration (Karel Brezina) * Create dependent directory for sudoers so tests work on Centos 5 (Ken Barber) * Allow SQL commands to be run against a specific DB (Carlos Villela) * Drop trailing comma to support Puppet 2.6 (Michael Arnold) ##2.1.1 This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: And the postgresql log entry: FATAL: unrecognized configuration parameter "include" This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. #### Detailed Changes 2013-01-21 - Ken Barber * Only install `include` directive and included file on PostgreSQL >= 8.2 * Add system tests for Centos 5 ##2.1.0 This release is primarily a feature release, introducing some new helpful constructs to the module. For starters, we've added the line `include 'postgresql_conf_extras.conf'` by default so extra parameters not managed by the module can be added by other tooling or by Puppet itself. This provides a useful escape-hatch for managing settings that are not currently managed by the module today. We've added a new defined resource for managing your tablespace, so you can now create new tablespaces using the syntax: postgresql::tablespace { 'dbspace': location => '/srv/dbspace', } We've added a locale parameter to the `postgresql` class, to provide a default. Also the parameter has been added to the `postgresql::database` and `postgresql::db` defined resources for changing the locale per database: postgresql::db { 'mydatabase': user => 'myuser', password => 'mypassword', encoding => 'UTF8', locale => 'en_NG', } There is a new class for installing the necessary packages to provide the PostgreSQL JDBC client jars: class { 'postgresql::java': } And we have a brand new defined resource for managing fine-grained rule sets within your pg_hba.conf access lists: postgresql::pg_hba { 'Open up postgresql for access from 200.1.2.0/24': type => 'host', database => 'app', user => 'app', address => '200.1.2.0/24', auth_method => 'md5', } Finally, we've also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests available are provided in the README for the module. A big thanks to all those listed below who made this feature release possible :-). #### Detailed Changes 2013-01-18 - Simão Fontes & Flaper Fesp * Remove trailing commas from params.pp property definition for Puppet 2.6.0 compatibility 2013-01-18 - Lauren Rother * Updated README.md to conform with best practices template 2013-01-09 - Adrien Thebo * Update postgresql_default_version to 9.1 for Debian 7.0 2013-01-28 - Karel Brezina * Add support for tablespaces 2013-01-16 - Chris Price & Karel Brezina * Provide support for an 'include' config file 'postgresql_conf_extras.conf' that users can modify manually or outside of the module. 2013-01-31 - jv * Fix typo in README.pp for postgresql::db example 2013-02-03 - Ken Barber * Add unit tests and travis-ci support 2013-02-02 - Ken Barber * Add locale parameter support to the 'postgresql' class 2013-01-21 - Michael Arnold * Add a class for install the packages containing the PostgreSQL JDBC jar 2013-02-06 - fhrbek * Coding style fixes to reduce warnings in puppet-lint and Geppetto 2013-02-10 - Ken Barber * Provide new defined resource for managing pg_hba.conf 2013-02-11 - Ken Barber * Fix bug with reload of Postgresql on Redhat/Centos 2013-02-15 - Erik Dalén * Fix more style issues to reduce warnings in puppet-lint and Geppetto 2013-02-15 - Erik Dalén * Fix case whereby we were modifying a hash after creation ##2.0.1 Minor bugfix release. 2013-01-16 - Chris Price * Fix revoke command in database.pp to support postgres 8.1 (43ded42) 2013-01-15 - Jordi Boggiano * Add support for ubuntu 12.10 status (3504405) ##2.0.0 Many thanks to the following people who contributed patches to this release: * Adrien Thebo * Albert Koch * Andreas Ntaflos * Brett Porter * Chris Price * dharwood * Etienne Pelletier * Florin Broasca * Henrik * Hunter Haugen * Jari Bakken * Jordi Boggiano * Ken Barber * nzakaria * Richard Arends * Spenser Gilliland * stormcrow * William Van Hevelingen Notable features: * Add support for versions of postgres other than the system default version (which varies depending on OS distro). This includes optional support for automatically managing the package repo for the "official" postgres yum/apt repos. (Major thanks to Etienne Pelletier and Ken Barber for their tireless efforts and patience on this feature set!) For example usage see `tests/official-postgresql-repos.pp`. * Add some support for Debian Wheezy and Ubuntu Quantal * Add new `postgres_psql` type with a Ruby provider, to replace the old exec-based `psql` type. This gives us much more flexibility around executing SQL statements and controlling their logging / reports output. * Major refactor of the "spec" tests--which are actually more like acceptance tests. We now support testing against multiple OS distros via vagrant, and the framework is in place to allow us to very easily add more distros. Currently testing against Cent6 and Ubuntu 10.04. * Fixed a bug that was preventing multiple databases from being owned by the same user (9adcd182f820101f5e4891b9f2ff6278dfad495c - Etienne Pelletier ) * Add support for ACLs for finer-grained control of user/interface access (b8389d19ad78b4fb66024897097b4ed7db241930 - dharwood ) * Many other bug fixes and improvements! --- ##1.0.0 2012-09-17 - Version 0.3.0 released 2012-09-14 - Chris Price * Add a type for validating a postgres connection (ce4a049) 2012-08-25 - Jari Bakken * Remove trailing commas. (e6af5e5) 2012-08-16 - Version 0.2.0 released puppetlabs-postgresql-4.6.1/checksums.json000644 000765 000024 00000021662 12631567457 022747 0ustar00helencampbellstaff000000 000000 { "CHANGELOG.md": "07b17822934b9117fe3933c9f5c5b1ef", "CONTRIBUTING.md": "e2b8e8e433fc76b3798b7fe435f49375", "Gemfile": "e6e6eb07f0bfc9bb1e328895ca49b3f5", "LICENSE": "746fe83ebbf8970af0a9ea13962293e9", "NOTICE": "d8ffc52f00e00877b45d2b77e709f69e", "README.md": "01fda54caf6289077880d22271662447", "Rakefile": "d953eb985f82600dc3b9ac6e1f2cfe64", "files/RPM-GPG-KEY-PGDG": "78b5db170d33f80ad5a47863a7476b22", "files/validate_postgresql_connection.sh": "20301932819f035492a30880f5bf335a", "lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb": "d518a7959b950874820a3b0a7a324488", "lib/puppet/parser/functions/postgresql_escape.rb": "2e136fcd653ab38d831c5b40806d47d1", "lib/puppet/parser/functions/postgresql_password.rb": "820da02a888ab42357fe9bc2352b1c37", "lib/puppet/provider/postgresql_conf/parsed.rb": "8d8fdb4349d1ddfb79bc5539e7843e45", "lib/puppet/provider/postgresql_psql/ruby.rb": "589ada55e324bc6eea0003d62d8559d5", "lib/puppet/provider/postgresql_replication_slot/ruby.rb": "dcd93860861c530a12f1233334ea5f17", "lib/puppet/type/postgresql_conf.rb": "95c73ca169db02aa1128ae3baa2f7399", "lib/puppet/type/postgresql_psql.rb": "01fa589d0c71691e1ed13031cef363c5", "lib/puppet/type/postgresql_replication_slot.rb": "cd9362cdb569945ca42986d005e88bcb", "manifests/client.pp": "45131980b230139b39ca168437725f69", "manifests/globals.pp": "22413edee0b13ece955ea08bc227fa9b", "manifests/lib/devel.pp": "5989d15c43b2543aad8cf872e6a8b2ba", "manifests/lib/docs.pp": "ec903581401a6629fb29d8dc6fed1a1f", "manifests/lib/java.pp": "ed639fd6ba8392cf4239cfe02be6ace5", "manifests/lib/perl.pp": "5213fb4284f041fe28a22d68119f646d", "manifests/lib/python.pp": "90736f86301c4c6401ec1180c176b616", "manifests/params.pp": "081a16ae87648321843f575ee6582093", "manifests/repo/apt_postgresql_org.pp": "e6ad65e3a62b86c69ed0d33fe43a5d84", "manifests/repo/yum_postgresql_org.pp": "999d830dc382be7eca8e4c01b933972c", "manifests/repo.pp": "108094937440689e0caa99a4f7a7e0de", "manifests/server/config.pp": "d58ad2b42825bbe17e945e9ff81bb3e7", "manifests/server/config_entry.pp": "fac655a3e96e443c62eeda1d12bd39e7", "manifests/server/contrib.pp": "a0aafd867ca7c932bee14ebf480bfacd", "manifests/server/database.pp": "a1d39858335e6bd1e5ed68f85a10736c", "manifests/server/database_grant.pp": "66e5470bb932b087b540c444ee49941b", "manifests/server/db.pp": "ea41e1e51fc00fdb7a9129ecc5279ca3", "manifests/server/extension.pp": "bbfce6b3f8af0ba3a9e5fb2ca8a8b1cf", "manifests/server/grant.pp": "8dbfd728383f70093c57074e93fa0a2c", "manifests/server/initdb.pp": "5e717e795a471823ed668820678991ca", "manifests/server/install.pp": "ddd4000b5cee099a3d0ebed79fd458bb", "manifests/server/passwd.pp": "bdfd5f7b9f428dc85cddc99569821ccf", "manifests/server/pg_hba_rule.pp": "c2e2130a82f75b75ba409fc33bb70d1a", "manifests/server/pg_ident_rule.pp": "0fa70e2d42d17c59f41bd3351d5d96fb", "manifests/server/plperl.pp": "189c47d04158440874dc136ca2b3fd7a", "manifests/server/plpython.pp": "4a1f44cd2a8019e42cb8e05075a1751c", "manifests/server/postgis.pp": "6ac7fbd262907bb1303aa29970e908eb", "manifests/server/recovery.pp": "7d2cc6a96a5a5982dbb375ca7d47ac81", "manifests/server/reload.pp": "218ac61018f7fab71f250284c4b879d0", "manifests/server/role.pp": "c77ec478110ef526c46e7c86ae34ea99", "manifests/server/schema.pp": "ad34f007dac59dc4673b1feebedaa048", "manifests/server/service.pp": "86b88df8df316c5305a7024f8b5c83a1", "manifests/server/table_grant.pp": "9b5c3cff1162be7348ac12a2e8f9f83a", "manifests/server/tablespace.pp": "7a76820bae0f079bdbcde0be7a164f82", "manifests/server.pp": "60405bc9368079d6110b41522b104eac", "manifests/validate_db_connection.pp": "a4d331cfbc32562fd641b1fa4b54e35a", "metadata.json": "73d27b7b82d4965b713972adaf431d31", "spec/acceptance/00-utf8_encoding_spec.rb": "68d1771b2ae116c394841a6d9ac81a0c", "spec/acceptance/alternative_port_spec.rb": "cf33ba48e8d54ba9f63ae7ad6c737d57", "spec/acceptance/db_spec.rb": "bad1c86df16a8d9a123416358b0fe0b6", "spec/acceptance/default_parameters_spec.rb": "e90626a6a1a84336b0829521ed89152e", "spec/acceptance/nodesets/centos-510-x64.yml": "5698f7e61292730c603e03f64fe19359", "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151", "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", "spec/acceptance/nodesets/centos-64-x64.yml": "9cde7b5d2ab6a42366d2344c264d6bdc", "spec/acceptance/nodesets/centos-65-x64.yml": "3e5c36e6aa5a690229e720f4048bb8af", "spec/acceptance/nodesets/debian-607-x64.yml": "d566bf76f534e2af7c9a4605316d232c", "spec/acceptance/nodesets/debian-73-x64.yml": "ba5a75e27644c48ad8f3564fb6d372a7", "spec/acceptance/nodesets/default.yml": "9cde7b5d2ab6a42366d2344c264d6bdc", "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "75e86400b7889888dc0781c0ae1a1297", "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "d30d73e34cd50b043c7d14e305955269", "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "5f0aed10098ac5b78e4217bb27c7aaf0", "spec/acceptance/postgresql_psql_spec.rb": "5d70b4c3e35f1b5fc89a768498f74987", "spec/acceptance/server/recovery_spec.rb": "04c87359a23d3ac297ccf49127111ac1", "spec/acceptance/server/schema_spec.rb": "988aa84ae180a4508897abf6a7fdb39e", "spec/acceptance/z_alternative_pgdata_spec.rb": "64f73267d91c5dd59a9346fb554b224a", "spec/spec.opts": "a600ded995d948e393fbe2320ba8e51c", "spec/spec_helper.rb": "2c3b776fcf7328f372f63550663d05fd", "spec/spec_helper_acceptance.rb": "411e4c6f836cf8f231f8f76a0f4b46eb", "spec/unit/classes/client_spec.rb": "782d49105bf582bb61364790d55d4080", "spec/unit/classes/globals_spec.rb": "3f03233518aa7978e511eff739ccf13e", "spec/unit/classes/lib/devel_spec.rb": "149e26d7cff5198b73de081cc36b2937", "spec/unit/classes/lib/java_spec.rb": "2d8bd73fe651e9e62d0bba49abef292c", "spec/unit/classes/lib/perl_spec.rb": "748a923db31aa42b3ee2fa5ac534d0d6", "spec/unit/classes/lib/pgdocs_spec.rb": "edd7c5b7fee837d8975c6a1b11954095", "spec/unit/classes/lib/python_spec.rb": "085a1fd6809298d8774b8fd84157908d", "spec/unit/classes/params_spec.rb": "af9c9224fb32b0e64bf575275167bebf", "spec/unit/classes/repo_spec.rb": "cd1385198525063f7444fb7ef57b08cc", "spec/unit/classes/server/config_spec.rb": "809473756bdeb5f55d15fb0eb8acbda9", "spec/unit/classes/server/contrib_spec.rb": "a0334495869618a6b75858211fec8cc8", "spec/unit/classes/server/initdb_spec.rb": "ad013b15fc4d6cebb41710a4574c6c86", "spec/unit/classes/server/plperl_spec.rb": "5fb32ffacadf95aa84646e32017a30f4", "spec/unit/classes/server/plpython_spec.rb": "692b8fa96db2dbdf985e11c8d3e187cf", "spec/unit/classes/server/postgis_spec.rb": "3975f38629148de15fd2cd87385f8e2e", "spec/unit/classes/server_spec.rb": "38d614cbfa1a6a51320c5b21586e1409", "spec/unit/defines/server/config_entry_spec.rb": "a666efb4906edaf700010b98a3a3c79b", "spec/unit/defines/server/database_grant_spec.rb": "52e7ba3370d10b7c23a7b29fffe1ff33", "spec/unit/defines/server/database_spec.rb": "75493abe8a6f79b0dba31dce45cfeedf", "spec/unit/defines/server/db_spec.rb": "33b0f3152a559f701acf1b1ee5485acd", "spec/unit/defines/server/extension_spec.rb": "b7fa829927057f763a202673f9b6fe53", "spec/unit/defines/server/grant_spec.rb": "7f3bb631deee7df104c90c3550f761ed", "spec/unit/defines/server/pg_hba_rule_spec.rb": "fd1b947dfe0df3b81f1403928064c22f", "spec/unit/defines/server/pg_ident_rule_spec.rb": "2e32da6f0f107359fc5ab5727812f853", "spec/unit/defines/server/recovery_spec.rb": "86fba4b913ebeef06be8e63c52e72044", "spec/unit/defines/server/role_spec.rb": "d421756024b2c3be85785f3a092939bb", "spec/unit/defines/server/schema_spec.rb": "d42e5fdee9427032df915f599a0f8de2", "spec/unit/defines/server/table_grant_spec.rb": "21e375467a0635194d0f2e5effdcf22a", "spec/unit/defines/server/tablespace_spec.rb": "ac4b95389354e2b489547f3a95441b61", "spec/unit/defines/validate_db_connection_spec.rb": "066c39f36fd5e6af8d36d34c8dd78b51", "spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb": "ba576b0f385aa44fa352df6d5812f4ae", "spec/unit/functions/postgresql_escape_spec.rb": "ddf2f5498937840f8c55a5ff2d8e9cb1", "spec/unit/functions/postgresql_password_spec.rb": "8ca30e0a155e27dd3c161cea558a97eb", "spec/unit/provider/postgresql_conf/parsed_spec.rb": "91e9e026eb6c0d859982c7a3faaac439", "spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb": "17e614219161dd719490b3fd6c7c55ea", "spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb": "641f5e82f4b92c2de28b361cbd3361f2", "spec/unit/puppet/type/postgresql_psql_spec.rb": "394a71e3883e145ca8b588ce7bc2843b", "spec/unit/puppet/type/postgresql_replication_slot_spec.rb": "fcd735f400d0e981213b2ecb7cbcf0b0", "spec/unit/type/postgresql_conf_spec.rb": "069ce03012044d4864d7e81b60f022e0", "templates/pg_hba_rule.conf": "13b46eecdfd359eddff71fa485ef2f54", "templates/pg_ident_rule.conf": "444c85172fd44262344588e83ebb2515", "templates/recovery.conf": "ae00a6031a3790b169d7ab50a224e827", "templates/systemd-override.erb": "17c39b9317b81cb9cbfc16b27ec7c292" }puppetlabs-postgresql-4.6.1/CONTRIBUTING.md000644 000765 000024 00000017435 12631567404 022313 0ustar00helencampbellstaff000000 000000 Checklist (and a short version for the impatient) ================================================= * Commits: - Make commits of logical units. - Check for unnecessary whitespace with "git diff --check" before committing. - Commit using Unix line endings (check the settings around "crlf" in git-config(1)). - Do not check in commented out code or unneeded files. - The first line of the commit message should be a short description (50 characters is the soft limit, excluding ticket number(s)), and should skip the full stop. - Associate the issue in the message. The first line should include the issue number in the form "(#XXXX) Rest of message". - The body should provide a meaningful commit message, which: - uses the imperative, present tense: "change", not "changed" or "changes". - includes motivation for the change, and contrasts its implementation with the previous behavior. - Make sure that you have tests for the bug you are fixing, or feature you are adding. - Make sure the test suites passes after your commit: `bundle exec rspec spec/acceptance` More information on [testing](#Testing) below - When introducing a new feature, make sure it is properly documented in the README.md * Submission: * Pre-requisites: - Make sure you have a [GitHub account](https://github.com/join) - [Create a ticket](https://tickets.puppetlabs.com/secure/CreateIssue!default.jspa), or [watch the ticket](https://tickets.puppetlabs.com/browse/) you are patching for. * Preferred method: - Fork the repository on GitHub. - Push your changes to a topic branch in your fork of the repository. (the format ticket/1234-short_description_of_change is usually preferred for this project). - Submit a pull request to the repository in the puppetlabs organization. The long version ================ 1. Make separate commits for logically separate changes. Please break your commits down into logically consistent units which include new or changed tests relevant to the rest of the change. The goal of doing this is to make the diff easier to read for whoever is reviewing your code. In general, the easier your diff is to read, the more likely someone will be happy to review it and get it into the code base. If you are going to refactor a piece of code, please do so as a separate commit from your feature or bug fix changes. We also really appreciate changes that include tests to make sure the bug is not re-introduced, and that the feature is not accidentally broken. Describe the technical detail of the change(s). If your description starts to get too long, that is a good sign that you probably need to split up your commit into more finely grained pieces. Commits which plainly describe the things which help reviewers check the patch and future developers understand the code are much more likely to be merged in with a minimum of bike-shedding or requested changes. Ideally, the commit message would include information, and be in a form suitable for inclusion in the release notes for the version of Puppet that includes them. Please also check that you are not introducing any trailing whitespace or other "whitespace errors". You can do this by running "git diff --check" on your changes before you commit. 2. Sending your patches To submit your changes via a GitHub pull request, we _highly_ recommend that you have them on a topic branch, instead of directly on "master". It makes things much easier to keep track of, especially if you decide to work on another thing before your first change is merged in. GitHub has some pretty good [general documentation](http://help.github.com/) on using their site. They also have documentation on [creating pull requests](http://help.github.com/send-pull-requests/). In general, after pushing your topic branch up to your repository on GitHub, you can switch to the branch in the GitHub UI and click "Pull Request" towards the top of the page in order to open a pull request. 3. Update the related GitHub issue. If there is a GitHub issue associated with the change you submitted, then you should update the ticket to include the location of your branch, along with any other commentary you may wish to make. Testing ======= Getting Started --------------- Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, or Gems, are required to build, develop, and test this software. Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, then use it to install all dependencies needed for this project, by running ```shell % bundle install Fetching gem metadata from https://rubygems.org/........ Fetching gem metadata from https://rubygems.org/.. Using rake (10.1.0) Using builder (3.2.2) -- 8><-- many more --><8 -- Using rspec-system-puppet (2.2.0) Using serverspec (0.6.3) Using rspec-system-serverspec (1.0.0) Using bundler (1.3.5) Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. ``` NOTE some systems may require you to run this command with sudo. If you already have those gems installed, make sure they are up-to-date: ```shell % bundle update ``` With all dependencies in place and up-to-date we can now run the tests: ```shell % rake spec ``` This will execute all the [rspec tests](http://rspec-puppet.com/) tests under [spec/defines](./spec/defines), [spec/classes](./spec/classes), and so on. rspec tests may have the same kind of dependencies as the module they are testing. While the module defines in its [Modulefile](./Modulefile), rspec tests define them in [.fixtures.yml](./fixtures.yml). Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker) tests. These tests spin up a virtual machine under [VirtualBox](https://www.virtualbox.org/)) with, controlling it with [Vagrant](http://www.vagrantup.com/) to actually simulate scripted test scenarios. In order to run these, you will need both of those tools installed on your system. You can run them by issuing the following command ```shell % rake spec_clean % rspec spec/acceptance ``` This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml), install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb) and then run all the tests under [spec/acceptance](./spec/acceptance). Writing Tests ------------- XXX getting started writing tests. If you have commit access to the repository =========================================== Even if you have commit access to the repository, you will still need to go through the process above, and have someone else review and merge in your changes. The rule is that all changes must be reviewed by a developer on the project (that did not write the code) to ensure that all changes go through a code review process. Having someone other than the author of the topic branch recorded as performing the merge is the record that they performed the code review. Additional Resources ==================== * [Getting additional help](http://puppetlabs.com/community/get-help) * [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) * [Patchwork](https://patchwork.puppetlabs.com) * [General GitHub documentation](http://help.github.com/) * [GitHub pull request documentation](http://help.github.com/send-pull-requests/) puppetlabs-postgresql-4.6.1/files/000755 000765 000024 00000000000 12631567457 021162 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/Gemfile000644 000765 000024 00000002477 12631567404 021355 0ustar00helencampbellstaff000000 000000 source ENV['GEM_SOURCE'] || "https://rubygems.org" def location_for(place, fake_version = nil) if place =~ /^(git:[^#]*)#(.*)/ [fake_version, { :git => $1, :branch => $2, :require => false }].compact elsif place =~ /^file:\/\/(.*)/ ['>= 0', { :path => File.expand_path($1), :require => false }] else [place, { :require => false }] end end group :development, :unit_tests do gem 'rspec-core', '3.1.7', :require => false gem 'puppetlabs_spec_helper', :require => false gem 'simplecov', :require => false gem 'puppet_facts', :require => false gem 'json', :require => false end group :system_tests do if beaker_version = ENV['BEAKER_VERSION'] gem 'beaker', *location_for(beaker_version) end if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] gem 'beaker-rspec', *location_for(beaker_rspec_version) else gem 'beaker-rspec', :require => false end gem 'serverspec', :require => false gem 'beaker-puppet_install_helper', :require => false end if facterversion = ENV['FACTER_GEM_VERSION'] gem 'facter', facterversion, :require => false else gem 'facter', :require => false end if puppetversion = ENV['PUPPET_GEM_VERSION'] gem 'puppet', puppetversion, :require => false else gem 'puppet', :require => false end # vim:ft=ruby puppetlabs-postgresql-4.6.1/lib/000755 000765 000024 00000000000 12631567457 020626 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/LICENSE000644 000765 000024 00000026116 12631567404 021063 0ustar00helencampbellstaff000000 000000 Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright 2013 Puppet Labs Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. puppetlabs-postgresql-4.6.1/manifests/000755 000765 000024 00000000000 12631567457 022051 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/metadata.json000644 000765 000024 00000003150 12631567457 022532 0ustar00helencampbellstaff000000 000000 { "name": "puppetlabs-postgresql", "version": "4.6.1", "author": "Inkling/Puppet Labs", "summary": "Offers support for basic management of PostgreSQL databases.", "license": "Apache-2.0", "source": "git://github.com/puppetlabs/puppetlabs-postgresql.git", "project_page": "https://github.com/puppetlabs/puppetlabs-postgresql", "issues_url": "https://tickets.puppetlabs.com/browse/MODULES", "dependencies": [ {"name":"puppetlabs/stdlib","version_requirement":"4.x"}, {"name":"puppetlabs/apt","version_requirement":">=1.8.0 <3.0.0"}, {"name":"puppetlabs/concat","version_requirement":">= 1.1.0 <2.0.0"} ], "operatingsystem_support": [ { "operatingsystem": "RedHat", "operatingsystemrelease": [ "5", "6", "7" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "5", "6", "7" ] }, { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ "5", "6", "7" ] }, { "operatingsystem": "Scientific", "operatingsystemrelease": [ "5", "6", "7" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "10.04", "12.04", "14.04" ] } ], "requirements": [ { "name": "pe", "version_requirement": ">= 3.0.0 < 2015.4.0" }, { "name": "puppet", "version_requirement": ">= 3.0.0 < 5.0.0" } ] } puppetlabs-postgresql-4.6.1/NOTICE000644 000765 000024 00000000656 12631567404 020763 0ustar00helencampbellstaff000000 000000 Puppetlabs postgresql module Copyright 2012 Inkling Systems Inc Copyright 2012-2013 Puppet Labs Inc Copyright 2012-2013 Camptocamp SA. This product includes software developed by: The Puppet Labs Inc (http://www.puppetlabs.com/). This product includes also software developed by: Camptocamp SA (http://www.camptocamp.com/) This product includes also software developed by: Inkling Systems Inc (https://www.inkling.com/) puppetlabs-postgresql-4.6.1/Rakefile000644 000765 000024 00000000766 12631567404 021526 0ustar00helencampbellstaff000000 000000 require 'puppetlabs_spec_helper/rake_tasks' require 'puppet-lint/tasks/puppet-lint' PuppetLint.configuration.fail_on_warnings = true PuppetLint.configuration.send('relative') PuppetLint.configuration.send('disable_80chars') PuppetLint.configuration.send('disable_class_inherits_from_params_class') PuppetLint.configuration.send('disable_documentation') PuppetLint.configuration.send('disable_single_quote_string_with_variables') PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] puppetlabs-postgresql-4.6.1/README.md000644 000765 000024 00000145175 12631567444 021350 0ustar00helencampbellstaff000000 000000 postgresql ========== Table of Contents ----------------- 1. [Overview - What is the PostgreSQL module?](#overview) 2. [Module Description - What does the module do?](#module-description) 3. [Setup - The basics of getting started with PostgreSQL module](#setup) * [PE 3.2 supported module](#pe-32-supported-module) * [Configuring the server](#configuring-the-server) 4. [Usage - How to use the module for various tasks](#usage) 5. [Reference - The classes, defines,functions and facts available in this module](#reference) 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) 8. [Transfer Notice - Notice of authorship change](#transfer-notice) 9. [Contributors - List of module contributors](#contributors) Overview -------- The PostgreSQL module allows you to easily manage postgres databases with Puppet. Module Description ------------------- PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage PostgreSQL packages and services on several operating systems, while also supporting basic management of PostgreSQL databases and users. The module offers support for basic management of common security settings. Setup ----- **What puppetlabs-PostgreSQL affects:** * package/service/configuration files for PostgreSQL * listened-to ports * IP and mask (optional) **Introductory Questions** The postgresql module offers many security configuration settings. Before getting started, you will want to consider: * Do you want/need to allow remote connections? * If yes, what about TCP connections? * How restrictive do you want the database superuser's permissions to be? Your answers to these questions will determine which of the module's parameters you'll want to specify values for. ###PE 3.2 supported module PE 3.2 introduces Puppet Labs supported modules. The version of the postgresql module that ships within PE 3.2 is supported via normal [Puppet Enterprise support](http://puppetlabs.com/services/customer-support) channels. If you would like to access the [supported module](http://forge.puppetlabs.com/supported) version, you will need to uninstall the shipped module and install the supported version from the Puppet Forge. You can do this by first running # puppet module uninstall puppetlabs-postgresql and then running # puppet module install puppetlabs/postgresql ###Configuring the server The main configuration you'll need to do will be around the `postgresql::server` class. The default parameters are reasonable, but fairly restrictive regarding permissions for who can connect and from where. To manage a PostgreSQL server with sane defaults: class { 'postgresql::server': } For a more customized configuration: class { 'postgresql::server': ip_mask_deny_postgres_user => '0.0.0.0/32', ip_mask_allow_all_users => '0.0.0.0/0', listen_addresses => '*', ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], postgres_password => 'TPSrep0rt!', } Once you've completed your configuration of `postgresql::server`, you can test out your settings from the command line: $ psql -h localhost -U postgres $ psql -h my.postgres.server -U If you get an error message from these commands, it means that your permissions are set in a way that restricts access from where you're trying to connect. That might be a good thing or a bad thing, depending on your goals. For more details about server configuration parameters consult the [PostgreSQL Runtime Configuration docs](http://www.postgresql.org/docs/current/static/runtime-config.html). Usage ----- ###Creating a database There are many ways to set up a postgres database using the `postgresql::server::db` class. For instance, to set up a database for PuppetDB: class { 'postgresql::server': } postgresql::server::db { 'mydatabasename': user => 'mydatabaseuser', password => postgresql_password('mydatabaseuser', 'mypassword'), } ###Managing users, roles and permissions To manage users, roles and permissions: class { 'postgresql::server': } postgresql::server::role { 'marmot': password_hash => postgresql_password('marmot', 'mypasswd'), } postgresql::server::database_grant { 'test1': privilege => 'ALL', db => 'test1', role => 'marmot', } postgresql::server::table_grant { 'my_table of test2': privilege => 'ALL', table => 'my_table', db => 'test2', role => 'marmot', } In this example, you would grant ALL privileges on the test1 database and on the `my_table` table of the test2 database to the user or group specified by dan. At this point, you would just need to plunk these database name/username/password values into your PuppetDB config files, and you are good to go. Reference --------- The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the below settings, they allow you a decent amount of control over your security settings. Classes: * [postgresql::client](#class-postgresqlclient) * [postgresql::globals](#class-postgresqlglobals) * [postgresql::lib::devel](#class-postgresqllibdevel) * [postgresql::lib::java](#class-postgresqllibjava) * [postgresql::lib::docs](#class-postgresqllibdocs) * [postgresql::lib::perl](#class-postgresqllibperl) * [postgresql::lib::python](#class-postgresqllibpython) * [postgresql::server](#class-postgresqlserver) * [postgresql::server::plperl](#class-postgresqlserverplperl) * [postgresql::server::plpython](#class-postgresqlserverplpython) * [postgresql::server::contrib](#class-postgresqlservercontrib) * [postgresql::server::postgis](#class-postgresqlserverpostgis) Resources: * [postgresql::server::config_entry](#resource-postgresqlserverconfig_entry) * [postgresql::server::db](#resource-postgresqlserverdb) * [postgresql::server::database](#resource-postgresqlserverdatabase) * [postgresql::server::database_grant](#resource-postgresqlserverdatabase_grant) * [postgresql::server::extension](#resource-postgresqlserverextension) * [postgresql::server::pg_hba_rule](#resource-postgresqlserverpg_hba_rule) * [postgresql::server::pg_ident_rule](#resource-postgresqlserverpg_ident_rule) * [postgresql::server::recovery](#resource-postgresqlserverrecovery) * [postgresql::server::role](#resource-postgresqlserverrole) * [postgresql::server::schema](#resource-postgresqlserverschema) * [postgresql::server::table_grant](#resource-postgresqlservertable_grant) * [postgresql::server::tablespace](#resource-postgresqlservertablespace) * [postgresql::validate_db_connection](#resource-postgresqlvalidate_db_connection) Custom Resources: * [postgresql\_psql](#custom-resource-postgresql_psql) * [postgresql\_replication\_slot](#custom-resource-postgresql_replication_slot) * [postgresql\_conf](#custom-resource-postgresql_conf) Functions: * [postgresql\_password](#function-postgresql_password) * [postgresql\_acls\_to\_resources\_hash](#function-postgresql_acls_to_resources_hashacl_array-id-order_offset) ###Class: postgresql::globals *Note:* most server specific defaults should be overriden in the `postgresql::server` class. This class should only be used if you are using a non-standard OS or if you are changing elements such as `version` or `manage_package_repo` that can only be changed here. This class allows you to configure the main settings for this module in a global way, to be used by the other classes and defined resources. On its own it does nothing. For example, if you wanted to overwrite the default `locale` and `encoding` for all classes you could use the following combination: class { 'postgresql::globals': encoding => 'UTF-8', locale => 'en_US.UTF-8', }-> class { 'postgresql::server': } That would make the `encoding` and `locale` the default for all classes and defined resources in this module. If you want to use the upstream PostgreSQL packaging, and be specific about the version you wish to download, you could use something like this: class { 'postgresql::globals': manage_package_repo => true, version => '9.2', }-> class { 'postgresql::server': } ####`client_package_name` This setting can be used to override the default postgresql client package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`server_package_name` This setting can be used to override the default postgresql server package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`contrib_package_name` This setting can be used to override the default postgresql contrib package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`devel_package_name` This setting can be used to override the default postgresql devel package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`java_package_name` This setting can be used to override the default postgresql java package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`docs_package_name` This setting can be used to override the default postgresql docs package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`perl_package_name` This setting can be used to override the default postgresql Perl package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`plperl_package_name` This setting can be used to override the default postgresql PL/perl package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`plpython_package_name` This setting can be used to override the default postgresql PL/python package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`python_package_name` This setting can be used to override the default postgresql Python package name. If not specified, the module will use whatever package name is the default for your OS distro. ####`service_ensure` This setting can be used to override the default postgresql service ensure status. If not specified, the module will use `ensure` instead. ####`service_name` This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro. ####`service_provider` This setting can be used to override the default postgresql service provider. If not specified, the module will use whatever service provider is the default for your OS distro. ####`service_status` This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service status is the default for your OS distro. ####`default_database` This setting is used to specify the name of the default database to connect with. On most systems this will be "postgres". ####`initdb_path` Path to the `initdb` command. ####`createdb_path` Path to the `createdb` command. ####`psql_path` Path to the `psql` command. ####`pg_hba_conf_path` Path to your `pg\_hba.conf` file. ####`pg_ident_conf_path` Path to your `pg\_ident.conf` file. ####`postgresql_conf_path` Path to your `postgresql.conf` file. ####`recovery_conf_path` Path to your `recovery.conf` file. ####`pg_hba_conf_defaults` If false, disables the defaults supplied with the module for `pg\_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. ####`datadir` This setting can be used to override the default postgresql data directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. Please note that changing the datadir after installation will cause the server to come to a full stop before being able to make the change. For RedHat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you need to explicitly set needs\_initdb to true in order to allow Puppet to initialize the database in the new datadir (needs\_initdb defaults to true on other systems). Warning: If datadir is changed from the default, puppet will not manage purging of the original data directory, which will cause it to fail if the data directory is changed back to the original. ####`confdir` This setting can be used to override the default postgresql configuration directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. ####`bindir` This setting can be used to override the default postgresql binaries directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. ####`xlogdir` This setting can be used to override the default postgresql xlog directory. If not specified the module will use initdb's default path. ####`logdir` This setting can be used to override the default postgresql log directory. If not specified the module will use initdb's default path. ####`user` This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. ####`group` This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'. ####`version` The version of PostgreSQL to install/manage. This is a simple way of providing a specific version such as '9.2' or '8.4' for example. Defaults to your operating system default. ####`postgis_version` The version of PostGIS to install if you install PostGIS. Defaults to the lowest available with the version of PostgreSQL to be installed. ####`needs_initdb` This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro. ####`encoding` This will set the default encoding encoding for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to the operating system default. ####`locale` This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. ####`repo_proxy` This will set the proxy option for the official PostgreSQL yum-repositories only, Debian is currently not supported. This is useful if your server is behind a corporate firewall and needs to use proxyservers for outside connectivity. #####Debian On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. ####`manage_package_repo` If `true` this will setup the official PostgreSQL repositories on your host. Defaults to `false`. ###Class: postgresql::server The following list are options that you can set in the `config_hash` parameter of `postgresql::server`. ####`postgres_password` This value defaults to `undef`, meaning the super user account in the postgres database is a user called `postgres` and this account does not have a password. If you provide this setting, the module will set the password for the `postgres` user to your specified value. ####`package_name` The name of the package to use for installing the server software. Defaults to the default for your OS distro. ####`package_ensure` Value to pass through to the `package` resource when creating the server instance. Defaults to `undef`. ####`plperl_package_name` This sets the default package name for the PL/Perl extension. Defaults to utilising the operating system default. ####`plpython_package_name` This sets the default package name for the PL/Python extension. Defaults to utilising the operating system default. ####`service_manage` This setting selects whether Puppet should manage the service. Defaults to `true`. ####`service_name` This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro. ####`service_provider` This setting can be used to override the default postgresql service provider. If not specified, the module will use whatever service name is the default for your OS distro. ####`service_reload` This setting can be used to override the default reload command for your PostgreSQL service. If not specified, the module will the default reload command for your OS distro. ####`service_status` This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service name is the default for your OS distro. ####`default_database` This setting is used to specify the name of the default database to connect with. On most systems this will be "postgres". ####`listen_addresses` This value defaults to `localhost`, meaning the postgres server will only accept connections from localhost. If you'd like to be able to connect to postgres from remote machines, you can override this setting. A value of `*` will tell postgres to accept connections from any remote machine. Alternately, you can specify a comma-separated list of hostnames or IP addresses. (For more info, have a look at the `postgresql.conf` file from your system's postgres package). ####`port` This value defaults to `5432`, meaning the postgres server will listen on TCP port 5432. Note that the same port number is used for all IP addresses the server listens on. Also note that for RedHat systems and early Debian systems, changing the port will cause the server to come to a full stop before being able to make the change. ####`ip_mask_deny_postgres_user` This value defaults to `0.0.0.0/0`. Sometimes it can be useful to block the superuser account from remote connections if you are allowing other database users to connect remotely. Set this to an IP and mask for which you want to deny connections by the postgres superuser account. So, e.g., the default value of `0.0.0.0/0` will match any remote IP and deny access, so the postgres user won't be able to connect remotely at all. Conversely, a value of `0.0.0.0/32` would not match any remote IP, and thus the deny rule will not be applied and the postgres user will be allowed to connect. ####`ip_mask_allow_all_users` This value defaults to `127.0.0.1/32`. By default, Postgres does not allow any database user accounts to connect via TCP from remote machines. If you'd like to allow them to, you can override this setting. You might set it to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. ####`ipv4acls` List of strings for access control for connection method, users, databases, IPv4 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (please note that the link will take you to documentation for the most recent version of Postgres, however links for earlier versions can be found on that page). ####`ipv6acls` List of strings for access control for connection method, users, databases, IPv6 addresses; see [postgresql documentation](http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (please note that the link will take you to documentation for the most recent version of Postgres, however links for earlier versions can be found on that page). ####`initdb_path` Path to the `initdb` command. ####`createdb_path` Path to the `createdb` command. ####`psql_path` Path to the `psql` command. ####`pg_hba_conf_path` Path to your `pg\_hba.conf` file. ####`pg_ident_conf_path` Path to your `pg\_ident.conf` file. ####`postgresql_conf_path` Path to your `postgresql.conf` file. ####`recovery_conf_path` Path to your `recovery.conf` file. ####`pg_hba_conf_defaults` If false, disables the defaults supplied with the module for `pg\_hba.conf`. This is useful if you di sagree with the defaults and wish to override them yourself. Be sure that your changes of course alig n with the rest of the module, as some access is required to perform basic `psql` operations for exam ple. ####`user` This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. ####`group` This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'. ####`needs_initdb` This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro. ####`encoding` This will set the default encoding encoding for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to the operating system default. ####`locale` This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. #####Debian On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. ####`manage_pg_hba_conf` This value defaults to `true`. Whether or not manage the pg_hba.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. ####`manage_pg_ident_conf` This value defaults to `true`. Whether or not manage the pg_ident.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. ####`manage_recovery_conf` This value defaults to `false`. Whether or not manage the recovery.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not create the file. ###Class: postgresql::client This class installs postgresql client software. Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): ####`validcon_script_path` Path to validate connection script. Defaults to `/usr/local/bin/validate_postgresql_connection.sh`. ####`package_name` The name of the postgresql client package. ####`package_ensure` The ensure parameter passed on to postgresql client package resource. ###Class: postgresql::server::contrib Installs the postgresql contrib package. ####`package_name` The name of the postgresql contrib package. ####`package_ensure` The ensure parameter passed on to postgresql contrib package resource. ###Class: postgresql::server::postgis Installs the postgresql postgis packages. ###Class: postgresql::lib::devel Installs the packages containing the development libraries for PostgreSQL and symlinks pg_config into `/usr/bin` (if not in `/usr/bin` or `/usr/local/bin`). ####`package_ensure` Override for the `ensure` parameter during package installation. Defaults to `present`. ####`package_name` Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. ####`link_pg_config` By default on all but Debian systems, if the bin directory used by the PostgreSQL package is not `/usr/bin` or `/usr/local/bin`, this class will symlink `pg_config` from the package's bin dir into `/usr/bin`. Set `link_pg_config` to false to disable this behavior. ###Class: postgresql::lib::java This class installs postgresql bindings for Java (JDBC). Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): ####`package_name` The name of the postgresql java package. ####`package_ensure` The ensure parameter passed on to postgresql java package resource. ###Class: postgresql::lib::docs This class installs postgresql bindings for Postgres-Docs. Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): ####`package_name` The name of the postgresql docs package. ####`package_ensure` The ensure parameter passed on to postgresql docs package resource. ###Class: postgresql::lib::perl This class installs the postgresql Perl libraries. For customer requirements you can customise the following parameters: ####`package_name` The name of the postgresql perl package. ####`package_ensure` The ensure parameter passed on to postgresql perl package resource. ###Class: postgresql::server::plpython This class installs the PL/Python procedural language for postgresql. ####`package_name` The name of the postgresql PL/Python package. ####`package_ensure` The ensure parameter passed on to postgresql PL/Python package resource. ###Class: postgresql::lib::python This class installs the postgresql Python libraries. For customer requirements you can customise the following parameters: ####`package_name` The name of the postgresql python package. ####`package_ensure` The ensure parameter passed on to postgresql python package resource. ###Class: postgresql::server::plperl This class installs the PL/Perl procedural language for postgresql. ####`package_name` The name of the postgresql PL/Perl package. ####`package_ensure` The ensure parameter passed on to postgresql PL/Perl package resource. ###Resource: postgresql::server::config\_entry This resource can be used to modify your `postgresql.conf` configuration file. Each resource maps to a line inside your `postgresql.conf` file, for example: postgresql::server::config_entry { 'check_function_bodies': value => 'off', } ####`namevar` Name of the setting to change. ####`ensure` Set to `absent` to remove an entry. ####`value` Value for the setting. ###Resource: postgresql::server::db This is a convenience resource that creates a database, user and assigns necessary permissions in one go. For example, to create a database called `test1` with a corresponding user of the same name, you can use: postgresql::server::db { 'test1': user => 'test1', password => 'test1', } ####`namevar` The namevar for the resource designates the name of the database. ####`comment` A comment to be stored about the database using the PostgreSQL COMMENT command. ####`dbname` The name of the database to be created. Defaults to `namevar`. ####`owner` Name of the database user who should be set as the owner of the database. Defaults to the $user variable set in `postgresql::server` or `postgresql::globals`. ####`user` User to create and assign access to the database upon creation. Mandatory. ####`password` Password for the created user. Mandatory. ####`encoding` Override the character set during creation of the database. Defaults to the default defined during installation. ####`locale` Override the locale during creation of the database. Defaults to the default defined during installation. ####`grant` Grant permissions during creation. Defaults to `ALL`. ####`tablespace` The name of the tablespace to allocate this database to. If not specifies, it defaults to the PostgreSQL default. ####`template` The name of the template database from which to build this database. Defaults to `template0`. ####`istemplate` Define database as a template. Defaults to `false`. ###Resource: postgresql::server::database This defined type can be used to create a database with no users and no permissions, which is a rare use case. ####`namevar` The name of the database to create. ####`dbname` The name of the database, defaults to the namevar. ####`owner` Name of the database user who should be set as the owner of the database. Defaults to the $user variable set in `postgresql::server` or `postgresql::globals`. ####`tablespace` Tablespace for where to create this database. Defaults to the defaults defined during PostgreSQL installation. ####`template` The name of the template database from which to build this database. Defaults to `template0`. ####`encoding` Override the character set during creation of the database. Defaults to the default defined during installation. ####`locale` Override the locale during creation of the database. Defaults to the default defined during installation. ####`istemplate` Define database as a template. Defaults to `false`. ###Resource: postgresql::server::database\_grant This defined type manages grant based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the PostgreSQL documentation for `grant` for more information. ####`namevar` Used to uniquely identify this resource, but functionality not used during grant. ####`privilege` Can be one of `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`. If you need to add multiple privileges, a space delimited string can be used. ####`db` Database to grant access to. ####`role` Role or user whom you are granting access for. ####`psql_db` Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. ####`psql_user` OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. ###Resource: postgresql::server::extension Manages a postgresql extension. ####`database` The database on which to activate the extension. ####`ensure` Whether to activate (`present`) or deactivate (`absent`) the extension. ####`package_name` If provided, this will install the given package prior to activating the extension. ####`package_ensure` By default, the package specified with `package_name` will be installed when the extension is activated, and removed when the extension is deactivated. You can override this behavior by setting the `ensure` value for the package. ###Resource: postgresql::server::grant This defined type manages grant based access privileges for roles. Consult the PostgreSQL documentation for `grant` for more information. ####`namevar` Used to uniquely identify this resource, but functionality not used during grant. ####`db` Database of object which you are granting access on. ####`role` Role or user whom you are granting access for. ####`privilege` The privilege you are granting. Can be `ALL`, `ALL PRIVILEGES` or `object_type` dependent string. ####`object_type` The type of object you are granting privileges on. Can be `DATABASE`, `SCHEMA`, `SEQUENCE`, `ALL SEQUENCES IN SCHEMA`, `TABLE` or `ALL TABLES IN SCHEMA`. ####`object_name` Object of type `object_type` on which to grant access. ####`psql_db` Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. ####`psql_user` OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. ####`port` Port to use when connecting. Default to 'undef' which generally defaults to 5432 depending on your PostgreSQL packaging. ###Resource: postgresql::server::pg\_hba\_rule This defined type allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/8.2/static/auth-pg-hba-conf.html). For example: postgresql::server::pg_hba_rule { 'allow application network to access app database': description => "Open up postgresql for access from 200.1.2.0/24", type => 'host', database => 'app', user => 'app', address => '200.1.2.0/24', auth_method => 'md5', } This would create a ruleset in `pg_hba.conf` similar to: # Rule Name: allow application network to access app database # Description: Open up postgresql for access from 200.1.2.0/24 # Order: 150 host app app 200.1.2.0/24 md5 By default, `pg_hba_rule` requires that you include `postgresql::server`, however, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following. postgresql::server::pg_hba_rule { 'allow application network to access app database': description => "Open up postgresql for access from 200.1.2.0/24", type => 'host', database => 'app', user => 'app', address => '200.1.2.0/24', auth_method => 'md5', target => '/path/to/pg_hba.conf', postgresql_version => '9.4', } ####`namevar` A unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_hba.conf` so the originating resource can be identified. ####`description` A longer description for this rule if required. Defaults to `none`. This description is placed in the comments above the rule in `pg_hba.conf`. ####`type` The type of rule, this is usually one of: `local`, `host`, `hostssl` or `hostnossl`. ####`database` A comma separated list of databases that this rule matches. ####`user` A comma separated list of database users that this rule matches. ####`address` If the type is not 'local' you can provide a CIDR based address here for rule matching. ####`auth_method` The `auth_method` is described further in the `pg_hba.conf` documentation, but it provides the method that is used for authentication for the connection that this rule matches. ####`auth_option` For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. ####`order` An order for placing the rule in `pg_hba.conf`. Defaults to `150`. ####`target` This provides the target for the rule, and is generally an internal only property. Use with caution. ####`postgresql_version` Defaults to the version set in `postgresql::server`. Use this if you want to manage `pg_hba.conf` without managing the entire PostgreSQL instance. ###Resource: postgresql::server::pg\_ident\_rule This defined type allows you to create user name maps for `pg_ident.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/current/static/auth-username-maps.html). For example: postgresql::server::pg_ident_rule{ 'Map the SSL certificate of the backup server as a replication user': map_name => 'sslrepli', system_username => 'repli1.example.com', database_username => 'replication', } This would create a user name map in `pg_ident.conf` similar to: # Rule Name: Map the SSL certificate of the backup server as a replication user # Description: none # Order: 150 sslrepli repli1.example.com replication ####`namevar` A unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_ident.conf` so the originating resource can be identified. ####`description` A longer description for this rule if required. Defaults to `none`. This description is placed in the comments above the rule in `pg_ident.conf`. ####`map_name` Name of the user map, that is used to refer to this mapping in `pg_hba.conf`. ####`system_username` Operating system user name, the user name used to connect to the database. ####`database_username` Database user name, the user name of the the database user. The `system_username` will be mapped to this user name. ####`order` An order for placing the mapping in pg_ident.conf. Defaults to 150. ####`target` This provides the target for the rule, and is generally an internal only property. Use with caution. ###Resource: postgresql::server::recovery This defined type allows you to create the content for `recovery.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/9.4/static/recovery-config.html). For example: postgresql::server::recovery{ 'Create a recovery.conf file with the following defined parameters': restore_command => 'cp /mnt/server/archivedir/%f %p', archive_cleanup_command => undef, recovery_end_command => undef, recovery_target_name => 'daily backup 2015-01-26', recovery_target_time => '2015-02-08 22:39:00 EST', recovery_target_xid => undef, recovery_target_inclusive => true, recovery_target => 'immediate', recovery_target_timeline => 'latest', pause_at_recovery_target => true, standby_mode => 'on', primary_conninfo => 'host=localhost port=5432', primary_slot_name => undef, trigger_file => undef, recovery_min_apply_delay => 0, } This would create a `recovery.conf` config file, similar to this: restore_command = 'cp /mnt/server/archivedir/%f %p' recovery_target_name = 'daily backup 2015-01-26' recovery_target_time = '2015-02-08 22:39:00 EST' recovery_target_inclusive = true recovery_target = 'immediate' recovery_target_timeline = 'latest' pause_at_recovery_target = true standby_mode = on primary_conninfo = 'host=localhost port=5432' recovery_min_apply_delay = 0 Only the specified parameters will be recognize in the template! The `recovery.conf` will be only create if at least one parameter set and [manage_recovery_conf](#manage_recovery_conf) set to true. Every param value is a String set in the template with inverted comma except `recovery_target_inclusive`, `pause_at_recovery_target`, `standby_mode` and `recovery_min_apply_delay`. `standby_mode` is special, String ('on'/'off') and Boolean (true/false) is allowed, but the postgres documentation says it's a Boolean. A detailed description of all above listed parameters can be found in the [PostgreSQL documentation](http://www.postgresql.org/docs/9.4/static/recovery-config.html). The parameters are grouped into these three sections: #### [`Archive Recovery Parameters`](http://www.postgresql.org/docs/9.4/static/archive-recovery-settings.html) In this section the `restore_command`, `archive_cleanup_command` and `recovery_end_command` parameters are listed. #### [`Recovery Target Settings`](http://www.postgresql.org/docs/9.4/static/recovery-target-settings.html) In this section the `recovery_target_name`, `recovery_target_time`, `recovery_target_xid`, `recovery_target_inclusive`, `recovery_target`, `recovery_target_timeline` and `pause_at_recovery_target` parameters are listed. #### [`Standby Server Settings`](http://www.postgresql.org/docs/9.4/static/standby-settings.html) In this section the `standby_mode`, `primary_conninfo`, `primary_slot_name`, `trigger_file` and `recovery_min_apply_delay` parameters are listed. ####`target` This provides the target for the rule, and is generally an internal only property. Use with caution. ###Resource: postgresql::server::role This resource creates a role or user in PostgreSQL. ####`namevar` The role name to create. ####`password_hash` The hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: postgresql::server::role { "myusername": password_hash => postgresql_password('myusername', 'mypassword'), } ####`createdb` Whether to grant the ability to create new databases with this role. Defaults to `false`. ####`createrole` Whether to grant the ability to create new roles with this role. Defaults to `false`. ####`login` Whether to grant login capability for the new role. Defaults to `true`. ####`inherit` Whether to grant inherit capability for the new role. Defaults to `true`. ####`superuser` Whether to grant super user capability for the new role. Defaults to `false`. ####`replication` If `true` provides replication capabilities for this role. Defaults to `false`. ####`connection_limit` Specifies how many concurrent connections the role can make. Defaults to `-1` meaning no limit. ####`username` The username of the role to create, defaults to `namevar`. ###Resource: postgresql::server::schema This defined type can be used to create a schema. For example: postgresql::server::schema { 'isolated': owner => 'jane', db => 'janedb', } It will create the schema `isolated` in the database `janedb` if neccessary, assigning the user `jane` ownership permissions. ####`namevar` The schema name to create. ###`db` Name of the database in which to create this schema. This must be passed. ####`owner` The default owner of the schema. ####`schema` Name of the schma. Defaults to `namevar`. ###Resource: postgresql::server::table\_grant This defined type manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. ####`namevar` Used to uniquely identify this resource, but functionality not used during grant. ####`privilege` Can be one of `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`. If you need to add multiple privileges, a space delimited string can be used. ####`table` Table to grant access on. ####`db` Database of table. ####`role` Role or user whom you are granting access for. ####`psql_db` Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. ####`psql_user` OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. ###Resource: postgresql::server::tablespace This defined type can be used to create a tablespace. For example: postgresql::server::tablespace { 'tablespace1': location => '/srv/space1', } It will create the location if necessary, assigning it the same permissions as your PostgreSQL server. ####`namevar` The tablespace name to create. ####`location` The path to locate this tablespace. ####`owner` The default owner of the tablespace. ####`spcname` Name of the tablespace. Defaults to `namevar`. ###Resource: postgresql::validate\_db\_connection This resource can be utilised inside composite manifests to validate that a client has a valid connection with a remote PostgreSQL database. It can be ran from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests, so it is often used when chained to other tasks such as: starting an application server, performing a database migration. Example usage: postgresql::validate_db_connection { 'validate my postgres connection': database_host => 'my.postgres.host', database_username => 'mydbuser', database_password => 'mydbpassword', database_name => 'mydbname', }-> exec { 'rake db:migrate': cwd => '/opt/myrubyapp', } ####`namevar` Uniquely identify this resource, but functionally does nothing. ####`database_host` The hostname of the database you wish to test. Defaults to 'undef' which generally uses the designated local unix socket. ####`database_port` Port to use when connecting. Default to 'undef' which generally defaults to 5432 depending on your PostgreSQL packaging. ####`database_name` The name of the database you wish to test. Defaults to 'postgres'. ####`database_username` Username to connect with. Defaults to 'undef', which when using a unix socket and ident auth will be the user you are running as. If the host is remote you must provide a username. ####`database_password` Password to connect with. Can be left blank, but that is not recommended. ####`run_as` The user to run the `psql` command with for authenticiation. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. It is not needed for remote testing. ####`sleep` Upon failure, sets the number of seconds to sleep for before trying again. ####`tries` Upon failure, sets the number of attempts before giving up and failing the resource. ####`create_db_first` This will ensure the database is created before running the test. This only really works if your test is local. Defaults to `true`. ### Custom Resource: postgresql\_psql This type allows puppet to run psql statements. #### `name` An arbitrary tag for your own reference; the name of the message. This is the namevar. #### `command` The SQL command to execute via psql. Required. #### `cwd` The working directory under which the psql command should be executed. Defaults to '/tmp' #### `db` The name of the database to execute the SQL command against. #### `environment` Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array. #### `port` The port of the database server to execute the SQL command against. #### `psql\_group` The system user group account under which the psql command should be executed. Defaults to 'postgres' #### `psql\_path` The path to psql executable. Defaults to 'psql' #### `psql\_user` The system user account under which the psql command should be executed. Defaults to "postgres" #### `refreshonly` If 'true', then the SQL will only be executed via a notify/subscribe event. Valid values are true or false. Defaults to false. #### `search\_path` The schema search path to use when executing the SQL command #### `unless` An optional SQL command to execute prior to the main :command; this is generally intended to be used for idempotency, to check for the existence of an object in the database to determine whether or not the main SQL command needs to be executed at all. ### Custom Resource: postgresql\_conf This type allows puppet to manage postgresql.conf parameters. #### `name` The postgresql parameter name to manage. This is the namevar. #### `target` The path to postgresql.conf. Defaults to '/etc/postgresql.conf' #### `value` The value to set for this parameter. ### Custom Resource: postgresql\_replication\_slot This type allows to create and destroy replication slots to register warm standby replication on a Postgresql master server. #### `name` The name of the slot to create. Must be a validt replication slot name. This is the namevar. ###Function: postgresql\_password If you need to generate a postgres encrypted password, use `postgresql_password`. You can call it from your production manifests if you don't mind them containing the clear text versions of your passwords, or you can call it from the command line and then copy and paste the encrypted password into your manifest: $ puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' ###Function: postgresql\_acls\_to\_resources\_hash(acl\_array, id, order\_offset) This internal function converts a list of `pg_hba.conf` based acls (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. **This function should only be used internally by the module**. Limitations ------------ Works with versions of PostgreSQL from 8.1 through 9.2. Current it is only actively tested with the following operating systems: * Debian 6.x and 7.x * Centos 5.x, 6.x, and 7.x. * Ubuntu 10.04 and 12.04, 14.04 Although patches are welcome for making it work with other OS distros, it is considered best effort. ### Apt module support While this module supports both 1.x and 2.x versions of the puppetlabs-apt module, it does not support puppetlabs-apt 2.0.0 or 2.0.1. ### Postgis support Postgis is currently considered an unsupported feature as it doesn't work on all platforms correctly. ### All versions of RHEL/Centos If you have selinux enabled you must add any custom ports you use to the postgresql_port_t context. You can do this as follows: ``` # semanage port -a -t postgresql_port_t -p tcp $customport ``` Development ------------ Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) ### Tests There are two types of tests distributed with the module. Unit tests with rspec-puppet and system tests using rspec-system. For unit testing, make sure you have: * rake * bundler Install the necessary gems: bundle install --path=vendor And then run the unit tests: bundle exec rake spec The unit tests are ran in Travis-CI as well, if you want to see the results of your own tests register the service hook through Travis-CI via the accounts section for your Github clone of this project. If you want to run the system tests, make sure you also have: * vagrant > 1.2.x * Virtualbox > 4.2.10 Then run the tests using: bundle exec rspec spec/acceptance To run the tests on different operating systems, see the sets available in .nodeset.yml and run the specific set with the following syntax: RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance Transfer Notice ---------------- This Puppet module was originally authored by Inkling Systems. The maintainer preferred that Puppet Labs take ownership of the module for future improvement and maintenance as Puppet Labs is using it in the PuppetDB module. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of Inkling. Previously: [https://github.com/inkling/puppet-postgresql](https://github.com/inkling/puppet-postgresql) Contributors ------------ * Andrew Moon * [Kenn Knowles](https://github.com/kennknowles) ([@kennknowles](https://twitter.com/KennKnowles)) * Adrien Thebo * Albert Koch * Andreas Ntaflos * Bret Comnes * Brett Porter * Chris Price * dharwood * Etienne Pelletier * Florin Broasca * Henrik * Hunter Haugen * Jari Bakken * Jordi Boggiano * Ken Barber * nzakaria * Richard Arends * Spenser Gilliland * stormcrow * William Van Hevelingen puppetlabs-postgresql-4.6.1/spec/000755 000765 000024 00000000000 12631567457 021012 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/templates/000755 000765 000024 00000000000 12631567457 022056 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/templates/pg_hba_rule.conf000644 000765 000024 00000000246 12631567404 025166 0ustar00helencampbellstaff000000 000000 # Rule Name: <%=@name%> # Description: <%=@description%> # Order: <%=@order%> <%=@type%> <%=@database%> <%=@user%> <%=@address%> <%=@auth_method%> <%=@auth_option%> puppetlabs-postgresql-4.6.1/templates/pg_ident_rule.conf000644 000765 000024 00000000214 12631567404 025532 0ustar00helencampbellstaff000000 000000 # Rule Name: <%=@name%> # Description: <%=@description%> # Order: <%=@order%> <%=@map_name%> <%=@system_username%> <%=@database_username%> puppetlabs-postgresql-4.6.1/templates/recovery.conf000644 000765 000024 00000002542 12631567404 024556 0ustar00helencampbellstaff000000 000000 <% if @restore_command %> restore_command = '<%= @restore_command %>' <% end %> <% if @archive_cleanup_command %> archive_cleanup_command = '<%= @archive_cleanup_command %>' <% end %> <% if @recovery_end_command %> recovery_end_command = '<%= @recovery_end_command %>' <% end %> <% if @recovery_target_name %> recovery_target_name = '<%= @recovery_target_name %>' <% end %> <% if @recovery_target_time %> recovery_target_time = '<%= @recovery_target_time %>' <% end %> <% if @recovery_target_xid %> recovery_target_xid = '<%= @recovery_target_xid %>' <% end %> <% if @recovery_target_inclusive %> recovery_target_inclusive = <%= @recovery_target_inclusive %> <% end %> <% if @recovery_target %> recovery_target = '<%= @recovery_target %>' <% end %> <% if @recovery_target_timeline %> recovery_target_timeline = '<%= @recovery_target_timeline %>' <% end %> <% if @pause_at_recovery_target %> pause_at_recovery_target = <%= @pause_at_recovery_target %> <% end %> <% if @standby_mode %> standby_mode = <%= @standby_mode %> <% end %> <% if @primary_conninfo %> primary_conninfo = '<%= @primary_conninfo %>' <% end %> <% if @primary_slot_name %> primary_slot_name = '<%= @primary_slot_name %>' <% end %> <% if @trigger_file %> trigger_file = '<%= @trigger_file %>' <% end %> <% if @recovery_min_apply_delay %> recovery_min_apply_delay = <%= @recovery_min_apply_delay %> <% end %> puppetlabs-postgresql-4.6.1/templates/systemd-override.erb000644 000765 000024 00000000460 12631567444 026051 0ustar00helencampbellstaff000000 000000 <% if @manage_package_repo and (scope.function_versioncmp([@version.to_s, '9.1']) >= 0) -%> .include /lib/systemd/system/postgresql-<%= @version %>.service <% else -%> .include /lib/systemd/system/postgresql.service <% end -%> [Service] Environment=PGPORT=<%= @port %> Environment=PGDATA=<%= @datadir %> puppetlabs-postgresql-4.6.1/spec/acceptance/000755 000765 000024 00000000000 12631567457 023100 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/spec.opts000644 000765 000024 00000000057 12631567404 022645 0ustar00helencampbellstaff000000 000000 --format s --colour --loadby mtime --backtrace puppetlabs-postgresql-4.6.1/spec/spec_helper.rb000644 000765 000024 00000001363 12631567404 023623 0ustar00helencampbellstaff000000 000000 require 'puppetlabs_spec_helper/module_spec_helper' RSpec.configure do |c| c.mock_with :rspec do |mock| mock.syntax = [:expect, :should] end c.include PuppetlabsSpec::Files c.before :each do # Store any environment variables away to be restored later @old_env = {} ENV.each_key {|k| @old_env[k] = ENV[k]} if ENV['STRICT_VARIABLES'] == 'yes' Puppet.settings[:strict_variables]=true end end c.after :each do PuppetlabsSpec::Files.cleanup end end # Convenience helper for returning parameters for a type from the # catalogue. def param(type, title, param) param_value(catalogue, type, title, param) end # With rspec-puppet v2.0 this allows coverage checks. #at_exit { RSpec::Puppet::Coverage.report! } puppetlabs-postgresql-4.6.1/spec/spec_helper_acceptance.rb000644 000765 000024 00000006230 12631567404 025767 0ustar00helencampbellstaff000000 000000 require 'beaker-rspec/spec_helper' require 'beaker-rspec/helpers/serverspec' require 'beaker/puppet_install_helper' run_puppet_install_helper UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] class String # Provide ability to remove indentation from strings, for the purpose of # left justifying heredoc blocks. def unindent gsub(/^#{scan(/^\s*/).min_by{|l|l.length}}/, "") end end def shellescape(str) str = str.to_s # An empty argument will be skipped, so return empty quotes. return "''" if str.empty? str = str.dup # Treat multibyte characters as is. It is caller's responsibility # to encode the string in the right encoding for the shell # environment. str.gsub!(/([^A-Za-z0-9_\-.,:\/@\n])/, "\\\\\\1") # A LF cannot be escaped with a backslash because a backslash + LF # combo is regarded as line continuation and simply ignored. str.gsub!(/\n/, "'\n'") return str end def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) psql = "psql #{psql_cmd}" shell("su #{shellescape(user)} -c #{shellescape(psql)}", :acceptable_exit_codes => exit_codes, &block) end RSpec.configure do |c| # Project root proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) # Readable test descriptions c.formatter = :documentation # Configure all nodes in nodeset c.before :suite do # Install module and dependencies puppet_module_install(:source => proj_root, :module_name => 'postgresql') # Set up selinux if appropriate. if fact('osfamily') == 'RedHat' && fact('selinux') == 'true' pp = <<-EOS if $::osfamily == 'RedHat' and $::selinux == 'true' { $semanage_package = $::operatingsystemmajrelease ? { '5' => 'policycoreutils', default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } exec { 'set_postgres': command => 'semanage port -a -t postgresql_port_t -p tcp 5433', path => '/bin:/usr/bin/:/sbin:/usr/sbin', subscribe => Package[$semanage_package], } } EOS apply_manifest_on(agents, pp, :catch_failures => false) end # net-tools required for netstat utility being used by be_listening if fact('osfamily') == 'RedHat' && fact('operatingsystemmajrelease') == '7' pp = <<-EOS package { 'net-tools': ensure => installed } EOS apply_manifest_on(agents, pp, :catch_failures => false) end hosts.each do |host| on host, "/bin/touch #{default['puppetpath']}/hiera.yaml" on host, 'chmod 755 /root' if fact_on(host, 'osfamily') == 'Debian' on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" on host, '/usr/sbin/locale-gen' on host, '/usr/sbin/update-locale' end on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } on host, puppet('module','install','--force','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] } end end end puppetlabs-postgresql-4.6.1/spec/unit/000755 000765 000024 00000000000 12631567457 021771 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/classes/000755 000765 000024 00000000000 12631567457 023426 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/defines/000755 000765 000024 00000000000 12631567457 023406 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/functions/000755 000765 000024 00000000000 12631567457 024001 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/provider/000755 000765 000024 00000000000 12631567457 023623 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/puppet/000755 000765 000024 00000000000 12631567457 023306 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/type/000755 000765 000024 00000000000 12631567457 022752 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/type/postgresql_conf_spec.rb000644 000765 000024 00000003264 12631567404 027516 0ustar00helencampbellstaff000000 000000 #! /usr/bin/env ruby require 'spec_helper' describe Puppet::Type.type(:postgresql_conf) do before do @provider_class = described_class.provide(:simple) { mk_resource_methods } @provider_class.stub(:suitable?).and_return true described_class.stub(:defaultprovider).and_return @provider_class end describe "namevar validation" do it "should have :name as its namevar" do expect(described_class.key_attributes).to eq([:name]) end it "should not invalid names" do expect { described_class.new(:name => 'foo bar') }.to raise_error(Puppet::Error, /Invalid value/) end it "should allow dots in names" do expect { described_class.new(:name => 'foo.bar') }.to_not raise_error end end describe "when validating attributes" do [:name, :provider].each do |param| it "should have a #{param} parameter" do expect(described_class.attrtype(param)).to eq(:param) end end [:value, :target].each do |property| it "should have a #{property} property" do expect(described_class.attrtype(property)).to eq(:property) end end end describe "when validating values" do describe "ensure" do it "should support present as a value for ensure" do expect { described_class.new(:name => 'foo', :ensure => :present) }.to_not raise_error end it "should support absent as a value for ensure" do expect { described_class.new(:name => 'foo', :ensure => :absent) }.to_not raise_error end it "should not support other values" do expect { described_class.new(:name => 'foo', :ensure => :foo) }.to raise_error(Puppet::Error, /Invalid value/) end end end end puppetlabs-postgresql-4.6.1/spec/unit/puppet/provider/000755 000765 000024 00000000000 12631567457 025140 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/puppet/type/000755 000765 000024 00000000000 12631567457 024267 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/puppet/type/postgresql_psql_spec.rb000644 000765 000024 00000017102 12631567444 031065 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe Puppet::Type.type(:postgresql_psql), "when validating attributes" do [:name, :unless, :db, :psql_path, :psql_user, :psql_group].each do |attr| it "should have a #{attr} parameter" do expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:param) end end [:command].each do |attr| it "should have a #{attr} property" do expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:property) end end end describe Puppet::Type.type(:postgresql_psql), :unless => Puppet.features.microsoft_windows? do subject do Puppet::Type.type(:postgresql_psql).new({:name => 'rspec'}.merge attributes) end describe "available attributes" do { :name => "rspec", :command => "SELECT stuff", :unless => "SELECT other,stuff", :db => "postgres", :psql_path => "/bin/false", :psql_user => "postgres", :psql_group => "postgres", :cwd => "/var/lib", :refreshonly => :true, :search_path => [ "schema1", "schema2"] }.each do |attr, value| context attr do let(:attributes) do { attr => value } end describe [attr] do subject { super()[attr] } it { is_expected.to eq(value) } end end end context "default values" do let(:attributes) do {} end describe '[:psql_path]' do subject { super()[:psql_path] } it { is_expected.to eq("psql") } end describe '[:psql_user]' do subject { super()[:psql_user] } it { is_expected.to eq("postgres") } end describe '[:psql_group]' do subject { super()[:psql_group] } it { is_expected.to eq("postgres") } end describe '[:cwd]' do subject { super()[:cwd] } it { is_expected.to eq("/tmp") } end describe '#refreshonly?' do subject { super().refreshonly? } it { is_expected.to be_falsey } end end end describe "#command" do let(:attributes) do {:command => 'SELECT stuff'} end it "will have the value :notrun if the command should execute" do expect(subject).to receive(:should_run_sql).and_return(true) expect(subject.property(:command).retrieve).to eq(:notrun) end it "will be the 'should' value if the command should not execute" do expect(subject).to receive(:should_run_sql).and_return(false) expect(subject.property(:command).retrieve).to eq('SELECT stuff') end it "will call provider#run_sql_command on sync" do expect(subject.provider).to receive(:run_sql_command).with('SELECT stuff').and_return(["done", 0]) subject.property(:command).sync end end describe "#unless" do let(:attributes) do {:unless => 'SELECT something'} end describe "#matches" do it "does not fail when the status is successful" do expect(subject.provider).to receive(:run_unless_sql_command).and_return ["1 row returned", 0] subject.parameter(:unless).matches('SELECT something') end it "returns true when rows are returned" do expect(subject.provider).to receive(:run_unless_sql_command).and_return ["1 row returned", 0] expect(subject.parameter(:unless).matches('SELECT something')).to be_truthy end it "returns false when no rows are returned" do expect(subject.provider).to receive(:run_unless_sql_command).and_return ["0 rows returned", 0] expect(subject.parameter(:unless).matches('SELECT something')).to be_falsey end it "raises an error when the sql command fails" do allow(subject.provider).to receive(:run_unless_sql_command).and_return ["Something went wrong", 1] expect { subject.parameter(:unless).matches('SELECT something') }.to raise_error(Puppet::Error, /Something went wrong/) end end end describe "#should_run_sql" do context "without 'unless'" do [true, :true].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { :refreshonly => refreshonly, } end context "not refreshing" do it { expect(subject.should_run_sql).to be_falsey } end context "refreshing" do it { expect(subject.should_run_sql(true)).to be_truthy } end end end [false, :false].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { :refreshonly => refreshonly, } end context "not refreshing" do it { expect(subject.should_run_sql).to be_truthy } end context "refreshing" do it { expect(subject.should_run_sql(true)).to be_truthy } end end end end context "with matching 'unless'" do before { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(true) } [true, :true].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { :refreshonly => refreshonly, :unless => 'SELECT something', } end context "not refreshing" do it { expect(subject.should_run_sql).to be_falsey } end context "refreshing" do it { expect(subject.should_run_sql(true)).to be_falsey } end end end [false, :false].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { :refreshonly => refreshonly, :unless => 'SELECT something', } end context "not refreshing" do it { expect(subject.should_run_sql).to be_falsey } end context "refreshing" do it { expect(subject.should_run_sql(true)).to be_falsey } end end end end context "when not matching 'unless'" do before { expect(subject.parameter(:unless)).to receive(:matches).with('SELECT something').and_return(false) } [true, :true].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { :refreshonly => refreshonly, :unless => 'SELECT something', } end context "not refreshing" do it { expect(subject.should_run_sql).to be_falsey } end context "refreshing" do it { expect(subject.should_run_sql(true)).to be_truthy } end end end [false, :false].each do |refreshonly| context "refreshonly => #{refreshonly.inspect}" do let(:attributes) do { :refreshonly => refreshonly, :unless => 'SELECT something', } end context "not refreshing" do it { expect(subject.should_run_sql).to be_truthy } end context "refreshing" do it { expect(subject.should_run_sql(true)).to be_truthy } end end end end end describe "#refresh" do let(:attributes) do {} end it "syncs command property when command should run" do expect(subject).to receive(:should_run_sql).with(true).and_return(true) expect(subject.property(:command)).to receive(:sync) subject.refresh end it "does not sync command property when command should not run" do expect(subject).to receive(:should_run_sql).with(true).and_return(false) expect(subject.property(:command)).not_to receive(:sync) subject.refresh end end end puppetlabs-postgresql-4.6.1/spec/unit/puppet/type/postgresql_replication_slot_spec.rb000644 000765 000024 00000000405 12631567404 033452 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe Puppet::Type.type(:postgresql_replication_slot) do subject do Puppet::Type.type(:postgresql_psql).new({:name => 'standby'}) end it 'should have a name parameter' do expect(subject[:name]).to eq 'standby' end end puppetlabs-postgresql-4.6.1/spec/unit/puppet/provider/postgresql_psql/000755 000765 000024 00000000000 12631567457 030402 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/puppet/provider/postgresql_replication_slot/000755 000765 000024 00000000000 12631567457 032775 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/puppet/provider/postgresql_replication_slot/ruby_spec.rb000644 000765 000024 00000005531 12631567404 035311 0ustar00helencampbellstaff000000 000000 require 'spec_helper' type = Puppet::Type.type(:postgresql_replication_slot) describe type.provider(:ruby) do let(:name) { 'standby' } let(:resource) do type.new({ :name => name, :provider => :ruby }.merge attributes) end let(:sql_instances) do "abc | | physical | | | t | | | 0/3000420 def | | physical | | | t | | | 0/3000420\n" end class SuccessStatus def success? true end end let(:success_status) { SuccessStatus.new } class FailStatus def success? false end end let(:fail_status) { FailStatus.new } let(:provider) { resource.provider } context 'when listing instances' do let(:attributes) do { } end it 'should list instances' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', 'SELECT * FROM pg_replication_slots;'], 'postgres', 'postgres').returns([sql_instances, nil]) instances = provider.class.instances expect(instances.size).to eq 2 expect(instances[0].name).to eq 'abc' expect(instances[1].name).to eq 'def' end end context 'when creating slot' do let(:attributes) do { :ensure => 'present' } end context 'when creation works' do it 'should call psql and succeed' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT * FROM pg_create_physical_replication_slot('standby');"], 'postgres', 'postgres').returns([nil, success_status]) expect { provider.create }.not_to raise_error end end context 'when creation fails' do it 'should call psql and fail' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT * FROM pg_create_physical_replication_slot('standby');"], 'postgres', 'postgres').returns([nil, fail_status]) expect { provider.create }.to raise_error(Puppet::Error, /Failed to create replication slot standby:/) end end end context 'when destroying slot' do let(:attributes) do { :ensure => 'absent' } end context 'when destruction works' do it 'should call psql and succeed' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT pg_drop_replication_slot('standby');"], 'postgres', 'postgres').returns([nil, success_status]) expect { provider.destroy }.not_to raise_error end end context 'when destruction fails' do it 'should call psql and fail' do provider.class.expects(:run_command).with( ['psql', '-t', '-c', "SELECT pg_drop_replication_slot('standby');"], 'postgres', 'postgres').returns([nil, fail_status]) expect { provider.destroy }.to raise_error(Puppet::Error, /Failed to destroy replication slot standby:/) end end end end puppetlabs-postgresql-4.6.1/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb000644 000765 000024 00000006035 12631567444 032722 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe Puppet::Type.type(:postgresql_psql).provider(:ruby) do let(:name) { 'rspec psql test' } let(:resource) do Puppet::Type.type(:postgresql_psql).new({ :name => name, :provider => :ruby }.merge attributes) end let(:provider) { resource.provider } context("#run_sql_command") do describe "with default attributes" do let(:attributes) do { :db => 'spec_db' } end it "executes with the given psql_path on the given DB" do expect(provider).to receive(:run_command).with(['psql', '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], 'postgres', 'postgres') provider.run_sql_command('SELECT \'something\' as "Custom column"') end end describe "with psql_path and db" do let(:attributes) do { :psql_path => '/opt/postgres/psql', :psql_user => 'spec_user', :psql_group => 'spec_group', :cwd => '/spec', :db => 'spec_db' } end it "executes with the given psql_path on the given DB" do expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield expect(provider).to receive(:run_command).with([attributes[:psql_path], '-d', attributes[:db], '-t', '-c', '"SELECT \'something\' as \"Custom column\""'], attributes[:psql_user], attributes[:psql_group]) provider.run_sql_command('SELECT \'something\' as "Custom column"') end end describe "with search_path string" do let(:attributes) do { :search_path => "schema1" } end it "executes with the given search_path" do expect(provider).to receive(:run_command).with(['psql', '-t', '-c', '"set search_path to schema1; SELECT \'something\' as \"Custom column\""'], 'postgres', 'postgres') provider.run_sql_command('SELECT \'something\' as "Custom column"') end end describe "with search_path array" do let(:attributes) do { :search_path => ['schema1','schema2'], } end it "executes with the given search_path" do expect(provider).to receive(:run_command).with(['psql', '-t', '-c', '"set search_path to schema1,schema2; SELECT \'something\' as \"Custom column\""'], 'postgres', 'postgres' ) provider.run_sql_command('SELECT \'something\' as "Custom column"') end end end describe "with port string" do let(:attributes) do { :port => '5555' } end it "executes with the given port" do expect(provider).to receive(:run_command).with(["psql", "-p", "5555", "-t", "-c", "\"SELECT something\""], "postgres", "postgres") provider.run_sql_command("SELECT something") end end context("#run_unless_sql_command") do let(:attributes) do { } end it "calls #run_sql_command with SQL" do expect(provider).to receive(:run_sql_command).with('SELECT COUNT(*) FROM (SELECT 1) count') provider.run_unless_sql_command('SELECT 1') end end end puppetlabs-postgresql-4.6.1/spec/unit/provider/postgresql_conf/000755 000765 000024 00000000000 12631567457 027033 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/provider/postgresql_conf/parsed_spec.rb000644 000765 000024 00000010064 12631567404 031641 0ustar00helencampbellstaff000000 000000 require 'spec_helper' require "tempfile" provider_class = Puppet::Type.type(:postgresql_conf).provider(:parsed) describe provider_class do let(:title) { 'postgresql_conf' } let(:provider) { conf_class = Puppet::Type.type(:postgresql_conf) provider = conf_class.provider(:parsed) conffile = tmpfilename('postgresql.conf') provider.any_instance.stub(:target).and_return conffile provider } before do end after :each do provider.initvars end describe "simple configuration that should be allowed" do it "should parse a simple ini line" do expect(provider.parse_line("listen_addreses = '*'")).to eq( { :name=>"listen_addreses", :value=>"*", :comment=>nil, :record_type=>:parsed } ) end it "should parse a simple ini line (2)" do expect(provider.parse_line(" listen_addreses = '*'")).to eq( { :name=>"listen_addreses", :value=>"*", :comment=>nil, :record_type=>:parsed } ) end it "should parse a simple ini line (3)" do expect(provider.parse_line("listen_addreses = '*' # dont mind me")).to eq( { :name=>"listen_addreses", :value=>"*", :comment=>"dont mind me", :record_type=>:parsed } ) end it "should parse a comment" do expect(provider.parse_line("# dont mind me")).to eq( { :line=>"# dont mind me", :record_type=>:comment } ) end it "should parse a comment (2)" do expect(provider.parse_line(" \t# dont mind me")).to eq( { :line=>" \t# dont mind me", :record_type=>:comment } ) end it "should allow includes" do expect(provider.parse_line("include puppetextra")).to eq( { :name=>"include", :value=>"puppetextra", :comment=>nil, :record_type=>:parsed } ) end it "should allow numbers through without quotes" do expect(provider.parse_line("wal_keep_segments = 32")).to eq( { :name=>"wal_keep_segments", :value=>"32", :comment=>nil, :record_type=>:parsed } ) end it "should allow blanks through " do expect(provider.parse_line("")).to eq( { :line=>"", :record_type=>:blank } ) end it "should parse keys with dots " do expect(provider.parse_line("auto_explain.log_min_duration = 1ms")).to eq( { :name => "auto_explain.log_min_duration", :value => "1ms", :comment => nil, :record_type => :parsed } ) end end describe "configuration that should be set" do it "should set comment lines" do expect(provider.to_line({ :line=>"# dont mind me", :record_type=>:comment })).to eq( '# dont mind me' ) end it "should set blank lines" do expect(provider.to_line({ :line=>"", :record_type=>:blank })).to eq( '' ) end it "should set simple configuration" do expect(provider.to_line({:name=>"listen_addresses", :value=>"*", :comment=>nil, :record_type=>:parsed })).to eq( "listen_addresses = '*'" ) end it "should set simple configuration with period in name" do expect(provider.to_line({:name => "auto_explain.log_min_duration", :value => '100ms', :comment => nil, :record_type => :parsed })).to eq( "auto_explain.log_min_duration = 100ms" ) end it "should set simple configuration even with comments" do expect(provider.to_line({:name=>"listen_addresses", :value=>"*", :comment=>'dont mind me', :record_type=>:parsed })).to eq( "listen_addresses = '*' # dont mind me" ) end it 'should quote includes' do expect(provider.to_line( {:name=>"include", :value=>"puppetextra", :comment=>nil, :record_type=>:parsed })).to eq( "include 'puppetextra'" ) end it 'should quote multiple words' do expect(provider.to_line( {:name=>"archive_command", :value=>"rsync up", :comment=>nil, :record_type=>:parsed })).to eq( "archive_command = 'rsync up'" ) end it 'shouldn\'t quote numbers' do expect(provider.to_line( {:name=>"wal_segments", :value=>"32", :comment=>nil, :record_type=>:parsed })).to eq( "wal_segments = 32" ) end end end puppetlabs-postgresql-4.6.1/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb000644 000765 000024 00000007616 12631567404 034346 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql_acls_to_resources_hash', :type => :puppet_function do context 'individual transform tests' do it do input = 'local all postgres ident' result = { "postgresql class generated rule test 0"=>{ "type"=>"local", "database"=>"all", "user"=>"postgres", "auth_method"=>"ident", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'local all root ident' result = { "postgresql class generated rule test 0"=>{ "type"=>"local", "database"=>"all", "user"=>"root", "auth_method"=>"ident", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input_array = [ 'local all all ident', ] result = { "postgresql class generated rule test 0"=>{ "type"=>"local", "database"=>"all", "user"=>"all", "auth_method"=>"ident", "order"=>"100", }, } is_expected.to run.with_params(input_array, 'test', 100).and_return(result) end it do input = 'host all all 127.0.0.1/32 md5' result = { "postgresql class generated rule test 0"=>{ "type"=>"host", "database"=>"all", "user"=>"all", "address"=>"127.0.0.1/32", "auth_method"=>"md5", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all 0.0.0.0/0 md5' result = { "postgresql class generated rule test 0"=>{ "type"=>"host", "database"=>"all", "user"=>"all", "address"=>"0.0.0.0/0", "auth_method"=>"md5", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all ::1/128 md5' result = { "postgresql class generated rule test 0"=>{ "type"=>"host", "database"=>"all", "user"=>"all", "address"=>"::1/128", "auth_method"=>"md5", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all 1.1.1.1 255.255.255.0 md5' result = { "postgresql class generated rule test 0"=>{ "type"=>"host", "database"=>"all", "user"=>"all", "address"=>"1.1.1.1 255.255.255.0", "auth_method"=>"md5", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end it do input = 'host all all 1.1.1.1 255.255.255.0 ldap ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"' result = { "postgresql class generated rule test 0"=>{ "type"=>"host", "database"=>"all", "user"=>"all", "address"=>"1.1.1.1 255.255.255.0", "auth_method"=>"ldap", "auth_option"=>"ldapserver=ldap.example.net ldapprefix=\"cn=\" ldapsuffix=\", dc=example, dc=net\"", "order"=>"100", }, } is_expected.to run.with_params([input], 'test', 100).and_return(result) end end it 'should return an empty hash when input is empty array' do is_expected.to run.with_params([], 'test', 100).and_return({}) end end puppetlabs-postgresql-4.6.1/spec/unit/functions/postgresql_escape_spec.rb000644 000765 000024 00000000461 12631567404 031054 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql_escape', :type => :puppet_function do it { is_expected.to run.with_params('foo'). and_return('$$foo$$') } end describe 'postgresql_escape', :type => :puppet_function do it { is_expected.to run.with_params('fo$$o'). and_return('$ed$fo$$o$ed$') } end puppetlabs-postgresql-4.6.1/spec/unit/functions/postgresql_password_spec.rb000644 000765 000024 00000000305 12631567404 031453 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql_password', :type => :puppet_function do it { is_expected.to run.with_params('foo', 'bar'). and_return('md596948aad3fcae80c08a35c9b5958cd89') } end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/000755 000765 000024 00000000000 12631567457 024714 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/defines/validate_db_connection_spec.rb000644 000765 000024 00000003335 12631567404 031416 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::validate_db_connection', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end let :title do 'test' end describe 'should work with only default parameters' do it { is_expected.to contain_postgresql__validate_db_connection('test') } end describe 'should work with all parameters' do let :params do { :database_host => 'test', :database_name => 'test', :database_password => 'test', :database_username => 'test', :database_port => 5432, :run_as => 'postgresq', :sleep => 4, :tries => 30, } end it { is_expected.to contain_postgresql__validate_db_connection('test') } it 'should have proper path for validate command' do is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with({ :unless => %r'^/usr/local/bin/validate_postgresql_connection.sh\s+\d+' }) end end describe 'should work while specifying validate_connection in postgresql::client' do let :params do { :database_host => 'test', :database_name => 'test', :database_password => 'test', :database_username => 'test', :database_port => 5432 } end let :pre_condition do "class { 'postgresql::client': validcon_script_path => '/opt/something/validate.sh' }" end it 'should have proper path for validate command' do is_expected.to contain_exec('validate postgres connection for test@test:5432/test').with({ :unless => %r'^/opt/something/validate.sh\s+\d+' }) end end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/config_entry_spec.rb000644 000765 000024 00000006570 12631567404 030741 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::config_entry', :type => :define do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let(:title) { 'config_entry'} let :target do tmpfilename('postgresql_conf') end let :pre_condition do "class {'postgresql::server':}" end context "syntax check" do let(:params) { { :ensure => 'present'} } it { is_expected.to contain_postgresql__server__config_entry('config_entry') } end context 'ports' do context 'redhat 6' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} it 'stops postgresql and changes the port' do is_expected.to contain_exec('postgresql_stop_port') is_expected.to contain_augeas('override PGPORT in /etc/sysconfig/pgsql/postgresql') end end context 'redhat 7' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '7.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} it 'stops postgresql and changes the port' do is_expected.to contain_file('systemd-override') is_expected.to contain_exec('restart-systemd') end end context 'fedora 19' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '19', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} it 'stops postgresql and changes the port' do is_expected.to contain_file('systemd-override') is_expected.to contain_exec('restart-systemd') end end end context "data_directory" do let(:params) {{ :ensure => 'present', :name => 'data_directory_spec', :value => '/var/pgsql' }} it 'stops postgresql and changes the data directory' do is_expected.to contain_exec('postgresql_data_directory') is_expected.to contain_augeas('override PGDATA in /etc/sysconfig/pgsql/postgresql') end end context "passes values through appropriately" do let(:params) {{ :ensure => 'present', :name => 'check_function_bodies', :value => 'off' }} it 'with no quotes' do is_expected.to contain_postgresql_conf('check_function_bodies').with({ :name => 'check_function_bodies', :value => 'off' }) end end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/database_grant_spec.rb000644 000765 000024 00000001377 12631567404 031212 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::database_grant', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :params do { :privilege => 'ALL', :db => 'test', :role => 'test', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__database_grant('test') } it { is_expected.to contain_postgresql__server__grant('database:test') } end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/database_spec.rb000644 000765 000024 00000001535 12631567444 030017 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::database', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__database('test') } it { is_expected.to contain_postgresql_psql("Check for existence of db 'test'") } context "with comment set to 'test comment'" do let (:params) {{ :comment => 'test comment' }} it { is_expected.to contain_postgresql_psql("COMMENT ON DATABASE test IS 'test comment'") } end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/db_spec.rb000644 000765 000024 00000002551 12631567404 026633 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::db', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end context 'without dbname param' do let :params do { :user => 'test', :password => 'test', :owner => 'tester', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__db('test') } it { is_expected.to contain_postgresql__server__database('test').with_owner('tester') } it { is_expected.to contain_postgresql__server__role('test').that_comes_before('Postgresql::Server::Database[test]') } it { is_expected.to contain_postgresql__server__database_grant('GRANT test - ALL - test') } end context 'dbname' do let :params do { :dbname => 'testtest', :user => 'test', :password => 'test', :owner => 'tester', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__database('testtest') } end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/extension_spec.rb000644 000765 000024 00000005736 12631567444 030276 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::extension', :type => :define do let :pre_condition do "class { 'postgresql::server': } postgresql::server::database { 'template_postgis': template => 'template1', }" end let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('postgis'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let (:title) { 'postgis' } let (:params) { { :database => 'template_postgis', } } context "with mandatory arguments only" do it { is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ :db => 'template_postgis', :command => 'CREATE EXTENSION "postgis"', :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count = 1", }).that_requires('Postgresql::Server::Database[template_postgis]') } end context "when setting package name" do let (:params) { super().merge({ :package_name => 'postgis', }) } it { is_expected.to contain_package('Postgresql extension postgis').with({ :ensure => 'present', :name => 'postgis', }).that_comes_before('Postgresql_psql[Add postgis extension to template_postgis]') } end context "when ensuring absence" do let (:params) { super().merge({ :ensure => 'absent', :package_name => 'postgis', }) } it { is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ :db => 'template_postgis', :command => 'DROP EXTENSION "postgis"', :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count != 1", }).that_requires('Postgresql::Server::Database[template_postgis]') } it { is_expected.to contain_package('Postgresql extension postgis').with({ :ensure => 'absent', :name => 'postgis', }) } context "when keeping package installed" do let (:params) { super().merge({ :package_ensure => 'present', }) } it { is_expected.to contain_postgresql_psql('Add postgis extension to template_postgis').with({ :db => 'template_postgis', :command => 'DROP EXTENSION "postgis"', :unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = 'postgis') as t WHERE t.count != 1", }).that_requires('Postgresql::Server::Database[template_postgis]') } it { is_expected.to contain_package('Postgresql extension postgis').with({ :ensure => 'present', :name => 'postgis', }).that_requires('Postgresql_psql[Add postgis extension to template_postgis]') } end end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/grant_spec.rb000644 000765 000024 00000004667 12631567444 027377 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::grant', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end context 'plain' do let :params do { :db => 'test', :role => 'test', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__grant('test') } end context 'sequence' do let :params do { :db => 'test', :role => 'test', :privilege => 'usage', :object_type => 'sequence', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with( { 'command' => "GRANT USAGE ON SEQUENCE \"test\" TO\n \"test\"", 'unless' => "SELECT 1 WHERE has_sequence_privilege('test',\n 'test', 'USAGE')", }) } end context 'all sequences' do let :params do { :db => 'test', :role => 'test', :privilege => 'usage', :object_type => 'all sequences in schema', :object_name => 'public', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__grant('test') } it { is_expected.to contain_postgresql_psql('grant:test').with( { 'command' => "GRANT USAGE ON ALL SEQUENCES IN SCHEMA \"public\" TO\n \"test\"", 'unless' => "SELECT 1 FROM (\n SELECT sequence_name\n FROM information_schema.sequences\n WHERE sequence_schema='public'\n EXCEPT DISTINCT\n SELECT object_name as sequence_name\n FROM information_schema.role_usage_grants\n WHERE object_type='SEQUENCE'\n AND grantee='test'\n AND object_schema='public'\n AND privilege_type='USAGE'\n ) P\n HAVING count(P.sequence_name) = 0", }) } end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/pg_hba_rule_spec.rb000644 000765 000024 00000011037 12631567404 030514 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::pg_hba_rule', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('pg_hba'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :target do tmpfilename('pg_hba_rule') end context 'test template 1' do let :pre_condition do <<-EOS class { 'postgresql::server': } EOS end let :params do { :type => 'host', :database => 'all', :user => 'all', :address => '1.1.1.1/24', :auth_method => 'md5', :target => target, } end it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ :content => /host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5/ }) end end context 'test template 2' do let :pre_condition do <<-EOS class { 'postgresql::server': } EOS end let :params do { :type => 'local', :database => 'all', :user => 'all', :auth_method => 'ident', :target => target, } end it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ :content => /local\s+all\s+all\s+ident/ }) end end context 'test template 3' do let :pre_condition do <<-EOS class { 'postgresql::server': } EOS end let :params do { :type => 'host', :database => 'all', :user => 'all', :address => '0.0.0.0/0', :auth_method => 'ldap', :auth_option => 'foo=bar', :target => target, } end it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ :content => /host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar/ }) end end context 'validation' do context 'validate type test 1' do let :pre_condition do <<-EOS class { 'postgresql::server': } EOS end let :params do { :type => 'invalid', :database => 'all', :user => 'all', :address => '0.0.0.0/0', :auth_method => 'ldap', :target => target, } end it 'should fail parsing when type is not valid' do expect { catalogue }.to raise_error(Puppet::Error, /The type you specified \[invalid\] must be one of/) end end context 'validate auth_method' do let :pre_condition do <<-EOS class { 'postgresql::server': } EOS end let :params do { :type => 'local', :database => 'all', :user => 'all', :address => '0.0.0.0/0', :auth_method => 'invalid', :target => target, } end it 'should fail parsing when auth_method is not valid' do expect { catalogue }.to raise_error(Puppet::Error, /The auth_method you specified \[invalid\] must be one of/) end end context 'validate unsupported auth_method' do let :pre_condition do <<-EOS class { 'postgresql::globals': version => '9.0', } class { 'postgresql::server': } EOS end let :params do { :type => 'local', :database => 'all', :user => 'all', :address => '0.0.0.0/0', :auth_method => 'peer', :target => target, } end it 'should fail parsing when auth_method is not valid' do expect { catalogue }.to raise_error(Puppet::Error, /The auth_method you specified \[peer\] must be one of: trust, reject, md5, password, gss, sspi, krb5, ident, ldap, radius, cert, pam/) end end context 'validate supported auth_method' do let :pre_condition do <<-EOS class { 'postgresql::globals': version => '9.2', } class { 'postgresql::server': } EOS end let :params do { :type => 'local', :database => 'all', :user => 'all', :address => '0.0.0.0/0', :auth_method => 'peer', :target => target, } end it do is_expected.to contain_concat__fragment('pg_hba_rule_test').with({ :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/ }) end end end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/pg_ident_rule_spec.rb000644 000765 000024 00000003201 12631567404 031057 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::pg_ident_rule', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('pg_ident'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :target do tmpfilename('pg_ident_rule') end context 'managing pg_ident' do let :pre_condition do <<-EOS class { 'postgresql::globals': manage_pg_ident_conf => true, } class { 'postgresql::server': } EOS end let :params do { :map_name => 'thatsmymap', :system_username => 'systemuser', :database_username => 'dbuser', } end it do is_expected.to contain_concat__fragment('pg_ident_rule_test').with({ :content => /thatsmymap\s+systemuser\s+dbuser/ }) end end context 'not managing pg_ident' do let :pre_condition do <<-EOS class { 'postgresql::globals': manage_pg_ident_conf => false, } class { 'postgresql::server': } EOS end let :params do { :map_name => 'thatsmymap', :system_username => 'systemuser', :database_username => 'dbuser', } end it 'should fail because $manage_pg_ident_conf is false' do expect { catalogue }.to raise_error(Puppet::Error, /postgresql::server::manage_pg_ident_conf has been disabled/) end end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/recovery_spec.rb000644 000765 000024 00000007777 12631567404 030123 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::recovery', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('recovery'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :target do tmpfilename('recovery') end context 'managing recovery' do let :pre_condition do <<-EOS class { 'postgresql::globals': manage_recovery_conf => true, } class { 'postgresql::server': } EOS end let :params do { :restore_command => 'restore_command', :recovery_target_timeline => 'recovery_target_timeline', } end it do is_expected.to contain_concat__fragment('recovery.conf').with({ :content => /restore_command = 'restore_command'[\n]+recovery_target_timeline = 'recovery_target_timeline'/ }) end end context 'not managing recovery' do let :pre_condition do <<-EOS class { 'postgresql::globals': manage_recovery_conf => false, } class { 'postgresql::server': } EOS end let :params do { :restore_command => '', } end it 'should fail because $manage_recovery_conf is false' do expect { catalogue }.to raise_error(Puppet::Error, /postgresql::server::manage_recovery_conf has been disabled/) end end context 'not managing recovery, missing param' do let :pre_condition do <<-EOS class { 'postgresql::globals': manage_recovery_conf => true, } class { 'postgresql::server': } EOS end it 'should fail because no param set' do expect { catalogue }.to raise_error(Puppet::Error, /postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense./) end end context 'managing recovery with all params' do let :pre_condition do <<-EOS class { 'postgresql::globals': manage_recovery_conf => true, } class { 'postgresql::server': } EOS end let :params do { :restore_command => 'restore_command', :archive_cleanup_command => 'archive_cleanup_command', :recovery_end_command => 'recovery_end_command', :recovery_target_name => 'recovery_target_name', :recovery_target_time => 'recovery_target_time', :recovery_target_xid => 'recovery_target_xid', :recovery_target_inclusive => true, :recovery_target => 'recovery_target', :recovery_target_timeline => 'recovery_target_timeline', :pause_at_recovery_target => true, :standby_mode => 'on', :primary_conninfo => 'primary_conninfo', :primary_slot_name => 'primary_slot_name', :trigger_file => 'trigger_file', :recovery_min_apply_delay => 0, } end it do is_expected.to contain_concat__fragment('recovery.conf').with({ :content => /restore_command = 'restore_command'[\n]+archive_cleanup_command = 'archive_cleanup_command'[\n]+recovery_end_command = 'recovery_end_command'[\n]+recovery_target_name = 'recovery_target_name'[\n]+recovery_target_time = 'recovery_target_time'[\n]+recovery_target_xid = 'recovery_target_xid'[\n]+recovery_target_inclusive = true[\n]+recovery_target = 'recovery_target'[\n]+recovery_target_timeline = 'recovery_target_timeline'[\n]+pause_at_recovery_target = true[\n]+standby_mode = on[\n]+primary_conninfo = 'primary_conninfo'[\n]+primary_slot_name = 'primary_slot_name'[\n]+trigger_file = 'trigger_file'[\n]+recovery_min_apply_delay = 0[\n]+/ }) end end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/role_spec.rb000644 000765 000024 00000002750 12631567444 027214 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::role', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :params do { :password_hash => 'new-pa$s', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__role('test') } it 'should have create role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('CREATE ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "CREATE ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOGIN NOCREATEROLE NOCREATEDB NOSUPERUSER CONNECTION LIMIT -1", 'environment' => "NEWPGPASSWD=new-pa$s", 'unless' => "SELECT rolname FROM pg_roles WHERE rolname='test'", }) end it 'should have alter role for "test" user with password as ****' do is_expected.to contain_postgresql_psql('ALTER ROLE test ENCRYPTED PASSWORD ****').with({ 'command' => "ALTER ROLE \"test\" ENCRYPTED PASSWORD '$NEWPGPASSWD'", 'environment' => "NEWPGPASSWD=new-pa$s", 'unless' => "SELECT usename FROM pg_shadow WHERE usename='test' and passwd='md5b6f7fcbbabb4befde4588a26c1cfd2fa'", }) end end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/schema_spec.rb000644 000765 000024 00000001206 12631567404 027502 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::schema', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('schema'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :params do { :owner => 'jane', :db => 'janedb', } end let :pre_condition do "class {'postgresql::server':}" end it { should contain_postgresql__server__schema('test') } end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/table_grant_spec.rb000644 000765 000024 00000001421 12631567404 030523 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::table_grant', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('table_grant'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :params do { :privilege => 'ALL', :db => 'test', :role => 'test', :table => 'foo', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__table_grant('test') } it { is_expected.to contain_postgresql__server__grant('table:test') } end puppetlabs-postgresql-4.6.1/spec/unit/defines/server/tablespace_spec.rb000644 000765 000024 00000001214 12631567404 030344 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::tablespace', :type => :define do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('tablespace'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :title do 'test' end let :params do { :location => '/srv/data/foo', } end let :pre_condition do "class {'postgresql::server':}" end it { is_expected.to contain_postgresql__server__tablespace('test') } end puppetlabs-postgresql-4.6.1/spec/unit/classes/client_spec.rb000644 000765 000024 00000002140 12631567404 026230 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::client', :type => :class do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end describe 'with parameters' do let :params do { :validcon_script_path => '/opt/bin/my-validate-con.sh', :package_ensure => 'absent', :package_name => 'mypackage', :file_ensure => 'file' } end it 'should modify package' do is_expected.to contain_package("postgresql-client").with({ :ensure => 'absent', :name => 'mypackage', :tag => 'postgresql', }) end it 'should have specified validate connexion' do should contain_file('/opt/bin/my-validate-con.sh').with({ :ensure => 'file', :owner => 0, :group => 0, :mode => '0755' }) end end describe 'with no parameters' do it 'should create package with postgresql tag' do is_expected.to contain_package('postgresql-client').with({ :tag => 'postgresql', }) end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/globals_spec.rb000644 000765 000024 00000003220 12631567404 026375 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::globals', :type => :class do context "on a debian 6" do let (:facts) do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze', } end describe 'with no parameters' do it 'should work' do is_expected.to contain_class("postgresql::globals") end end describe 'manage_package_repo => true' do let(:params) do { :manage_package_repo => true, } end it 'should pull in class postgresql::repo' do is_expected.to contain_class("postgresql::repo") end end end context 'on redhat family systems' do let (:facts) do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '7.1', } end describe 'with no parameters' do it 'should work' do is_expected.to contain_class("postgresql::globals") end end describe 'manage_package_repo on RHEL => true' do let(:params) do { :manage_package_repo => true, :repo_proxy => 'http://proxy-server:8080', } end it 'should pull in class postgresql::repo' do is_expected.to contain_class("postgresql::repo") end it do should contain_yumrepo('yum.postgresql.org').with( 'enabled' => '1', 'proxy' => 'http://proxy-server:8080' ) end end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/lib/000755 000765 000024 00000000000 12631567457 024174 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/classes/params_spec.rb000644 000765 000024 00000000424 12631567404 026240 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::params', :type => :class do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end it { is_expected.to contain_class("postgresql::params") } end puppetlabs-postgresql-4.6.1/spec/unit/classes/repo_spec.rb000644 000765 000024 00000000767 12631567404 025734 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::repo', :type => :class do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :lsbdistid => 'Debian', :lsbdistcodename => 'squeeze', } end describe 'with no parameters' do it 'should instantiate apt_postgresql_org class' do is_expected.to contain_class('postgresql::repo::apt_postgresql_org') end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/000755 000765 000024 00000000000 12631567457 024734 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/unit/classes/server_spec.rb000644 000765 000024 00000007332 12631567444 026274 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server', :type => :class do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end describe 'with no parameters' do it { is_expected.to contain_class("postgresql::params") } it { is_expected.to contain_class("postgresql::server") } it { is_expected.to contain_exec('postgresql_reload').with({ 'command' => 'service postgresql reload', }) } it 'should validate connection' do is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') end end describe 'service_ensure => running' do let(:params) do { :service_ensure => 'running', :postgres_password => 'new-p@s$word-to-set' } end it { is_expected.to contain_class("postgresql::params") } it { is_expected.to contain_class("postgresql::server") } it { is_expected.to contain_class("postgresql::server::passwd") } it 'should validate connection' do is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') end it 'should set postgres password' do is_expected.to contain_exec('set_postgres_postgrespw').with({ 'command' => '/usr/bin/psql -c "ALTER ROLE \"postgres\" PASSWORD ${NEWPASSWD_ESCAPED}"', 'user' => 'postgres', 'environment' => [ "PGPASSWORD=new-p@s$word-to-set", "NEWPASSWD_ESCAPED=$$new-p@s$word-to-set$$" ], 'unless' => "/usr/bin/psql -h localhost -p 5432 -c 'select 1' > /dev/null", }) end end describe 'service_ensure => stopped' do let(:params) {{ :service_ensure => 'stopped' }} it { is_expected.to contain_class("postgresql::params") } it { is_expected.to contain_class("postgresql::server") } it 'shouldnt validate connection' do is_expected.not_to contain_postgresql__validate_db_connection('validate_service_is_running') end end describe 'service_reload => /bin/true' do let(:params) {{ :service_reload => '/bin/true' }} it { is_expected.to contain_class("postgresql::params") } it { is_expected.to contain_class("postgresql::server") } it { is_expected.to contain_exec('postgresql_reload').with({ 'command' => '/bin/true', }) } it 'should validate connection' do is_expected.to contain_postgresql__validate_db_connection('validate_service_is_running') end end describe 'service_manage => true' do let(:params) {{ :service_manage => true }} it { is_expected.to contain_service('postgresqld') } end describe 'service_manage => false' do let(:params) {{ :service_manage => false }} it { is_expected.not_to contain_service('postgresqld') } it 'shouldnt validate connection' do is_expected.not_to contain_postgresql__validate_db_connection('validate_service_is_running') end end describe 'package_ensure => absent' do let(:params) do { :package_ensure => 'absent', } end it 'should remove the package' do is_expected.to contain_package('postgresql-server').with({ :ensure => 'purged', }) end it 'should still enable the service' do is_expected.to contain_service('postgresqld').with({ :ensure => 'running', }) end end describe 'needs_initdb => true' do let(:params) do { :needs_initdb => true, } end it 'should contain proper initdb exec' do is_expected.to contain_exec('postgresql_initdb') end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/config_spec.rb000644 000765 000024 00000003117 12631567444 027536 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::config', :type => :class do let (:pre_condition) do "include postgresql::server" end describe 'on RedHat 7' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '7.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/postgresql.service/) end describe 'with manage_package_repo => true and a version' do let (:pre_condition) do <<-EOS class { 'postgresql::globals': manage_package_repo => true, version => '9.4', }-> class { 'postgresql::server': } EOS end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql-9.4.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/postgresql-9.4.service/) end end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/contrib_spec.rb000644 000765 000024 00000002047 12631567404 027726 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::contrib', :type => :class do let :pre_condition do "class { 'postgresql::server': }" end let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end describe 'with parameters' do let(:params) do { :package_name => 'mypackage', :package_ensure => 'absent', } end it 'should create package with correct params' do is_expected.to contain_package('postgresql-contrib').with({ :ensure => 'absent', :name => 'mypackage', :tag => 'postgresql', }) end end describe 'with no parameters' do it 'should create package with postgresql tag' do is_expected.to contain_package('postgresql-contrib').with({ :tag => 'postgresql', }) end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/initdb_spec.rb000644 000765 000024 00000002044 12631567444 027540 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::initdb', :type => :class do let (:pre_condition) do "include postgresql::server" end describe 'on RedHat' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } end describe 'on Amazon' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'Amazon', :operatingsystemrelease => '1.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end it { is_expected.to contain_file('/var/lib/pgsql9/data').with_ensure('directory') } end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/plperl_spec.rb000644 000765 000024 00000002270 12631567404 027562 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::plperl', :type => :class do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('plperl'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :pre_condition do "class { 'postgresql::server': }" end describe 'with no parameters' do it { is_expected.to contain_class("postgresql::server::plperl") } it 'should create package' do is_expected.to contain_package('postgresql-plperl').with({ :ensure => 'present', :tag => 'postgresql', }) end end describe 'with parameters' do let :params do { :package_ensure => 'absent', :package_name => 'mypackage', } end it { is_expected.to contain_class("postgresql::server::plperl") } it 'should create package with correct params' do is_expected.to contain_package('postgresql-plperl').with({ :ensure => 'absent', :name => 'mypackage', :tag => 'postgresql', }) end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/plpython_spec.rb000644 000765 000024 00000002360 12631567404 030141 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::plpython', :type => :class do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('plpython'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end let :pre_condition do "class { 'postgresql::server': }" end describe 'on RedHat with no parameters' do it { is_expected.to contain_class("postgresql::server::plpython") } it 'should create package' do is_expected.to contain_package('postgresql-plpython').with({ :ensure => 'present', :tag => 'postgresql', }) end end describe 'with parameters' do let :params do { :package_ensure => 'absent', :package_name => 'mypackage', } end it { is_expected.to contain_class("postgresql::server::plpython") } it 'should create package with correct params' do is_expected.to contain_package('postgresql-plpython').with({ :ensure => 'absent', :name => 'mypackage', :tag => 'postgresql', }) end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/server/postgis_spec.rb000644 000765 000024 00000002047 12631567404 027756 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::server::postgis', :type => :class do let :pre_condition do "class { 'postgresql::server': }" end let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', :kernel => 'Linux', :concat_basedir => tmpfilename('postgis'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', } end describe 'with parameters' do let(:params) do { :package_name => 'mypackage', :package_ensure => 'absent', } end it 'should create package with correct params' do is_expected.to contain_package('postgresql-postgis').with({ :ensure => 'absent', :name => 'mypackage', :tag => 'postgresql', }) end end describe 'with no parameters' do it 'should create package with postgresql tag' do is_expected.to contain_package('postgresql-postgis').with({ :tag => 'postgresql', }) end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/lib/devel_spec.rb000644 000765 000024 00000002727 12631567404 026632 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::lib::devel', :type => :class do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end it { is_expected.to contain_class("postgresql::lib::devel") } describe 'link pg_config to /usr/bin' do it { should_not contain_file('/usr/bin/pg_config') \ .with_ensure('link') \ .with_target('/usr/lib/postgresql/8.4/bin/pg_config') } end describe 'disable link_pg_config' do let(:params) {{ :link_pg_config => false, }} it { should_not contain_file('/usr/bin/pg_config') } end describe 'should not link pg_config on RedHat with default version' do let(:facts) {{ :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.3', :operatingsystemmajrelease => '6', }} it { should_not contain_file('/usr/bin/pg_config') } end describe 'link pg_config on RedHat with non-default version' do let(:facts) {{ :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.3', :operatingsystemmajrelease => '6', }} let :pre_condition do "class { '::postgresql::globals': version => '9.3' }" end it { should contain_file('/usr/bin/pg_config') \ .with_ensure('link') \ .with_target('/usr/pgsql-9.3/bin/pg_config') } end end puppetlabs-postgresql-4.6.1/spec/unit/classes/lib/java_spec.rb000644 000765 000024 00000002126 12631567404 026445 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::lib::java', :type => :class do describe 'on a debian based os' do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end it { is_expected.to contain_package('postgresql-jdbc').with( :name => 'libpostgresql-jdbc-java', :ensure => 'present', :tag => 'postgresql' )} end describe 'on a redhat based os' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', } end it { is_expected.to contain_package('postgresql-jdbc').with( :name => 'postgresql-jdbc', :ensure => 'present', :tag => 'postgresql' )} describe 'when parameters are supplied' do let :params do {:package_ensure => 'latest', :package_name => 'somepackage'} end it { is_expected.to contain_package('postgresql-jdbc').with( :name => 'somepackage', :ensure => 'latest', :tag => 'postgresql' )} end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/lib/perl_spec.rb000644 000765 000024 00000001274 12631567404 026471 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::lib::perl', :type => :class do describe 'on a redhat based os' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', } end it { is_expected.to contain_package('perl-DBD-Pg').with( :name => 'perl-DBD-Pg', :ensure => 'present' )} end describe 'on a debian based os' do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end it { is_expected.to contain_package('perl-DBD-Pg').with( :name => 'libdbd-pg-perl', :ensure => 'present' )} end end puppetlabs-postgresql-4.6.1/spec/unit/classes/lib/pgdocs_spec.rb000644 000765 000024 00000001361 12631567404 027003 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::lib::docs', :type => :class do describe 'on a redhat based os' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', } end it { is_expected.to contain_package('postgresql-docs').with( :name => 'postgresql-docs', :ensure => 'present', :tag => 'postgresql' )} describe 'when parameters are supplied' do let :params do {:package_ensure => 'latest', :package_name => 'somepackage'} end it { is_expected.to contain_package('postgresql-docs').with( :name => 'somepackage', :ensure => 'latest', :tag => 'postgresql' )} end end end puppetlabs-postgresql-4.6.1/spec/unit/classes/lib/python_spec.rb000644 000765 000024 00000001313 12631567404 027042 0ustar00helencampbellstaff000000 000000 require 'spec_helper' describe 'postgresql::lib::python', :type => :class do describe 'on a redhat based os' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', } end it { is_expected.to contain_package('python-psycopg2').with( :name => 'python-psycopg2', :ensure => 'present' )} end describe 'on a debian based os' do let :facts do { :osfamily => 'Debian', :operatingsystem => 'Debian', :operatingsystemrelease => '6.0', } end it { is_expected.to contain_package('python-psycopg2').with( :name => 'python-psycopg2', :ensure => 'present' )} end end puppetlabs-postgresql-4.6.1/spec/acceptance/00-utf8_encoding_spec.rb000644 000765 000024 00000001765 12631567404 027411 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'with defaults' do pp = <<-EOS class { 'postgresql::globals': encoding => 'UTF8', locale => 'en_NG', } -> class { 'postgresql::server': } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe port(5432) do it { is_expected.to be_listening } end it 'can connect with psql' do psql('--command="\l" postgres', 'postgres') do |r| expect(r.stdout).to match(/List of databases/) end end it 'must set UTF8 as template1 encoding' do psql('--command="SELECT pg_encoding_to_char(encoding) FROM pg_database WHERE datname=\'template1\'"') do |r| expect(r.stdout).to match(/UTF8/) end end end puppetlabs-postgresql-4.6.1/spec/acceptance/alternative_port_spec.rb000644 000765 000024 00000001237 12631567404 030014 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' # These tests ensure that postgres can change itself to an alternative port # properly. describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'on an alternative port' do pp = <<-EOS class { 'postgresql::server': port => '55433' } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe port(55433) do it { is_expected.to be_listening } end it 'can connect with psql' do psql('-p 55433 --command="\l" postgres', 'postgres') do |r| expect(r.stdout).to match(/List of databases/) end end end puppetlabs-postgresql-4.6.1/spec/acceptance/db_spec.rb000644 000765 000024 00000004005 12631567404 025013 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' describe 'postgresql::server::db', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'creates a database' do begin tmpdir = default.tmpdir('postgresql') pp = <<-EOS class { 'postgresql::server': postgres_password => 'space password', } postgresql::server::tablespace { 'postgresql_test_db': location => '#{tmpdir}', } -> postgresql::server::db { 'postgresql_test_db': comment => 'testcomment', user => 'test', password => 'test1', tablespace => 'postgresql_test_db', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) # Verify that the postgres password works shell("echo 'localhost:*:*:postgres:space password' > /root/.pgpass") shell("chmod 600 /root/.pgpass") shell("psql -U postgres -h localhost --command='\\l'") psql('--command="select datname from pg_database" postgresql_test_db') do |r| expect(r.stdout).to match(/postgresql_test_db/) expect(r.stderr).to eq('') end psql('--command="SELECT 1 FROM pg_roles WHERE rolname=\'test\'"') do |r| expect(r.stdout).to match(/\(1 row\)/) end result = shell('psql --version') version = result.stdout.match(%r{\s(\d\.\d)})[1] if version > "8.1" comment_information_function = "shobj_description" else comment_information_function = "obj_description" end psql("--dbname postgresql_test_db --command=\"SELECT pg_catalog.#{comment_information_function}(d.oid, 'pg_database') FROM pg_catalog.pg_database d WHERE datname = 'postgresql_test_db' AND pg_catalog.#{comment_information_function}(d.oid, 'pg_database') = 'testcomment'\"") do |r| expect(r.stdout).to match(/\(1 row\)/) end ensure psql('--command="drop database postgresql_test_db" postgres') psql('--command="DROP USER test"') end end end puppetlabs-postgresql-4.6.1/spec/acceptance/default_parameters_spec.rb000644 000765 000024 00000001267 12631567404 030304 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' # These tests are designed to ensure that the module, when ran with defaults, # sets up everything correctly and allows us to connect to Postgres. describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'with defaults' do pp = <<-EOS class { 'postgresql::server': } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe port(5432) do it { is_expected.to be_listening } end it 'can connect with psql' do psql('--command="\l" postgres', 'postgres') do |r| expect(r.stdout).to match(/List of databases/) end end end puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/000755 000765 000024 00000000000 12631567457 024724 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/acceptance/postgresql_psql_spec.rb000644 000765 000024 00000012723 12631567404 027676 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' describe 'postgresql_psql', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'should always run SQL' do pp = <<-EOS class { 'postgresql::server': } -> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select 1', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => true) end it 'should run some SQL when the unless query returns no rows' do pp = <<-EOS class { 'postgresql::server': } -> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select 1', unless => 'select 1 where 1=2', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => true) end it 'should not run SQL when the unless query returns rows' do pp = <<-EOS class { 'postgresql::server': } -> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select * from pg_database limit 1', unless => 'select 1 where 1=1', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end it 'should not run SQL when refreshed and the unless query returns rows' do pp = <<-EOS class { 'postgresql::server': } -> notify { 'trigger': } ~> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'invalid sql statement', unless => 'select 1 where 1=1', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => true) end context 'with refreshonly' do it 'should not run SQL when the unless query returns no rows' do pp = <<-EOS class { 'postgresql::server': } -> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select 1', unless => 'select 1 where 1=2', refreshonly => true, } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end it 'should run SQL when refreshed and the unless query returns no rows' do pp = <<-EOS.unindent class { 'postgresql::server': } -> notify { 'trigger': } ~> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select 1', unless => 'select 1 where 1=2', refreshonly => true, } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => true) end it 'should not run SQL when refreshed and the unless query returns rows' do pp = <<-EOS.unindent class { 'postgresql::server': } -> notify { 'trigger': } ~> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'invalid sql query', unless => 'select 1 where 1=1', refreshonly => true, } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => true) end end it 'should not run some SQL when the onlyif query returns no rows' do pp = <<-EOS class { 'postgresql::server': } -> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select 1', onlyif => 'select 1 where 1=2', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end it 'should run SQL when the onlyif query returns rows' do pp = <<-EOS class { 'postgresql::server': } -> postgresql_psql { 'foobar': db => 'postgres', psql_user => 'postgres', command => 'select * from pg_database limit 1', onlyif => 'select 1 where 1=1', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => true) end context 'with secure password passing by environment' do it 'should run SQL that contanins password passed by environment' do select = "select \\'$PASS_TO_EMBED\\'" pp = <<-EOS.unindent class { 'postgresql::server': } -> postgresql_psql { 'password embedded by environment: #{select}': db => 'postgres', psql_user => 'postgres', command => '#{select}', environment => [ 'PASS_TO_EMBED=pa$swD', ], } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => false) end it 'should run SQL that contanins password passed by environment in check' do select = "select 1 where \\'$PASS_TO_EMBED\\'=\\'passwD\\'" pp = <<-EOS.unindent class { 'postgresql::server': } -> postgresql_psql { 'password embedded by environment in check: #{select}': db => 'postgres', psql_user => 'postgres', command => 'invalid sql query', unless => '#{select}', environment => [ 'PASS_TO_EMBED=passwD', ], } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :expect_changes => false) end end end puppetlabs-postgresql-4.6.1/spec/acceptance/server/000755 000765 000024 00000000000 12631567457 024406 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/spec/acceptance/z_alternative_pgdata_spec.rb000644 000765 000024 00000002043 12631567404 030615 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' # These tests ensure that postgres can change itself to an alternative pgdata # location properly. # Allow postgresql to use /tmp/* as a datadir if fact('osfamily') == 'RedHat' and fact('selinux') == 'true' shell 'setenforce 0' end describe 'postgres::server', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'on an alternative pgdata location' do pp = <<-EOS #file { '/var/lib/pgsql': ensure => directory, } -> # needs_initdb will be true by default for all OS's except Debian # in order to change the datadir we need to tell it explicitly to call initdb class { 'postgresql::server': datadir => '/tmp/data', needs_initdb => true } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe file('/tmp/data') do it { should be_directory } end it 'can connect with psql' do psql('--command="\l" postgres', 'postgres') do |r| expect(r.stdout).to match(/List of databases/) end end end puppetlabs-postgresql-4.6.1/spec/acceptance/server/recovery_spec.rb000644 000765 000024 00000003206 12631567404 027574 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' describe 'postgresql::server::recovery', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'should manage recovery' do after(:all) do pp = <<-EOS.unindent file { '/tmp/recovery.conf': ensure => absent, } EOS apply_manifest(pp, :catch_failures => true) end it 'adds conf file' do pp = <<-EOS.unindent class { 'postgresql::globals': recovery_conf_path => '/tmp/recovery.conf', manage_recovery_conf => true, } class { 'postgresql::server': } # Create a recovery.conf file postgresql::server::recovery { "recovery.conf": restore_command => 'restore_command', recovery_target_timeline => 'recovery_target_timeline', } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe file('/tmp/recovery.conf') do it { is_expected.to be_file } it { is_expected.to contain /restore_command = 'restore_command'/ } it { is_expected.to contain /recovery_target_timeline = 'recovery_target_timeline'/ } end end describe 'should not manage recovery' do it 'does not add conf file' do pp = <<-EOS.unindent class { 'postgresql::globals': manage_recovery_conf => false, } class { 'postgresql::server': } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) end describe file('/tmp/recovery.conf') do it { is_expected.not_to be_file } end end end puppetlabs-postgresql-4.6.1/spec/acceptance/server/schema_spec.rb000644 000765 000024 00000003253 12631567404 027200 0ustar00helencampbellstaff000000 000000 require 'spec_helper_acceptance' describe 'postgresql::server::schema:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'should create a schema for a user' do begin pp = <<-EOS.unindent $db = 'schema_test' $user = 'psql_schema_tester' $password = 'psql_schema_pw' class { 'postgresql::server': } # Since we are not testing pg_hba or any of that, make a local user for ident auth user { $user: ensure => present, } postgresql::server::role { $user: password_hash => postgresql_password($user, $password), } postgresql::server::database { $db: owner => $user, require => Postgresql::Server::Role[$user], } # Create a rule for the user postgresql::server::pg_hba_rule { "allow ${user}": type => 'local', database => $db, user => $user, auth_method => 'ident', order => 1, } postgresql::server::schema { $user: db => $db, owner => $user, require => Postgresql::Server::Database[$db], } EOS apply_manifest(pp, :catch_failures => true) apply_manifest(pp, :catch_changes => true) ## Check that the user can create a table in the database psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r| expect(r.stdout).to match(/CREATE TABLE/) expect(r.stderr).to eq('') end ensure psql('--command="drop table psql_schema_tester.foo" schema_test', 'psql_schema_tester') end end end puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/centos-510-x64.yml000644 000765 000024 00000000377 12631567404 027663 0ustar00helencampbellstaff000000 000000 HOSTS: centos-510-x64: roles: - master platform: el-5-x86_64 box : centos-510-x64-virtualbox-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box hypervisor : vagrant CONFIG: type: git puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/centos-59-x64.yml000644 000765 000024 00000000370 12631567404 027604 0ustar00helencampbellstaff000000 000000 HOSTS: centos-59-x64: roles: - master platform: el-5-x86_64 box : centos-59-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: git puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/centos-64-x64-pe.yml000644 000765 000024 00000000432 12631567404 030201 0ustar00helencampbellstaff000000 000000 HOSTS: centos-64-x64: roles: - master - database - dashboard platform: el-6-x86_64 box : centos-64-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: pe puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/centos-64-x64.yml000644 000765 000024 00000000370 12631567404 027600 0ustar00helencampbellstaff000000 000000 HOSTS: centos-64-x64: roles: - master platform: el-6-x86_64 box : centos-64-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: git puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/centos-65-x64.yml000644 000765 000024 00000000372 12631567404 027603 0ustar00helencampbellstaff000000 000000 HOSTS: centos-65-x64: roles: - master platform: el-6-x86_64 box : centos-65-x64-vbox436-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box hypervisor : vagrant CONFIG: type: foss puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/debian-607-x64.yml000644 000765 000024 00000000376 12631567404 027620 0ustar00helencampbellstaff000000 000000 HOSTS: debian-607-x64: roles: - master platform: debian-6-amd64 box : debian-607-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: git puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/debian-73-x64.yml000644 000765 000024 00000000377 12631567404 027536 0ustar00helencampbellstaff000000 000000 HOSTS: debian-73-x64: roles: - master platform: debian-7-amd64 box : debian-73-x64-virtualbox-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box hypervisor : vagrant CONFIG: type: git puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/default.yml000644 000765 000024 00000000370 12631567404 027063 0ustar00helencampbellstaff000000 000000 HOSTS: centos-64-x64: roles: - master platform: el-6-x86_64 box : centos-64-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: git puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml000644 000765 000024 00000000436 12631567404 031355 0ustar00helencampbellstaff000000 000000 HOSTS: ubuntu-server-10044-x64: roles: - master platform: ubuntu-10.04-amd64 box : ubuntu-server-10044-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: foss puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml000644 000765 000024 00000000436 12631567404 031355 0ustar00helencampbellstaff000000 000000 HOSTS: ubuntu-server-12042-x64: roles: - master platform: ubuntu-12.04-amd64 box : ubuntu-server-12042-x64-vbox4210-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box hypervisor : vagrant CONFIG: type: foss puppetlabs-postgresql-4.6.1/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml000644 000765 000024 00000000420 12631567404 031266 0ustar00helencampbellstaff000000 000000 HOSTS: ubuntu-server-1404-x64: roles: - master platform: ubuntu-14.04-amd64 box : puppetlabs/ubuntu-14.04-64-nocm box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm hypervisor : vagrant CONFIG: log_level : debug type: git puppetlabs-postgresql-4.6.1/manifests/client.pp000644 000765 000024 00000001317 12631567404 023662 0ustar00helencampbellstaff000000 000000 # Install client cli tool. See README.md for more details. class postgresql::client ( $file_ensure = 'file', $validcon_script_path = $postgresql::params::validcon_script_path, $package_name = $postgresql::params::client_package_name, $package_ensure = 'present' ) inherits postgresql::params { validate_absolute_path($validcon_script_path) validate_string($package_name) package { 'postgresql-client': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } file { $validcon_script_path: ensure => $file_ensure, source => 'puppet:///modules/postgresql/validate_postgresql_connection.sh', owner => 0, group => 0, mode => '0755', } } puppetlabs-postgresql-4.6.1/manifests/globals.pp000644 000765 000024 00000007631 12631567444 024040 0ustar00helencampbellstaff000000 000000 # Class for setting cross-class global overrides. See README.md for more # details. class postgresql::globals ( $client_package_name = undef, $server_package_name = undef, $contrib_package_name = undef, $devel_package_name = undef, $java_package_name = undef, $docs_package_name = undef, $perl_package_name = undef, $plperl_package_name = undef, $plpython_package_name = undef, $python_package_name = undef, $postgis_package_name = undef, $service_name = undef, $service_provider = undef, $service_status = undef, $default_database = undef, $validcon_script_path = undef, $initdb_path = undef, $createdb_path = undef, $psql_path = undef, $pg_hba_conf_path = undef, $pg_ident_conf_path = undef, $postgresql_conf_path = undef, $recovery_conf_path = undef, $pg_hba_conf_defaults = undef, $datadir = undef, $confdir = undef, $bindir = undef, $xlogdir = undef, $logdir = undef, $user = undef, $group = undef, $version = undef, $postgis_version = undef, $repo_proxy = undef, $needs_initdb = undef, $encoding = undef, $locale = undef, $manage_pg_hba_conf = undef, $manage_pg_ident_conf = undef, $manage_recovery_conf = undef, $manage_package_repo = undef, ) { # We are determining this here, because it is needed by the package repo # class. $default_version = $::osfamily ? { /^(RedHat|Linux)/ => $::operatingsystem ? { 'Fedora' => $::operatingsystemrelease ? { /^(21)$/ => '9.3', /^(18|19|20)$/ => '9.2', /^(17)$/ => '9.1', default => undef, }, 'Amazon' => '9.2', default => $::operatingsystemrelease ? { /^7\./ => '9.2', /^6\./ => '8.4', /^5\./ => '8.1', default => undef, }, default => $::operatingsystemrelease ? { /^7\./ => '9.2', /^6\./ => '8.4', /^5\./ => '8.1', default => undef, }, }, 'Debian' => $::operatingsystem ? { 'Debian' => $::operatingsystemrelease ? { /^6\./ => '8.4', /^(wheezy|7\.)/ => '9.1', /^(jessie|8\.)/ => '9.4', default => undef, }, 'Ubuntu' => $::operatingsystemrelease ? { /^(15.04)$/ => '9.4', /^(14.10)$/ => '9.4', /^(14.04)$/ => '9.3', /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', /^(10.04|10.10|11.04)$/ => '8.4', default => undef, }, default => undef, }, 'Archlinux' => $::operatingsystem ? { /Archlinux/ => '9.2', default => '9.2', }, 'FreeBSD' => '93', 'OpenBSD' => '9.3', 'Suse' => $::operatingsystem ? { 'SLES' => $::operatingsystemrelease ? { /11\.[0-4]/ => '91', default => '93', }, 'OpenSuSE' => $::operatingsystemrelease ? { '13.2' => '93', }, default => undef, }, default => undef, } $globals_version = pick($version, $default_version, 'unknown') if($globals_version == 'unknown') { fail('No preferred version defined or automatically detected.') } $default_postgis_version = $globals_version ? { '8.1' => '1.3.6', '8.4' => '1.5', '9.0' => '1.5', '9.1' => '1.5', '91' => '1.5', '9.2' => '2.0', '9.3' => '2.1', '9.4' => '2.1', '93' => '2.1', default => undef, } $globals_postgis_version = $postgis_version ? { undef => $default_postgis_version, default => $postgis_version, } # Setup of the repo only makes sense globally, so we are doing this here. if($manage_package_repo) { class { 'postgresql::repo': version => $globals_version, proxy => $repo_proxy, } } } puppetlabs-postgresql-4.6.1/manifests/lib/000755 000765 000024 00000000000 12631567457 022617 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/manifests/params.pp000644 000765 000024 00000034033 12631567444 023674 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not use directly class postgresql::params inherits postgresql::globals { $version = $postgresql::globals::globals_version $postgis_version = $postgresql::globals::globals_postgis_version $listen_addresses = 'localhost' $port = 5432 $ip_mask_deny_postgres_user = '0.0.0.0/0' $ip_mask_allow_all_users = '127.0.0.1/32' $ipv4acls = [] $ipv6acls = [] $encoding = $postgresql::globals::encoding $locale = $postgresql::globals::locale $service_ensure = 'running' $service_enable = true $service_manage = true $service_provider = $service_provider $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) $manage_pg_ident_conf = pick($manage_pg_ident_conf, true) $manage_recovery_conf = pick($manage_recovery_conf, false) $package_ensure = 'present' # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. case $::osfamily { 'RedHat', 'Linux': { $link_pg_config = true $user = pick($user, 'postgres') $group = pick($group, 'postgres') $needs_initdb = pick($needs_initdb, true) $version_parts = split($version, '[.]') $package_version = "${version_parts[0]}${version_parts[1]}" if $version == $postgresql::globals::default_version { $client_package_name = pick($client_package_name, 'postgresql') $server_package_name = pick($server_package_name, 'postgresql-server') $contrib_package_name = pick($contrib_package_name,'postgresql-contrib') $devel_package_name = pick($devel_package_name, 'postgresql-devel') $java_package_name = pick($java_package_name, 'postgresql-jdbc') $docs_package_name = pick($docs_package_name, 'postgresql-docs') $plperl_package_name = pick($plperl_package_name, 'postgresql-plperl') $plpython_package_name = pick($plpython_package_name, 'postgresql-plpython') $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/bin') $datadir = $::operatingsystem ? { 'Amazon' => pick($datadir, '/var/lib/pgsql9/data'), default => pick($datadir, '/var/lib/pgsql/data'), } $confdir = pick($confdir, $datadir) } else { $client_package_name = pick($client_package_name, "postgresql${package_version}") $server_package_name = pick($server_package_name, "postgresql${package_version}-server") $contrib_package_name = pick($contrib_package_name,"postgresql${package_version}-contrib") $devel_package_name = pick($devel_package_name, "postgresql${package_version}-devel") $java_package_name = pick($java_package_name, "postgresql${package_version}-jdbc") $docs_package_name = pick($docs_package_name, "postgresql${package_version}-docs") $plperl_package_name = pick($plperl_package_name, "postgresql${package_version}-plperl") $plpython_package_name = pick($plpython_package_name, "postgresql${package_version}-plpython") $service_name = pick($service_name, "postgresql-${version}") $bindir = pick($bindir, "/usr/pgsql-${version}/bin") $datadir = $::operatingsystem ? { 'Amazon' => pick($datadir, "/var/lib/pgsql9/${version}/data"), default => pick($datadir, "/var/lib/pgsql/${version}/data"), } $confdir = pick($confdir, $datadir) } $psql_path = pick($psql_path, "${bindir}/psql") $service_status = $service_status $service_reload = "service ${service_name} reload" $perl_package_name = pick($perl_package_name, 'perl-DBD-Pg') $python_package_name = pick($python_package_name, 'python-psycopg2') $postgis_package_name = pick( $postgis_package_name, $::operatingsystemrelease ? { /^5\./ => 'postgis', default => versioncmp($postgis_version, '2') ? { '-1' => "postgis${package_version}", default => "postgis2_${package_version}",} } ) } 'Archlinux': { $link_pg_config = true $needs_initdb = pick($needs_initdb, true) $user = pick($user, 'postgres') $group = pick($group, 'postgres') # Archlinux doesn't have a client-package but has a libs package which # pulls in postgresql server $client_package_name = pick($client_package_name, 'postgresql') $server_package_name = pick($server_package_name, 'postgresql-libs') $java_package_name = pick($java_package_name, 'postgresql-jdbc') # Archlinux doesn't have develop packages $devel_package_name = pick($devel_package_name, 'postgresql-devel') # Archlinux does have postgresql-contrib but it isn't maintained $contrib_package_name = pick($contrib_package_name,'undef') # Archlinux postgresql package provides plperl $plperl_package_name = pick($plperl_package_name, 'undef') $plpython_package_name = pick($plpython_package_name, 'undef') $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/bin') $datadir = pick($datadir, '/var/lib/postgres/data') $confdir = pick($confdir, $datadir) $psql_path = pick($psql_path, "${bindir}/psql") $service_status = $service_status $service_reload = "service ${service_name} reload" $python_package_name = pick($python_package_name, 'python-psycopg2') # Archlinux does not have a perl::DBD::Pg package $perl_package_name = pick($perl_package_name, 'undef') } 'Debian': { $link_pg_config = false $user = pick($user, 'postgres') $group = pick($group, 'postgres') if $postgresql::globals::manage_package_repo == true { $needs_initdb = pick($needs_initdb, true) $service_name = pick($service_name, 'postgresql') } else { $needs_initdb = pick($needs_initdb, false) $service_name = $::operatingsystem ? { 'Debian' => pick($service_name, 'postgresql'), 'Ubuntu' => $::lsbmajdistrelease ? { /^10/ => pick($service_name, "postgresql-${version}"), default => pick($service_name, 'postgresql'), }, default => undef } } $client_package_name = pick($client_package_name, "postgresql-client-${version}") $server_package_name = pick($server_package_name, "postgresql-${version}") $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") if versioncmp($postgis_version, '2') < 0 { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis") } else { $postgis_package_name = pick($postgis_package_name, "postgresql-${version}-postgis-${postgis_version}") } $devel_package_name = pick($devel_package_name, 'libpq-dev') $java_package_name = pick($java_package_name, 'libpostgresql-jdbc-java') $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") $plpython_package_name = pick($plpython_package_name, "postgresql-plpython-${version}") $python_package_name = pick($python_package_name, 'python-psycopg2') $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") $confdir = pick($confdir, "/etc/postgresql/${version}/main") if $::operatingsystem == 'Debian' and versioncmp($::operatingsystemrelease, '8.0') >= 0 { # Jessie uses systemd $service_status = pick($service_status, "/usr/sbin/service ${service_name}@*-main status") } else { $service_status = pick($service_status, "/etc/init.d/${service_name} status | /bin/egrep -q 'Running clusters: .+|online'") } $service_reload = "service ${service_name} reload" $psql_path = pick($psql_path, '/usr/bin/psql') } 'FreeBSD': { $link_pg_config = true $user = pick($user, 'pgsql') $group = pick($group, 'pgsql') $client_package_name = pick($client_package_name, "databases/postgresql${version}-client") $server_package_name = pick($server_package_name, "databases/postgresql${version}-server") $contrib_package_name = pick($contrib_package_name, "databases/postgresql${version}-contrib") $devel_package_name = pick($devel_package_name, 'databases/postgresql-libpqxx3') $java_package_name = pick($java_package_name, 'databases/postgresql-jdbc') $perl_package_name = pick($plperl_package_name, 'databases/p5-DBD-Pg') $plperl_package_name = pick($plperl_package_name, "databases/postgresql${version}-plperl") $python_package_name = pick($python_package_name, 'databases/py-psycopg2') $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/local/bin') $datadir = pick($datadir, '/usr/local/pgsql/data') $confdir = pick($confdir, $datadir) $service_status = pick($service_status, "/usr/local/etc/rc.d/${service_name} onestatus") $service_reload = "service ${service_name} reload" $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) } 'OpenBSD': { $user = pick($user, '_postgresql') $group = pick($group, '_postgresql') $client_package_name = pick($client_package_name, 'postgresql-client') $server_package_name = pick($server_package_name, 'postgresql-server') $contrib_package_name = pick($contrib_package_name, 'postgresql-contrib') $devel_package_name = pick($devel_package_name, 'postgresql-client') $java_package_name = pick($java_package_name, 'postgresql-jdbc') $perl_package_name = pick($perl_package_name, 'databases/p5-DBD-Pg') $plperl_package_name = undef $python_package_name = pick($python_package_name, 'py-psycopg2') $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, '/usr/local/bin') $datadir = pick($datadir, '/var/postgresql/data') $confdir = pick($confdir, $datadir) $service_status = pick($service_status, "/etc/rc.d/${service_name} check") $service_reload = "/etc/rc.d/${service_name} reload" $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) } 'Suse': { $link_pg_config = true $user = pick($user, 'postgres') $group = pick($group, 'postgres') $client_package_name = pick($client_package_name, "postgresql${version}") $server_package_name = pick($server_package_name, "postgresql${version}-server") $contrib_package_name = pick($contrib_package_name, "postgresql${version}-contrib") $devel_package_name = pick($devel_package_name, "postgresql${version}-devel") $java_package_name = pick($java_package_name, "postgresql${version}-jdbc") $perl_package_name = pick($plperl_package_name, 'perl-DBD-Pg') $plperl_package_name = pick($plperl_package_name, "postgresql${version}-plperl") $python_package_name = pick($python_package_name, 'python-psycopg2') $service_name = pick($service_name, 'postgresql') $bindir = pick($bindir, "/usr/lib/postgresql${version}/bin") $datadir = pick($datadir, '/var/lib/pgsql/data') $confdir = pick($confdir, $datadir) $service_status = pick($service_status, "/etc/init.d/${service_name} status") $service_reload = "/etc/init.d/${service_name} reload" $psql_path = pick($psql_path, "${bindir}/psql") $needs_initdb = pick($needs_initdb, true) } default: { $link_pg_config = true $psql_path = pick($psql_path, "${bindir}/psql") # Since we can't determine defaults on our own, we rely on users setting # parameters with the postgresql::globals class. Here we are checking # that the mandatory minimum is set for the module to operate. $err_prefix = "Module ${module_name} does not provide defaults for osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}; please specify a value for ${module_name}::globals::" if ($needs_initdb == undef) { fail("${err_prefix}needs_initdb") } if ($service_name == undef) { fail("${err_prefix}service_name") } if ($client_package_name == undef) { fail("${err_prefix}client_package_name") } if ($server_package_name == undef) { fail("${err_prefix}server_package_name") } if ($bindir == undef) { fail("${err_prefix}bindir") } if ($datadir == undef) { fail("${err_prefix}datadir") } if ($confdir == undef) { fail("${err_prefix}confdir") } } } $validcon_script_path = pick($validcon_script_path, '/usr/local/bin/validate_postgresql_connection.sh') $initdb_path = pick($initdb_path, "${bindir}/initdb") $createdb_path = pick($createdb_path, "${bindir}/createdb") $pg_hba_conf_path = pick($pg_hba_conf_path, "${confdir}/pg_hba.conf") $pg_hba_conf_defaults = pick($pg_hba_conf_defaults, true) $pg_ident_conf_path = pick($pg_ident_conf_path, "${confdir}/pg_ident.conf") $postgresql_conf_path = pick($postgresql_conf_path, "${confdir}/postgresql.conf") $recovery_conf_path = pick($recovery_conf_path, "${datadir}/recovery.conf") $default_database = pick($default_database, 'postgres') } puppetlabs-postgresql-4.6.1/manifests/repo/000755 000765 000024 00000000000 12631567457 023016 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/manifests/repo.pp000644 000765 000024 00000001325 12631567444 023354 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not use directly class postgresql::repo ( $version = undef, $proxy = undef, ) inherits postgresql::params { case $::osfamily { 'RedHat', 'Linux': { if $version == undef { fail("The parameter 'version' for 'postgresql::repo' is undefined. You must always define it when osfamily == Redhat or Linux") } class { 'postgresql::repo::yum_postgresql_org': } } 'Debian': { class { 'postgresql::repo::apt_postgresql_org': } } default: { fail("Unsupported managed repository for osfamily: ${::osfamily}, operatingsystem: ${::operatingsystem}, module ${module_name} currently only supports managing repos for osfamily RedHat and Debian") } } } puppetlabs-postgresql-4.6.1/manifests/server/000755 000765 000024 00000000000 12631567457 023357 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/manifests/server.pp000644 000765 000024 00000006564 12631567444 023727 0ustar00helencampbellstaff000000 000000 # This installs a PostgreSQL server. See README.md for more details. class postgresql::server ( $postgres_password = undef, $package_name = $postgresql::params::server_package_name, $client_package_name = $postgresql::params::client_package_name, $package_ensure = $postgresql::params::package_ensure, $plperl_package_name = $postgresql::params::plperl_package_name, $plpython_package_name = $postgresql::params::plpython_package_name, $service_ensure = $postgresql::params::service_ensure, $service_enable = $postgresql::params::service_enable, $service_manage = $postgresql::params::service_manage, $service_name = $postgresql::params::service_name, $service_provider = $postgresql::params::service_provider, $service_reload = $postgresql::params::service_reload, $service_status = $postgresql::params::service_status, $default_database = $postgresql::params::default_database, $listen_addresses = $postgresql::params::listen_addresses, $port = $postgresql::params::port, $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, $ipv4acls = $postgresql::params::ipv4acls, $ipv6acls = $postgresql::params::ipv6acls, $initdb_path = $postgresql::params::initdb_path, $createdb_path = $postgresql::params::createdb_path, $psql_path = $postgresql::params::psql_path, $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, $pg_ident_conf_path = $postgresql::params::pg_ident_conf_path, $postgresql_conf_path = $postgresql::params::postgresql_conf_path, $recovery_conf_path = $postgresql::params::recovery_conf_path, $datadir = $postgresql::params::datadir, $xlogdir = $postgresql::params::xlogdir, $logdir = $postgresql::params::logdir, $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, $user = $postgresql::params::user, $group = $postgresql::params::group, $needs_initdb = $postgresql::params::needs_initdb, $encoding = $postgresql::params::encoding, $locale = $postgresql::params::locale, $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, $manage_pg_ident_conf = $postgresql::params::manage_pg_ident_conf, $manage_recovery_conf = $postgresql::params::manage_recovery_conf, #Deprecated $version = undef, ) inherits postgresql::params { $pg = 'postgresql::server' if $version != undef { warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') $_version = $version } else { $_version = $postgresql::params::version } # Reload has its own ordering, specified by other defines class { "${pg}::reload": require => Class["${pg}::install"] } anchor { "${pg}::start": }-> class { "${pg}::install": }-> class { "${pg}::initdb": }-> class { "${pg}::config": }-> class { "${pg}::service": }-> class { "${pg}::passwd": }-> anchor { "${pg}::end": } } puppetlabs-postgresql-4.6.1/manifests/validate_db_connection.pp000644 000765 000024 00000005354 12631567444 027072 0ustar00helencampbellstaff000000 000000 # This type validates that a successful postgres connection can be established # between the node on which this resource is run and a specified postgres # instance (host/port/user/password/database name). # # See README.md for more details. define postgresql::validate_db_connection( $database_host = undef, $database_name = undef, $database_password = undef, $database_username = undef, $database_port = undef, $run_as = undef, $sleep = 2, $tries = 10, $create_db_first = true ) { include postgresql::client include postgresql::params $psql_path = $postgresql::params::psql_path $validcon_script_path = $postgresql::client::validcon_script_path $cmd_init = "${psql_path} --tuples-only --quiet " $cmd_host = $database_host ? { undef => '', default => "-h ${database_host} ", } $cmd_user = $database_username ? { undef => '', default => "-U ${database_username} ", } $cmd_port = $database_port ? { undef => '', default => "-p ${database_port} ", } $cmd_dbname = $database_name ? { undef => "--dbname ${postgresql::params::default_database} ", default => "--dbname ${database_name} ", } $env = $database_password ? { undef => undef, default => "PGPASSWORD=${database_password}", } $cmd = join([$cmd_init, $cmd_host, $cmd_user, $cmd_port, $cmd_dbname], ' ') $validate_cmd = "${validcon_script_path} ${sleep} ${tries} '${cmd}'" # This is more of a safety valve, we add a little extra to compensate for the # time it takes to run each psql command. $timeout = (($sleep + 2) * $tries) $exec_name = "validate postgres connection for ${database_username}@${database_host}:${database_port}/${database_name}" exec { $exec_name: command => "echo 'Unable to connect to defined database using: ${cmd}' && false", unless => $validate_cmd, cwd => '/tmp', environment => $env, logoutput => 'on_failure', user => $run_as, path => '/bin:/usr/bin:/usr/local/bin', timeout => $timeout, require => Class['postgresql::client'], } # This is a little bit of puppet magic. What we want to do here is make # sure that if the validation and the database instance creation are being # applied on the same machine, then the database resource is applied *before* # the validation resource. Otherwise, the validation is guaranteed to fail # on the first run. # # We accomplish this by using Puppet's resource collection syntax to search # for the Database resource in our current catalog; if it exists, the # appropriate relationship is created here. if($create_db_first) { Postgresql::Server::Database<|title == $database_name|> -> Exec[$exec_name] } } puppetlabs-postgresql-4.6.1/manifests/server/config.pp000644 000765 000024 00000014777 12631567444 025201 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not call directly class postgresql::server::config { $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users $listen_addresses = $postgresql::server::listen_addresses $port = $postgresql::server::port $ipv4acls = $postgresql::server::ipv4acls $ipv6acls = $postgresql::server::ipv6acls $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path $pg_ident_conf_path = $postgresql::server::pg_ident_conf_path $postgresql_conf_path = $postgresql::server::postgresql_conf_path $recovery_conf_path = $postgresql::server::recovery_conf_path $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults $user = $postgresql::server::user $group = $postgresql::server::group $version = $postgresql::server::_version $manage_package_repo = $postgresql::server::manage_package_repo $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf $manage_pg_ident_conf = $postgresql::server::manage_pg_ident_conf $manage_recovery_conf = $postgresql::server::manage_recovery_conf $datadir = $postgresql::server::datadir $logdir = $postgresql::server::logdir if ($manage_pg_hba_conf == true) { # Prepare the main pg_hba file concat { $pg_hba_conf_path: owner => $user, group => $group, mode => '0640', warn => true, notify => Class['postgresql::server::reload'], } if $pg_hba_conf_defaults { Postgresql::Server::Pg_hba_rule { database => 'all', user => 'all', } # Lets setup the base rules $local_auth_option = $version ? { '8.1' => 'sameuser', default => undef, } postgresql::server::pg_hba_rule { 'local access as postgres user': type => 'local', user => $user, auth_method => 'ident', auth_option => $local_auth_option, order => '001', } postgresql::server::pg_hba_rule { 'local access to database with same name': type => 'local', auth_method => 'ident', auth_option => $local_auth_option, order => '002', } postgresql::server::pg_hba_rule { 'allow localhost TCP access to postgresql user': type => 'host', user => $user, address => '127.0.0.1/32', auth_method => 'md5', order => '003', } postgresql::server::pg_hba_rule { 'deny access to postgresql user': type => 'host', user => $user, address => $ip_mask_deny_postgres_user, auth_method => 'reject', order => '004', } postgresql::server::pg_hba_rule { 'allow access to all users': type => 'host', address => $ip_mask_allow_all_users, auth_method => 'md5', order => '100', } postgresql::server::pg_hba_rule { 'allow access to ipv6 localhost': type => 'host', address => '::1/128', auth_method => 'md5', order => '101', } } # ipv4acls are passed as an array of rule strings, here we transform # them into a resources hash, and pass the result to create_resources $ipv4acl_resources = postgresql_acls_to_resources_hash($ipv4acls, 'ipv4acls', 10) create_resources('postgresql::server::pg_hba_rule', $ipv4acl_resources) # ipv6acls are passed as an array of rule strings, here we transform # them into a resources hash, and pass the result to create_resources $ipv6acl_resources = postgresql_acls_to_resources_hash($ipv6acls, 'ipv6acls', 102) create_resources('postgresql::server::pg_hba_rule', $ipv6acl_resources) } # We must set a "listen_addresses" line in the postgresql.conf if we # want to allow any connections from remote hosts. postgresql::server::config_entry { 'listen_addresses': value => $listen_addresses, } postgresql::server::config_entry { 'port': value => $port, } postgresql::server::config_entry { 'data_directory': value => $datadir, } if $logdir { postgresql::server::config_entry { 'log_directory': value => $logdir, } } # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. if ($::osfamily == 'RedHat') and ($::operatingsystemrelease !~ /^7/) and ($::operatingsystem != 'Fedora') { file { '/etc/sysconfig/pgsql/postgresql': ensure => present, replace => false, } # The init script from the packages of the postgresql.org repository # sources an alternate sysconfig file. # I. e. /etc/sysconfig/pgsql/postgresql-9.3 for PostgreSQL 9.3 # Link to the sysconfig file set by this puppet module file { "/etc/sysconfig/pgsql/postgresql-${version}": ensure => link, target => '/etc/sysconfig/pgsql/postgresql', require => File[ '/etc/sysconfig/pgsql/postgresql' ], } } if ($manage_pg_ident_conf == true) { concat { $pg_ident_conf_path: owner => $user, group => $group, force => true, # do not crash if there is no pg_ident_rules mode => '0640', warn => true, notify => Class['postgresql::server::reload'], } } if ($manage_recovery_conf == true) { concat { $recovery_conf_path: owner => $user, group => $group, force => true, # do not crash if there is no recovery conf file mode => '0640', warn => true, notify => Class['postgresql::server::reload'], } } if $::osfamily == 'RedHat' { if $::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora' { file { 'systemd-override': ensure => present, path => "/etc/systemd/system/${postgresql::params::service_name}.service", owner => root, group => root, content => template('postgresql/systemd-override.erb'), notify => [ Exec['restart-systemd'], Class['postgresql::server::service'] ], before => Class['postgresql::server::reload'], } exec { 'restart-systemd': command => 'systemctl daemon-reload', refreshonly => true, path => '/bin:/usr/bin:/usr/local/bin' } } } } puppetlabs-postgresql-4.6.1/manifests/server/config_entry.pp000644 000765 000024 00000012041 12631567444 026400 0ustar00helencampbellstaff000000 000000 # Manage a postgresql.conf entry. See README.md for more details. define postgresql::server::config_entry ( $ensure = 'present', $value = undef, $path = false ) { $postgresql_conf_path = $postgresql::server::postgresql_conf_path $target = $path ? { false => $postgresql_conf_path, default => $path, } Exec { logoutput => 'on_failure', } case $name { /data_directory|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { Postgresql_conf { notify => Class['postgresql::server::service'], before => Class['postgresql::server::reload'], } } default: { Postgresql_conf { notify => Class['postgresql::server::reload'], } } } # We have to handle ports and the data directory in a weird and # special way. On early Debian and Ubuntu and RHEL we have to ensure # we stop the service completely. On RHEL 7 we either have to create # a systemd override for the port or update the sysconfig file, but this # is managed for us in postgresql::server::config. if $::operatingsystem == 'Debian' or $::operatingsystem == 'Ubuntu' { if $name == 'port' and ( $::operatingsystemrelease =~ /^6/ or $::operatingsystemrelease =~ /^10\.04/ ) { exec { "postgresql_stop_${name}": command => "service ${::postgresql::server::service_name} stop", onlyif => "service ${::postgresql::server::service_name} status", unless => "grep 'port = ${value}' ${::postgresql::server::postgresql_conf_path}", path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', before => Postgresql_conf[$name], } } elsif $name == 'data_directory' { exec { "postgresql_stop_${name}": command => "service ${::postgresql::server::service_name} stop", onlyif => "service ${::postgresql::server::service_name} status", unless => "grep \"data_directory = '${value}'\" ${::postgresql::server::postgresql_conf_path}", path => '/usr/sbin:/sbin:/bin:/usr/bin:/usr/local/bin', before => Postgresql_conf[$name], } } } if $::osfamily == 'RedHat' { if ! ($::operatingsystemrelease =~ /^7/ or $::operatingsystem == 'Fedora') { if $name == 'port' { # We need to force postgresql to stop before updating the port # because puppet becomes confused and is unable to manage the # service appropriately. exec { "postgresql_stop_${name}": command => "service ${::postgresql::server::service_name} stop", onlyif => "service ${::postgresql::server::service_name} status", unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], } -> augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': lens => 'Shellvars.lns', incl => '/etc/sysconfig/pgsql/*', context => '/files/etc/sysconfig/pgsql/postgresql', changes => "set PGPORT ${value}", require => File['/etc/sysconfig/pgsql/postgresql'], notify => Class['postgresql::server::service'], before => Class['postgresql::server::reload'], } } elsif $name == 'data_directory' { # We need to force postgresql to stop before updating the data directory # otherwise init script breaks exec { "postgresql_${name}": command => "service ${::postgresql::server::service_name} stop", onlyif => "service ${::postgresql::server::service_name} status", unless => "grep 'PGDATA=${value}' /etc/sysconfig/pgsql/postgresql", path => '/sbin:/bin:/usr/bin:/usr/local/bin', require => File['/etc/sysconfig/pgsql/postgresql'], } -> augeas { 'override PGDATA in /etc/sysconfig/pgsql/postgresql': lens => 'Shellvars.lns', incl => '/etc/sysconfig/pgsql/*', context => '/files/etc/sysconfig/pgsql/postgresql', changes => "set PGDATA ${value}", require => File['/etc/sysconfig/pgsql/postgresql'], notify => Class['postgresql::server::service'], before => Class['postgresql::server::reload'], } } } } case $ensure { /present|absent/: { postgresql_conf { $name: ensure => $ensure, target => $target, value => $value, require => Class['postgresql::server::initdb'], } } default: { fail("Unknown value for ensure '${ensure}'.") } } } puppetlabs-postgresql-4.6.1/manifests/server/contrib.pp000644 000765 000024 00000001152 12631567404 025347 0ustar00helencampbellstaff000000 000000 # Install the contrib postgresql packaging. See README.md for more details. class postgresql::server::contrib ( $package_name = $postgresql::params::contrib_package_name, $package_ensure = 'present' ) inherits postgresql::params { validate_string($package_name) package { 'postgresql-contrib': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } anchor { 'postgresql::server::contrib::start': }-> Class['postgresql::server::install']-> Package['postgresql-contrib']-> Class['postgresql::server::service']-> anchor { 'postgresql::server::contrib::end': } } puppetlabs-postgresql-4.6.1/manifests/server/database.pp000644 000765 000024 00000006553 12631567444 025471 0ustar00helencampbellstaff000000 000000 # Define for creating a database. See README.md for more details. define postgresql::server::database( $comment = undef, $dbname = $title, $owner = $postgresql::server::user, $tablespace = undef, $template = 'template0', $encoding = $postgresql::server::encoding, $locale = $postgresql::server::locale, $istemplate = false ) { $createdb_path = $postgresql::server::createdb_path $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port $version = $postgresql::server::_version $default_db = $postgresql::server::default_database # Set the defaults for the postgresql_psql resource Postgresql_psql { psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, } # Optionally set the locale switch. Older versions of createdb may not accept # --locale, so if the parameter is undefined its safer not to pass it. if ($version != '8.1') { $locale_option = $locale ? { undef => '', default => "--locale=${locale} ", } $public_revoke_privilege = 'CONNECT' } else { $locale_option = '' $public_revoke_privilege = 'ALL' } $encoding_option = $encoding ? { undef => '', default => "--encoding '${encoding}' ", } $tablespace_option = $tablespace ? { undef => '', default => "--tablespace='${tablespace}' ", } $createdb_command = "${createdb_path} --port='${port}' --owner='${owner}' --template=${template} ${encoding_option}${locale_option}${tablespace_option} '${dbname}'" postgresql_psql { "Check for existence of db '${dbname}'": command => 'SELECT 1', unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", db => $default_db, port => $port, require => Class['postgresql::server::service'] }~> exec { $createdb_command : refreshonly => true, user => $user, logoutput => on_failure, }~> # This will prevent users from connecting to the database unless they've been # granted privileges. postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": db => $default_db, port => $port, refreshonly => true, } Exec[ $createdb_command ]-> postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", db => $default_db, } if $comment { # The shobj_description function was only introduced with 8.2 $comment_information_function = $version ? { '8.1' => 'obj_description', default => 'shobj_description', } Exec[ $createdb_command ]-> postgresql_psql {"COMMENT ON DATABASE ${dbname} IS '${comment}'": unless => "SELECT pg_catalog.${comment_information_function}(d.oid, 'pg_database') as \"Description\" FROM pg_catalog.pg_database d WHERE datname = '${dbname}' AND pg_catalog.${comment_information_function}(d.oid, 'pg_database') = '${comment}'", db => $dbname, } } # Build up dependencies on tablespace if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { Postgresql::Server::Tablespace[$tablespace]->Exec[$createdb_command] } } puppetlabs-postgresql-4.6.1/manifests/server/database_grant.pp000644 000765 000024 00000000657 12631567444 026663 0ustar00helencampbellstaff000000 000000 # Manage a database grant. See README.md for more details. define postgresql::server::database_grant( $privilege, $db, $role, $psql_db = undef, $psql_user = undef ) { postgresql::server::grant { "database:${name}": role => $role, db => $db, privilege => $privilege, object_type => 'DATABASE', object_name => $db, psql_db => $psql_db, psql_user => $psql_user, } } puppetlabs-postgresql-4.6.1/manifests/server/db.pp000644 000765 000024 00000002703 12631567404 024277 0ustar00helencampbellstaff000000 000000 # Define for conveniently creating a role, database and assigning the correct # permissions. See README.md for more details. define postgresql::server::db ( $user, $password, $comment = undef, $dbname = $title, $encoding = $postgresql::server::encoding, $locale = $postgresql::server::locale, $grant = 'ALL', $tablespace = undef, $template = 'template0', $istemplate = false, $owner = undef ) { if ! defined(Postgresql::Server::Database[$dbname]) { postgresql::server::database { $dbname: comment => $comment, encoding => $encoding, tablespace => $tablespace, template => $template, locale => $locale, istemplate => $istemplate, owner => $owner, } } if ! defined(Postgresql::Server::Role[$user]) { postgresql::server::role { $user: password_hash => $password, before => Postgresql::Server::Database[$dbname], } } if ! defined(Postgresql::Server::Database_grant["GRANT ${user} - ${grant} - ${dbname}"]) { postgresql::server::database_grant { "GRANT ${user} - ${grant} - ${dbname}": privilege => $grant, db => $dbname, role => $user, } -> Postgresql::Validate_db_connection<| database_name == $dbname |> } if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { Postgresql::Server::Tablespace[$tablespace]->Postgresql::Server::Database[$name] } } puppetlabs-postgresql-4.6.1/manifests/server/extension.pp000644 000765 000024 00000003306 12631567444 025732 0ustar00helencampbellstaff000000 000000 # Activate an extension on a postgresql database define postgresql::server::extension ( $database, $ensure = 'present', $package_name = undef, $package_ensure = undef, ) { $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port # Set the defaults for the postgresql_psql resource Postgresql_psql { psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, } case $ensure { 'present': { $command = "CREATE EXTENSION \"${name}\"" $unless_comp = '=' $package_require = undef $package_before = Postgresql_psql["Add ${title} extension to ${database}"] } 'absent': { $command = "DROP EXTENSION \"${name}\"" $unless_comp = '!=' $package_require = Postgresql_psql["Add ${title} extension to ${database}"] $package_before = undef } default: { fail("Unknown value for ensure '${ensure}'.") } } postgresql_psql {"Add ${title} extension to ${database}": db => $database, command => $command, unless => "SELECT t.count FROM (SELECT count(extname) FROM pg_extension WHERE extname = '${name}') as t WHERE t.count ${unless_comp} 1", require => Postgresql::Server::Database[$database], } if $package_name { $_package_ensure = $package_ensure ? { undef => $ensure, default => $package_ensure, } package { "Postgresql extension ${title}": ensure => $_package_ensure, name => $package_name, tag => 'postgresql', require => $package_require, before => $package_before, } } } puppetlabs-postgresql-4.6.1/manifests/server/grant.pp000644 000765 000024 00000020673 12631567444 025037 0ustar00helencampbellstaff000000 000000 # Define for granting permissions to roles. See README.md for more details. define postgresql::server::grant ( $role, $db, $privilege = undef, $object_type = 'database', $object_name = undef, $psql_db = $postgresql::server::default_database, $psql_user = $postgresql::server::user, $port = $postgresql::server::port, $onlyif_exists = false, ) { $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path if ! $object_name { $_object_name = $db } else { $_object_name = $object_name } validate_bool($onlyif_exists) ## Munge the input values $_object_type = upcase($object_type) $_privilege = upcase($privilege) ## Validate that the object type is known validate_string($_object_type, #'COLUMN', 'DATABASE', #'FOREIGN SERVER', #'FOREIGN DATA WRAPPER', #'FUNCTION', #'PROCEDURAL LANGUAGE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE', 'ALL TABLES IN SCHEMA', #'TABLESPACE', #'VIEW', ) # You can use ALL TABLES IN SCHEMA by passing schema_name to object_name # You can use ALL SEQUENCES IN SCHEMA by passing schema_name to object_name ## Validate that the object type's privilege is acceptable # TODO: this is a terrible hack; if they pass "ALL" as the desired privilege, # we need a way to test for it--and has_database_privilege does not # recognize 'ALL' as a valid privilege name. So we probably need to # hard-code a mapping between 'ALL' and the list of actual privileges that # it entails, and loop over them to check them. That sort of thing will # probably need to wait until we port this over to ruby, so, for now, we're # just going to assume that if they have "CREATE" privileges on a database, # then they have "ALL". (I told you that it was terrible!) case $_object_type { 'DATABASE': { $unless_privilege = $_privilege ? { 'ALL' => 'CREATE', 'ALL PRIVILEGES' => 'CREATE', default => $_privilege, } validate_string($unless_privilege,'CREATE','CONNECT','TEMPORARY','TEMP', 'ALL','ALL PRIVILEGES') $unless_function = 'has_database_privilege' $on_db = $psql_db $onlyif_function = undef } 'SCHEMA': { $unless_privilege = $_privilege ? { 'ALL' => 'CREATE', 'ALL PRIVILEGES' => 'CREATE', default => $_privilege, } validate_string($_privilege, 'CREATE', 'USAGE', 'ALL', 'ALL PRIVILEGES') $unless_function = 'has_schema_privilege' $on_db = $db $onlyif_function = undef } 'SEQUENCE': { $unless_privilege = $_privilege ? { 'ALL' => 'USAGE', default => $_privilege, } validate_string($unless_privilege,'USAGE','ALL','ALL PRIVILEGES') $unless_function = 'has_sequence_privilege' $on_db = $db } 'ALL SEQUENCES IN SCHEMA': { validate_string($_privilege,'USAGE','ALL','ALL PRIVILEGES') $unless_function = 'custom' $on_db = $db $schema = $object_name $custom_privilege = $_privilege ? { 'ALL' => 'USAGE', 'ALL PRIVILEGES' => 'USAGE', default => $_privilege, } # This checks if there is a difference between the sequences in the # specified schema and the sequences for which the role has the specified # privilege. It uses the EXCEPT clause which computes the set of rows # that are in the result of the first SELECT statement but not in the # result of the second one. It then counts the number of rows from this # operation. If this number is zero then the role has the specified # privilege for all sequences in the schema and the whole query returns a # single row, which satisfies the `unless` parameter of Postgresql_psql. # If this number is not zero then there is at least one sequence for which # the role does not have the specified privilege, making it necessary to # execute the GRANT statement. $custom_unless = "SELECT 1 FROM ( SELECT sequence_name FROM information_schema.sequences WHERE sequence_schema='${schema}' EXCEPT DISTINCT SELECT object_name as sequence_name FROM information_schema.role_usage_grants WHERE object_type='SEQUENCE' AND grantee='${role}' AND object_schema='${schema}' AND privilege_type='${custom_privilege}' ) P HAVING count(P.sequence_name) = 0" } 'TABLE': { $unless_privilege = $_privilege ? { 'ALL' => 'INSERT', default => $_privilege, } validate_string($unless_privilege,'SELECT','INSERT','UPDATE','DELETE', 'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES') $unless_function = 'has_table_privilege' $on_db = $db $onlyif_function = $onlyif_exists ? { true => 'table_exists', default => undef, } } 'ALL TABLES IN SCHEMA': { validate_string($_privilege,'SELECT','INSERT','UPDATE','DELETE', 'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES') $unless_function = 'custom' $on_db = $db $onlyif_function = undef $schema = $object_name # Again there seems to be no easy way in plain SQL to check if ALL # PRIVILEGES are granted on a table. By convention we use INSERT # here to represent ALL PRIVILEGES (truly terrible). $custom_privilege = $_privilege ? { 'ALL' => 'INSERT', 'ALL PRIVILEGES' => 'INSERT', default => $_privilege, } # This checks if there is a difference between the tables in the # specified schema and the tables for which the role has the specified # privilege. It uses the EXCEPT clause which computes the set of rows # that are in the result of the first SELECT statement but not in the # result of the second one. It then counts the number of rows from this # operation. If this number is zero then the role has the specified # privilege for all tables in the schema and the whole query returns a # single row, which satisfies the `unless` parameter of Postgresql_psql. # If this number is not zero then there is at least one table for which # the role does not have the specified privilege, making it necessary to # execute the GRANT statement. $custom_unless = "SELECT 1 FROM ( SELECT table_name FROM information_schema.tables WHERE table_schema='${schema}' EXCEPT DISTINCT SELECT table_name FROM information_schema.role_table_grants WHERE grantee='${role}' AND table_schema='${schema}' AND privilege_type='${custom_privilege}' ) P HAVING count(P.table_name) = 0" } default: { fail("Missing privilege validation for object type ${_object_type}") } } # This is used to give grant to "schemaname"."tablename" # If you need such grant, use: # postgresql::grant { 'table:foo': # role => 'joe', # ... # object_type => 'TABLE', # object_name => [$schema, $table], # } if is_array($_object_name) { $_togrant_object = join($_object_name, '"."') # Never put double quotes into has_*_privilege function $_granted_object = join($_object_name, '.') } else { $_granted_object = $_object_name $_togrant_object = $_object_name } $_unless = $unless_function ? { false => undef, 'custom' => $custom_unless, default => "SELECT 1 WHERE ${unless_function}('${role}', '${_granted_object}', '${unless_privilege}')", } $_onlyif = $onlyif_function ? { 'table_exists' => "SELECT true FROM pg_tables WHERE tablename = '${_togrant_object}'", default => undef, } $grant_cmd = "GRANT ${_privilege} ON ${_object_type} \"${_togrant_object}\" TO \"${role}\"" postgresql_psql { "grant:${name}": command => $grant_cmd, db => $on_db, port => $port, psql_user => $psql_user, psql_group => $group, psql_path => $psql_path, unless => $_unless, onlyif => $_onlyif, require => Class['postgresql::server'] } if($role != undef and defined(Postgresql::Server::Role[$role])) { Postgresql::Server::Role[$role]->Postgresql_psql["grant:${name}"] } if($db != undef and defined(Postgresql::Server::Database[$db])) { Postgresql::Server::Database[$db]->Postgresql_psql["grant:${name}"] } } puppetlabs-postgresql-4.6.1/manifests/server/initdb.pp000644 000765 000024 00000010507 12631567404 025164 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not call directly class postgresql::server::initdb { $needs_initdb = $postgresql::server::needs_initdb $initdb_path = $postgresql::server::initdb_path $datadir = $postgresql::server::datadir $xlogdir = $postgresql::server::xlogdir $logdir = $postgresql::server::logdir $encoding = $postgresql::server::encoding $locale = $postgresql::server::locale $group = $postgresql::server::group $user = $postgresql::server::user $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port # Set the defaults for the postgresql_psql resource Postgresql_psql { psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, } # Make sure the data directory exists, and has the correct permissions. file { $datadir: ensure => directory, owner => $user, group => $group, mode => '0700', } if($xlogdir) { # Make sure the xlog directory exists, and has the correct permissions. file { $xlogdir: ensure => directory, owner => $user, group => $group, mode => '0700', } } if($logdir) { # Make sure the log directory exists, and has the correct permissions. file { $logdir: ensure => directory, owner => $user, group => $group, } } if($needs_initdb) { # Build up the initdb command. # # We optionally add the locale switch if specified. Older versions of the # initdb command don't accept this switch. So if the user didn't pass the # parameter, lets not pass the switch at all. $ic_base = "${initdb_path} --encoding '${encoding}' --pgdata '${datadir}'" $ic_xlog = $xlogdir ? { undef => $ic_base, default => "${ic_base} --xlogdir '${xlogdir}'" } # The xlogdir need to be present before initdb runs. # If xlogdir is default it's created by package installer if($xlogdir) { $require_before_initdb = [$datadir, $xlogdir] } else { $require_before_initdb = [$datadir] } $initdb_command = $locale ? { undef => $ic_xlog, default => "${ic_xlog} --locale '${locale}'" } # This runs the initdb command, we use the existance of the PG_VERSION # file to ensure we don't keep running this command. exec { 'postgresql_initdb': command => $initdb_command, creates => "${datadir}/PG_VERSION", user => $user, group => $group, logoutput => on_failure, require => File[$require_before_initdb], } # The package will take care of this for us the first time, but if we # ever need to init a new db we need to copy these files explicitly if $::operatingsystem == 'Debian' or $::operatingsystem == 'Ubuntu' { if $::operatingsystemrelease =~ /^6/ or $::operatingsystemrelease =~ /^7/ or $::operatingsystemrelease =~ /^10\.04/ or $::operatingsystemrelease =~ /^12\.04/ { file { 'server.crt': ensure => file, path => "${datadir}/server.crt", source => 'file:///etc/ssl/certs/ssl-cert-snakeoil.pem', owner => $::postgresql::server::user, group => $::postgresql::server::group, mode => '0644', require => Exec['postgresql_initdb'], } file { 'server.key': ensure => file, path => "${datadir}/server.key", source => 'file:///etc/ssl/private/ssl-cert-snakeoil.key', owner => $::postgresql::server::user, group => $::postgresql::server::group, mode => '0600', require => Exec['postgresql_initdb'], } } } } elsif $encoding != undef { # [workaround] # by default pg_createcluster encoding derived from locale # but it do does not work by installing postgresql via puppet because puppet # always override LANG to 'C' postgresql_psql { "Set template1 encoding to ${encoding}": command => "UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1' ; UPDATE pg_database SET encoding = pg_char_to_encoding('${encoding}'), datistemplate = TRUE WHERE datname = 'template1'", unless => "SELECT datname FROM pg_database WHERE datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", } } } puppetlabs-postgresql-4.6.1/manifests/server/install.pp000644 000765 000024 00000001222 12631567404 025353 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not call directly class postgresql::server::install { $package_ensure = $postgresql::server::package_ensure $package_name = $postgresql::server::package_name $client_package_name = $postgresql::server::client_package_name $_package_ensure = $package_ensure ? { true => 'present', false => 'purged', 'absent' => 'purged', default => $package_ensure, } package { 'postgresql-server': ensure => $_package_ensure, name => $package_name, # This is searched for to create relationships with the package repos, be # careful about its removal tag => 'postgresql', } } puppetlabs-postgresql-4.6.1/manifests/server/passwd.pp000644 000765 000024 00000003137 12631567404 025215 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not call directly class postgresql::server::passwd { $postgres_password = $postgresql::server::postgres_password $user = $postgresql::server::user $group = $postgresql::server::group $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port if ($postgres_password != undef) { # NOTE: this password-setting logic relies on the pg_hba.conf being # configured to allow the postgres system user to connect via psql # without specifying a password ('ident' or 'trust' security). This is # the default for pg_hba.conf. $escaped = postgresql_escape($postgres_password) exec { 'set_postgres_postgrespw': # This command works w/no password because we run it as postgres system # user command => "${psql_path} -c \"ALTER ROLE \\\"${user}\\\" PASSWORD \${NEWPASSWD_ESCAPED}\"", user => $user, group => $group, logoutput => true, cwd => '/tmp', environment => [ "PGPASSWORD=${postgres_password}", "NEWPASSWD_ESCAPED=${escaped}", ], # With this command we're passing -h to force TCP authentication, which # does require a password. We specify the password via the PGPASSWORD # environment variable. If the password is correct (current), this # command will exit with an exit code of 0, which will prevent the main # command from running. unless => "${psql_path} -h localhost -p ${port} -c 'select 1' > /dev/null", path => '/usr/bin:/usr/local/bin:/bin', } } } puppetlabs-postgresql-4.6.1/manifests/server/pg_hba_rule.pp000644 000765 000024 00000005645 12631567404 026171 0ustar00helencampbellstaff000000 000000 # This resource manages an individual rule that applies to the file defined in # $target. See README.md for more details. define postgresql::server::pg_hba_rule( $type, $database, $user, $auth_method, $address = undef, $description = 'none', $auth_option = undef, $order = '150', # Needed for testing primarily, support for multiple files is not really # working. $target = $postgresql::server::pg_hba_conf_path, $postgresql_version = $postgresql::server::_version ) { #Allow users to manage pg_hba.conf even if they are not managing the whole PostgreSQL instance if !defined( 'postgresql::server' ) { $manage_pg_hba_conf = true } else { $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf } if $manage_pg_hba_conf == false { fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { validate_re($type, '^(local|host|hostssl|hostnossl)$', "The type you specified [${type}] must be one of: local, host, hostssl, hostnosssl") if($type =~ /^host/ and $address == undef) { fail('You must specify an address property when type is host based') } $allowed_auth_methods = $postgresql_version ? { '9.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.3' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.2' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.1' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], '9.0' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'radius', 'cert', 'pam'], '8.4' => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'cert', 'pam'], '8.3' => ['trust', 'reject', 'md5', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], '8.1' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'pam'], default => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt'] } $auth_method_regex = join(['^(', join($allowed_auth_methods, '|'), ')$'],'') validate_re($auth_method, $auth_method_regex, join(["The auth_method you specified [${auth_method}] must be one of: ", join($allowed_auth_methods, ', ')],'')) # Create a rule fragment $fragname = "pg_hba_rule_${name}" concat::fragment { $fragname: target => $target, content => template('postgresql/pg_hba_rule.conf'), order => $order, } } } puppetlabs-postgresql-4.6.1/manifests/server/pg_ident_rule.pp000644 000765 000024 00000001611 12631567404 026527 0ustar00helencampbellstaff000000 000000 # This resource manages an individual rule that applies to the file defined in # $target. See README.md for more details. define postgresql::server::pg_ident_rule( $map_name, $system_username, $database_username, $description = 'none', $order = '150', # Needed for testing primarily, support for multiple files is not really # working. $target = $postgresql::server::pg_ident_conf_path ) { if $postgresql::server::manage_pg_ident_conf == false { fail('postgresql::server::manage_pg_ident_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { # Create a rule fragment $fragname = "pg_ident_rule_${name}" concat::fragment { $fragname: target => $target, content => template('postgresql/pg_ident_rule.conf'), order => $order, } } } puppetlabs-postgresql-4.6.1/manifests/server/plperl.pp000644 000765 000024 00000001102 12631567404 025200 0ustar00helencampbellstaff000000 000000 # This class installs the PL/Perl procedural language for postgresql. See # README.md for more details. class postgresql::server::plperl( $package_ensure = 'present', $package_name = $postgresql::server::plperl_package_name ) { package { 'postgresql-plperl': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } anchor { 'postgresql::server::plperl::start': }-> Class['postgresql::server::install']-> Package['postgresql-plperl']-> Class['postgresql::server::service']-> anchor { 'postgresql::server::plperl::end': } } puppetlabs-postgresql-4.6.1/manifests/server/plpython.pp000644 000765 000024 00000001121 12631567404 025560 0ustar00helencampbellstaff000000 000000 # This class installs the PL/Python procedural language for postgresql. See # README.md for more details. class postgresql::server::plpython( $package_ensure = 'present', $package_name = $postgresql::server::plpython_package_name, ) { package { 'postgresql-plpython': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } anchor { 'postgresql::server::plpython::start': }-> Class['postgresql::server::install']-> Package['postgresql-plpython']-> Class['postgresql::server::service']-> anchor { 'postgresql::server::plpython::end': } } puppetlabs-postgresql-4.6.1/manifests/server/postgis.pp000644 000765 000024 00000001343 12631567404 025401 0ustar00helencampbellstaff000000 000000 # Install the postgis postgresql packaging. See README.md for more details. class postgresql::server::postgis ( $package_name = $postgresql::params::postgis_package_name, $package_ensure = 'present' ) inherits postgresql::params { validate_string($package_name) package { 'postgresql-postgis': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } anchor { 'postgresql::server::postgis::start': }-> Class['postgresql::server::install']-> Package['postgresql-postgis']-> Class['postgresql::server::service']-> anchor { 'postgresql::server::postgis::end': } if $postgresql::globals::manage_package_repo { Class['postgresql::repo'] -> Package['postgresql-postgis'] } } puppetlabs-postgresql-4.6.1/manifests/server/recovery.pp000644 000765 000024 00000003732 12631567404 025553 0ustar00helencampbellstaff000000 000000 # This resource manages the parameters that applies to the recovery.conf template. See README.md for more details. define postgresql::server::recovery( $restore_command = undef, $archive_cleanup_command = undef, $recovery_end_command = undef, $recovery_target_name = undef, $recovery_target_time = undef, $recovery_target_xid = undef, $recovery_target_inclusive = undef, $recovery_target = undef, $recovery_target_timeline = undef, $pause_at_recovery_target = undef, $standby_mode = undef, $primary_conninfo = undef, $primary_slot_name = undef, $trigger_file = undef, $recovery_min_apply_delay = undef, $target = $postgresql::server::recovery_conf_path ) { if $postgresql::server::manage_recovery_conf == false { fail('postgresql::server::manage_recovery_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') } else { if($restore_command == undef and $archive_cleanup_command == undef and $recovery_end_command == undef and $recovery_target_name == undef and $recovery_target_time == undef and $recovery_target_xid == undef and $recovery_target_inclusive == undef and $recovery_target == undef and $recovery_target_timeline == undef and $pause_at_recovery_target == undef and $standby_mode == undef and $primary_conninfo == undef and $primary_slot_name == undef and $trigger_file == undef and $recovery_min_apply_delay == undef) { fail('postgresql::server::recovery use this resource but do not pass a parameter will avoid creating the recovery.conf, because it makes no sense.') } # Create the recovery.conf content concat::fragment { 'recovery.conf': target => $target, content => template('postgresql/recovery.conf'), } } } puppetlabs-postgresql-4.6.1/manifests/server/reload.pp000644 000765 000024 00000000741 12631567404 025160 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not use directly class postgresql::server::reload { $service_name = $postgresql::server::service_name $service_status = $postgresql::server::service_status $service_reload = $postgresql::server::service_reload exec { 'postgresql_reload': path => '/usr/bin:/usr/sbin:/bin:/sbin', command => $service_reload, onlyif => $service_status, refreshonly => true, require => Class['postgresql::server::service'], } } puppetlabs-postgresql-4.6.1/manifests/server/role.pp000644 000765 000024 00000010042 12631567444 024652 0ustar00helencampbellstaff000000 000000 # Define for creating a database role. See README.md for more information define postgresql::server::role( $password_hash = false, $createdb = false, $createrole = false, $db = $postgresql::server::default_database, $port = $postgresql::server::port, $login = true, $inherit = true, $superuser = false, $replication = false, $connection_limit = '-1', $username = $title ) { $psql_user = $postgresql::server::user $psql_group = $postgresql::server::group $psql_path = $postgresql::server::psql_path $version = $postgresql::server::_version $login_sql = $login ? { true => 'LOGIN', default => 'NOLOGIN' } $inherit_sql = $inherit ? { true => 'INHERIT', default => 'NOINHERIT' } $createrole_sql = $createrole ? { true => 'CREATEROLE', default => 'NOCREATEROLE' } $createdb_sql = $createdb ? { true => 'CREATEDB', default => 'NOCREATEDB' } $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } $replication_sql = $replication ? { true => 'REPLICATION', default => '' } if ($password_hash != false) { $environment = "NEWPGPASSWD=${password_hash}" $password_sql = "ENCRYPTED PASSWORD '\$NEWPGPASSWD'" } else { $password_sql = '' $environment = [] } Postgresql_psql { db => $db, port => $port, psql_user => $psql_user, psql_group => $psql_group, psql_path => $psql_path, require => [ Postgresql_psql["CREATE ROLE ${username} ENCRYPTED PASSWORD ****"], Class['postgresql::server'], ], } postgresql_psql { "CREATE ROLE ${username} ENCRYPTED PASSWORD ****": command => "CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}", unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}'", environment => $environment, require => Class['Postgresql::Server'], } postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolsuper=${superuser}", } postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcreatedb=${createdb}", } postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcreaterole=${createrole}", } postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcanlogin=${login}", } postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolinherit=${inherit}", } if(versioncmp($version, '9.1') >= 0) { if $replication_sql == '' { postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolreplication=${replication}", } } else { postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolreplication=${replication}", } } } postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolconnlimit=${connection_limit}", } if $password_hash { if($password_hash =~ /^md5.+/) { $pwd_hash_sql = $password_hash } else { $pwd_md5 = md5("${password_hash}${username}") $pwd_hash_sql = "md5${pwd_md5}" } postgresql_psql { "ALTER ROLE ${username} ENCRYPTED PASSWORD ****": command => "ALTER ROLE \"${username}\" ${password_sql}", unless => "SELECT usename FROM pg_shadow WHERE usename='${username}' and passwd='${pwd_hash_sql}'", environment => $environment, } } } puppetlabs-postgresql-4.6.1/manifests/server/schema.pp000644 000765 000024 00000002452 12631567444 025157 0ustar00helencampbellstaff000000 000000 # = Type: postgresql::server::schema # # Create a new schema. See README.md for more details. # # == Requires: # # The database must exist and the PostgreSQL user should have enough privileges # # == Sample Usage: # # postgresql::server::schema {'private': # db => 'template1', # } # define postgresql::server::schema( $db, $owner = undef, $schema = $title, ) { $user = $postgresql::server::user $group = $postgresql::server::group $port = $postgresql::server::port $psql_path = $postgresql::server::psql_path $version = $postgresql::server::_version Postgresql_psql { db => $db, psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, } $schema_title = "Create Schema '${title}'" $authorization = $owner? { undef => '', default => "AUTHORIZATION \"${owner}\"", } $schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}" $unless = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'" postgresql_psql { $schema_title: command => $schema_command, unless => $unless, require => Class['postgresql::server'], } if($owner != undef and defined(Postgresql::Server::Role[$owner])) { Postgresql::Server::Role[$owner]->Postgresql_psql[$schema_title] } } puppetlabs-postgresql-4.6.1/manifests/server/service.pp000644 000765 000024 00000003217 12631567404 025353 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not call directly class postgresql::server::service { $service_ensure = $postgresql::server::service_ensure $service_enable = $postgresql::server::service_enable $service_manage = $postgresql::server::service_manage $service_name = $postgresql::server::service_name $service_provider = $postgresql::server::service_provider $service_status = $postgresql::server::service_status $user = $postgresql::server::user $port = $postgresql::server::port $default_database = $postgresql::server::default_database anchor { 'postgresql::server::service::begin': } if $service_manage { service { 'postgresqld': ensure => $service_ensure, enable => $service_enable, name => $service_name, provider => $service_provider, hasstatus => true, status => $service_status, } if $service_ensure == 'running' { # This blocks the class before continuing if chained correctly, making # sure the service really is 'up' before continuing. # # Without it, we may continue doing more work before the database is # prepared leading to a nasty race condition. postgresql::validate_db_connection { 'validate_service_is_running': run_as => $user, database_name => $default_database, database_port => $port, sleep => 1, tries => 60, create_db_first => false, require => Service['postgresqld'], before => Anchor['postgresql::server::service::end'] } } } anchor { 'postgresql::server::service::end': } } puppetlabs-postgresql-4.6.1/manifests/server/table_grant.pp000644 000765 000024 00000001210 12631567444 026170 0ustar00helencampbellstaff000000 000000 # This resource wraps the grant resource to manage table grants specifically. # See README.md for more details. define postgresql::server::table_grant( $privilege, $table, $db, $role, $port = $postgresql::server::port, $psql_db = undef, $psql_user = undef, $onlyif_exists = false, ) { postgresql::server::grant { "table:${name}": role => $role, db => $db, port => $port, privilege => $privilege, object_type => 'TABLE', object_name => $table, psql_db => $psql_db, psql_user => $psql_user, onlyif_exists => $onlyif_exists, } } puppetlabs-postgresql-4.6.1/manifests/server/tablespace.pp000644 000765 000024 00000002523 12631567444 026021 0ustar00helencampbellstaff000000 000000 # This module creates tablespace. See README.md for more details. define postgresql::server::tablespace( $location, $owner = undef, $spcname = $title ) { $user = $postgresql::server::user $group = $postgresql::server::group $port = $postgresql::server::port $psql_path = $postgresql::server::psql_path Postgresql_psql { psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, } if ($owner == undef) { $owner_section = '' } else { $owner_section = "OWNER \"${owner}\"" } $create_tablespace_command = "CREATE TABLESPACE \"${spcname}\" ${owner_section} LOCATION '${location}'" file { $location: ensure => directory, owner => $user, group => $group, mode => '0700', seluser => 'system_u', selrole => 'object_r', seltype => 'postgresql_db_t', require => Class['postgresql::server'], } $create_ts = "Create tablespace '${spcname}'" postgresql_psql { "Create tablespace '${spcname}'": command => $create_tablespace_command, unless => "SELECT spcname FROM pg_tablespace WHERE spcname='${spcname}'", require => [Class['postgresql::server'], File[$location]], } if($owner != undef and defined(Postgresql::Server::Role[$owner])) { Postgresql::Server::Role[$owner]->Postgresql_psql[$create_ts] } } puppetlabs-postgresql-4.6.1/manifests/repo/apt_postgresql_org.pp000644 000765 000024 00000001446 12631567444 027276 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not use directly class postgresql::repo::apt_postgresql_org inherits postgresql::repo { include ::apt # Here we have tried to replicate the instructions on the PostgreSQL site: # # http://www.postgresql.org/download/linux/debian/ # apt::pin { 'apt.postgresql.org': originator => 'apt.postgresql.org', priority => 500, }-> apt::source { 'apt.postgresql.org': location => 'http://apt.postgresql.org/pub/repos/apt/', release => "${::lsbdistcodename}-pgdg", repos => "main ${postgresql::repo::version}", key => 'B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8', key_source => 'https://www.postgresql.org/media/keys/ACCC4CF8.asc', include_src => false, } Apt::Source['apt.postgresql.org']->Package<|tag == 'postgresql'|> } puppetlabs-postgresql-4.6.1/manifests/repo/yum_postgresql_org.pp000644 000765 000024 00000002042 12631567404 027311 0ustar00helencampbellstaff000000 000000 # PRIVATE CLASS: do not use directly class postgresql::repo::yum_postgresql_org inherits postgresql::repo { $version_parts = split($postgresql::repo::version, '[.]') $package_version = "${version_parts[0]}${version_parts[1]}" $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" file { $gpg_key_path: source => 'puppet:///modules/postgresql/RPM-GPG-KEY-PGDG', before => Yumrepo['yum.postgresql.org'] } if($::operatingsystem == 'Fedora') { $label1 = 'fedora' $label2 = $label1 } else { $label1 = 'redhat' $label2 = 'rhel' } yumrepo { 'yum.postgresql.org': descr => "PostgreSQL ${postgresql::repo::version} \$releasever - \$basearch", baseurl => "http://yum.postgresql.org/${postgresql::repo::version}/${label1}/${label2}-\$releasever-\$basearch", enabled => 1, gpgcheck => 1, gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", proxy => $postgresql::repo::proxy, } Yumrepo['yum.postgresql.org'] -> Package<|tag == 'postgresql'|> } puppetlabs-postgresql-4.6.1/manifests/lib/devel.pp000644 000765 000024 00000001332 12631567404 024246 0ustar00helencampbellstaff000000 000000 # This class installs postgresql development libraries. See README.md for more # details. class postgresql::lib::devel( $package_name = $postgresql::params::devel_package_name, $package_ensure = 'present', $link_pg_config = $postgresql::params::link_pg_config ) inherits postgresql::params { validate_string($package_name) package { 'postgresql-devel': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } if $link_pg_config { if ( $postgresql::params::bindir != '/usr/bin' and $postgresql::params::bindir != '/usr/local/bin') { file { '/usr/bin/pg_config': ensure => link, target => "${postgresql::params::bindir}/pg_config", } } } } puppetlabs-postgresql-4.6.1/manifests/lib/docs.pp000644 000765 000024 00000000606 12631567404 024102 0ustar00helencampbellstaff000000 000000 # This class installs the postgresql-docs See README.md for more # details. class postgresql::lib::docs ( $package_name = $postgresql::params::docs_package_name, $package_ensure = 'present', ) inherits postgresql::params { validate_string($package_name) package { 'postgresql-docs': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } } puppetlabs-postgresql-4.6.1/manifests/lib/java.pp000644 000765 000024 00000000620 12631567404 024067 0ustar00helencampbellstaff000000 000000 # This class installs the postgresql jdbc connector. See README.md for more # details. class postgresql::lib::java ( $package_name = $postgresql::params::java_package_name, $package_ensure = 'present' ) inherits postgresql::params { validate_string($package_name) package { 'postgresql-jdbc': ensure => $package_ensure, name => $package_name, tag => 'postgresql', } } puppetlabs-postgresql-4.6.1/manifests/lib/perl.pp000644 000765 000024 00000000514 12631567404 024112 0ustar00helencampbellstaff000000 000000 # This class installs the perl libs for postgresql. See README.md for more # details. class postgresql::lib::perl( $package_name = $postgresql::params::perl_package_name, $package_ensure = 'present' ) inherits postgresql::params { package { 'perl-DBD-Pg': ensure => $package_ensure, name => $package_name, } } puppetlabs-postgresql-4.6.1/manifests/lib/python.pp000644 000765 000024 00000000526 12631567404 024474 0ustar00helencampbellstaff000000 000000 # This class installs the python libs for postgresql. See README.md for more # details. class postgresql::lib::python( $package_name = $postgresql::params::python_package_name, $package_ensure = 'present' ) inherits postgresql::params { package { 'python-psycopg2': ensure => $package_ensure, name => $package_name, } } puppetlabs-postgresql-4.6.1/lib/puppet/000755 000765 000024 00000000000 12631567457 022143 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/parser/000755 000765 000024 00000000000 12631567457 023437 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/provider/000755 000765 000024 00000000000 12631567457 023775 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/type/000755 000765 000024 00000000000 12631567457 023124 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/type/postgresql_conf.rb000644 000765 000024 00000001140 12631567404 026645 0ustar00helencampbellstaff000000 000000 Puppet::Type.newtype(:postgresql_conf) do @doc = "This type allows puppet to manage postgresql.conf parameters." ensurable newparam(:name) do desc "The postgresql parameter name to manage." isnamevar newvalues(/^[\w\.]+$/) end newproperty(:value) do desc "The value to set for this parameter." end newproperty(:target) do desc "The path to postgresql.conf" defaultto { if @resource.class.defaultprovider.ancestors.include?(Puppet::Provider::ParsedFile) @resource.class.defaultprovider.default_target else nil end } end end puppetlabs-postgresql-4.6.1/lib/puppet/type/postgresql_psql.rb000644 000765 000024 00000010125 12631567444 026706 0ustar00helencampbellstaff000000 000000 Puppet::Type.newtype(:postgresql_psql) do newparam(:name) do desc "An arbitrary tag for your own reference; the name of the message." isnamevar end newproperty(:command) do desc 'The SQL command to execute via psql.' defaultto { @resource[:name] } # If needing to run the SQL command, return a fake value that will trigger # a sync, else return the expected SQL command so no sync takes place def retrieve if @resource.should_run_sql return :notrun else return self.should end end def sync output, status = provider.run_sql_command(value) self.fail("Error executing SQL; psql returned #{status}: '#{output}'") unless status == 0 end end newparam(:unless) do desc "An optional SQL command to execute prior to the main :command; " + "this is generally intended to be used for idempotency, to check " + "for the existence of an object in the database to determine whether " + "or not the main SQL command needs to be executed at all." # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) self.fail("Error evaluating 'unless' clause, returned #{status}: '#{output}'") unless status == 0 result_count = output.strip.to_i self.debug("Found #{result_count} row(s) executing 'unless' clause") result_count > 0 end end newparam(:onlyif) do desc "An optional SQL command to execute prior to the main :command; " + "this is generally intended to be used for idempotency, to check " + "for the existence of an object in the database to determine whether " + "or not the main SQL command needs to be executed at all." # Return true if a matching row is found def matches(value) output, status = provider.run_unless_sql_command(value) status = output.exitcode if status.nil? self.fail("Error evaluating 'onlyif' clause, returned #{status}: '#{output}'") unless status == 0 result_count = output.strip.to_i self.debug("Found #{result_count} row(s) executing 'onlyif' clause") result_count > 0 end end newparam(:db) do desc "The name of the database to execute the SQL command against." end newparam(:port) do desc "The port of the database server to execute the SQL command against." end newparam(:search_path) do desc "The schema search path to use when executing the SQL command" end newparam(:psql_path) do desc "The path to psql executable." defaultto("psql") end newparam(:psql_user) do desc "The system user account under which the psql command should be executed." defaultto("postgres") end newparam(:psql_group) do desc "The system user group account under which the psql command should be executed." defaultto("postgres") end newparam(:cwd, :parent => Puppet::Parameter::Path) do desc "The working directory under which the psql command should be executed." defaultto("/tmp") end newparam(:environment) do desc "Any additional environment variables you want to set for a SQL command. Multiple environment variables should be specified as an array." validate do |values| Array(values).each do |value| unless value =~ /\w+=/ raise ArgumentError, "Invalid environment setting '#{value}'" end end end end newparam(:refreshonly, :boolean => true) do desc "If 'true', then the SQL will only be executed via a notify/subscribe event." defaultto(:false) newvalues(:true, :false) end def should_run_sql(refreshing = false) onlyif_param = @parameters[:onlyif] unless_param = @parameters[:unless] return false if !onlyif_param.nil? && !onlyif_param.value.nil? && !onlyif_param.matches(onlyif_param.value) return false if !unless_param.nil? && !unless_param.value.nil? && unless_param.matches(unless_param.value) return false if !refreshing && @parameters[:refreshonly].value == :true true end def refresh self.property(:command).sync if self.should_run_sql(true) end end puppetlabs-postgresql-4.6.1/lib/puppet/type/postgresql_replication_slot.rb000644 000765 000024 00000000620 12631567404 031274 0ustar00helencampbellstaff000000 000000 Puppet::Type.newtype(:postgresql_replication_slot) do @doc = "Manages Postgresql replication slots. This type allows to create and destroy replication slots to register warm standby replication on a Postgresql master server. " ensurable newparam(:name) do desc "The name of the slot to create. Must be a valid replication slot name." isnamevar newvalues /^[a-z0-9_]+$/ end end puppetlabs-postgresql-4.6.1/lib/puppet/provider/postgresql_conf/000755 000765 000024 00000000000 12631567457 027205 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/provider/postgresql_psql/000755 000765 000024 00000000000 12631567457 027237 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/provider/postgresql_replication_slot/000755 000765 000024 00000000000 12631567457 031632 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/provider/postgresql_replication_slot/ruby.rb000644 000765 000024 00000003474 12631567404 033140 0ustar00helencampbellstaff000000 000000 Puppet::Type.type(:postgresql_replication_slot).provide(:ruby) do # For confinement commands :psql => 'psql' def self.instances run_sql_command('SELECT * FROM pg_replication_slots;')[0].split("\n").select { |l| l =~ /\|/ }.map do |l| name, *others = l.strip.split(/\s+\|\s+/) new({ :name => name, :ensure => :present, }) end end def self.prefetch(resources) instances.each do |i| if slot = resources[i.name] slot.provider = i end end end def exists? @property_hash[:ensure] == :present end def create output = self.class.run_sql_command("SELECT * FROM pg_create_physical_replication_slot('#{resource[:name]}');") if output[1].success? @property_hash[:ensure] = :present else raise Puppet::Error, "Failed to create replication slot #{resource[:name]}:\n#{output[0]}" end end def destroy output = self.class.run_sql_command("SELECT pg_drop_replication_slot('#{resource[:name]}');") if output[1].success? @property_hash[:ensure] = :absent else raise Puppet::Error, "Failed to destroy replication slot #{resource[:name]}:\n#{output[0]}" end end private def self.run_sql_command(sql) command = ['psql', '-t', '-c', sql] self.run_command(command, 'postgres', 'postgres') end def self.run_command(command, user, group) if Puppet::PUPPETVERSION.to_f < 3.4 Puppet::Util::SUIDManager.run_and_capture(command, user, group) else output = Puppet::Util::Execution.execute(command, { :uid => user, :gid => group, :failonfail => false, :combine => true, :override_locale => true, :custom_environment => {} }) [output, $CHILD_STATUS.dup] end end end puppetlabs-postgresql-4.6.1/lib/puppet/provider/postgresql_psql/ruby.rb000644 000765 000024 00000004520 12631567444 030542 0ustar00helencampbellstaff000000 000000 Puppet::Type.type(:postgresql_psql).provide(:ruby) do def run_unless_sql_command(sql) # for the 'unless' queries, we wrap the user's query in a 'SELECT COUNT', # which makes it easier to parse and process the output. run_sql_command('SELECT COUNT(*) FROM (' << sql << ') count') end def run_sql_command(sql) if resource[:search_path] sql = "set search_path to #{Array(resource[:search_path]).join(',')}; #{sql}" end command = [resource[:psql_path]] command.push("-d", resource[:db]) if resource[:db] command.push("-p", resource[:port]) if resource[:port] command.push("-t", "-c", '"' + sql.gsub('"', '\"') + '"') if resource[:cwd] Dir.chdir resource[:cwd] do run_command(command, resource[:psql_user], resource[:psql_group]) end else run_command(command, resource[:psql_user], resource[:psql_group]) end end private def get_environment environment = {} if envlist = resource[:environment] envlist = [envlist] unless envlist.is_a? Array envlist.each do |setting| if setting =~ /^(\w+)=((.|\n)+)$/ env_name = $1 value = $2 if environment.include?(env_name) || environment.include?(env_name.to_sym) warning "Overriding environment setting '#{env_name}' with '#{value}'" end environment[env_name] = value else warning "Cannot understand environment setting #{setting.inspect}" end end end return environment end def run_command(command, user, group) command = command.join ' ' environment = get_environment if Puppet::PUPPETVERSION.to_f < 3.0 require 'puppet/util/execution' Puppet::Util::Execution.withenv environment do Puppet::Util::SUIDManager.run_and_capture(command, user, group) end elsif Puppet::PUPPETVERSION.to_f < 3.4 Puppet::Util.withenv environment do Puppet::Util::SUIDManager.run_and_capture(command, user, group) end else output = Puppet::Util::Execution.execute(command, { :uid => user, :gid => group, :failonfail => false, :combine => true, :override_locale => true, :custom_environment => environment }) [output, $CHILD_STATUS.dup] end end end puppetlabs-postgresql-4.6.1/lib/puppet/provider/postgresql_conf/parsed.rb000644 000765 000024 00000002400 12631567404 030774 0ustar00helencampbellstaff000000 000000 require 'puppet/provider/parsedfile' Puppet::Type.type(:postgresql_conf).provide( :parsed, :parent => Puppet::Provider::ParsedFile, :default_target => '/etc/postgresql.conf', :filetype => :flat ) do desc "Set key/values in postgresql.conf." text_line :comment, :match => /^\s*#/ text_line :blank, :match => /^\s*$/ record_line :parsed, :fields => %w{name value comment}, :optional => %w{comment}, :match => /^\s*([\w\.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$/, :to_line => proc { |h| # simple string and numeric values don't need to be enclosed in quotes if h[:value].is_a?(Fixnum) val = h[:value].to_s else val = h[:value] end dontneedquote = val.match(/^(\w+)$/) dontneedequal = h[:name].match(/^(include|include_if_exists)$/i) str = h[:name].downcase # normalize case str += dontneedequal ? ' ' : ' = ' str += "'" unless dontneedquote && !dontneedequal str += val str += "'" unless dontneedquote && !dontneedequal str += " # #{h[:comment]}" unless (h[:comment].nil? or h[:comment] == :absent) str }, :post_parse => proc { |h| h[:name].downcase! # normalize case h[:value].gsub!(/(^'|'$)/, '') # strip out quotes } end puppetlabs-postgresql-4.6.1/lib/puppet/parser/functions/000755 000765 000024 00000000000 12631567457 025447 5ustar00helencampbellstaff000000 000000 puppetlabs-postgresql-4.6.1/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb000644 000765 000024 00000005057 12631567404 034777 0ustar00helencampbellstaff000000 000000 module Puppet::Parser::Functions newfunction(:postgresql_acls_to_resources_hash, :type => :rvalue, :doc => <<-EOS This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources. It is not intended to be used outside of the postgresql internal classes/defined resources. This function accepts an array of strings that are pg_hba.conf rules. It will return a hash that can be fed into create_resources to create multiple individual pg_hba_rule resources. The second parameter is an identifier that will be included in the namevar to provide uniqueness. It must be a string. The third parameter is an order offset, so you can start the order at an arbitrary starting point. EOS ) do |args| func_name = "postgresql_acls_to_resources_hash()" raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " + "given (#{args.size} for 3)") if args.size != 3 acls = args[0] raise(Puppet::ParseError, "#{func_name}: first argument must be an array") \ unless acls.instance_of? Array id = args[1] raise(Puppet::ParseError, "#{func_name}: second argument must be a string") \ unless id.instance_of? String offset = args[2].to_i raise(Puppet::ParseError, "#{func_name}: third argument must be a number") \ unless offset.instance_of? Fixnum resources = {} acls.each do |acl| index = acls.index(acl) parts = acl.split raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " + "have enough parts") unless parts.length >= 4 resource = { 'type' => parts[0], 'database' => parts[1], 'user' => parts[2], 'order' => format('%03d', offset + index), } if parts[0] == 'local' then resource['auth_method'] = parts[3] if parts.length > 4 then resource['auth_option'] = parts.last(parts.length - 4).join(" ") end else if parts[4] =~ /^\d/ resource['address'] = parts[3] + ' ' + parts[4] resource['auth_method'] = parts[5] if parts.length > 6 then resource['auth_option'] = parts.last(parts.length - 6).join(" ") end else resource['address'] = parts[3] resource['auth_method'] = parts[4] if parts.length > 5 then resource['auth_option'] = parts.last(parts.length - 5).join(" ") end end end resources["postgresql class generated rule #{id} #{index}"] = resource end resources end end puppetlabs-postgresql-4.6.1/lib/puppet/parser/functions/postgresql_escape.rb000644 000765 000024 00000001317 12631567404 031511 0ustar00helencampbellstaff000000 000000 require 'digest/md5' module Puppet::Parser::Functions newfunction(:postgresql_escape, :type => :rvalue, :doc => <<-EOS Safely escapes a string using $$ using a random tag which should be consistent EOS ) do |args| raise(Puppet::ParseError, "postgresql_escape(): Wrong number of arguments " + "given (#{args.size} for 1)") if args.size != 1 password = args[0] if password !~ /\$\$/ retval = "$$#{password}$$" else escape = Digest::MD5.hexdigest(password)[0..5].gsub(/\d/,'') until password !~ /#{escape}/ escape = Digest::MD5.hexdigest(escape)[0..5].gsub(/\d/,'') end retval = "$#{escape}$#{password}$#{escape}$" end retval end end puppetlabs-postgresql-4.6.1/lib/puppet/parser/functions/postgresql_password.rb000644 000765 000024 00000001035 12631567404 032110 0ustar00helencampbellstaff000000 000000 # hash a string as mysql's "PASSWORD()" function would do it require 'digest/md5' module Puppet::Parser::Functions newfunction(:postgresql_password, :type => :rvalue, :doc => <<-EOS Returns the postgresql password hash from the clear text username / password. EOS ) do |args| raise(Puppet::ParseError, "postgresql_password(): Wrong number of arguments " + "given (#{args.size} for 2)") if args.size != 2 username = args[0] password = args[1] 'md5' + Digest::MD5.hexdigest(password + username) end end puppetlabs-postgresql-4.6.1/files/RPM-GPG-KEY-PGDG000644 000765 000024 00000003276 12631567404 023323 0ustar00helencampbellstaff000000 000000 -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.7 (GNU/Linux) mQGiBEeD8koRBACC1VBRsUwGr9gxFFRho9kZpdRUjBJoPhkeOTvp9LzkdAQMFngr BFi6N0ov1kCX7LLwBmDG+JPR7N+XcH9YR1coSHpLVg+JNy2kFDd4zAyWxJafjZ3a 9zFg9Yx+0va1BJ2t4zVcmKS4aOfbgQ5KwIOWUujalQW5Y+Fw39Gn86qjbwCg5dIo tkM0l19h2sx50D027pV5aPsD/2c9pfcFTbMhB0CcKS836GH1qY+NCAdUwPs646ee Ex/k9Uy4qMwhl3HuCGGGa+N6Plyon7V0TzZuRGp/1742dE8IO+I/KLy2L1d1Fxrn XOTBZd8qe6nBwh12OMcKrsPBVBxn+iSkaG3ULsgOtx+HHLfa1/p22L5+GzGdxizr peBuA/90cCp+lYcEwdYaRoFVR501yDOTmmzBc1DrsyWP79QMEGzMqa393G0VnqXt L4pGmunq66Agw2EhPcIt3pDYiCmEt/obdVtSJH6BtmSDB/zYhbE8u3vLP3jfFDa9 KXxgtYj0NvuUVoRmxSKm8jtfmj1L7zoKNz3jl+Ba3L0WxIv4+bRBUG9zdGdyZVNR TCBSUE0gQnVpbGRpbmcgUHJvamVjdCA8cGdzcWxycG1zLWhhY2tlcnNAcGdmb3Vu ZHJ5Lm9yZz6IYAQTEQIAIAUCR4PySgIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheA AAoJEB8W0uFELfD4jnkAoMqd6ZwwsgYHZ3hP9vt+DJt1uDW7AKDbRwP8ESKFhwdJ 8m91RPBeJW/tMLkCDQRHg/JKEAgA64+ZXgcERPYfZYo4p+yMTJAAa9aqnE3U4Ni6 ZMB57GPuEy8NfbNya+HiftO8hoozmJdcI6XFyRBCDUVCdZ8SE+PJdOx2FFqZVIu6 dKnr8ykhgLpNNEFDG3boK9UfLj/5lYQ3Y550Iym1QKOgyrJYeAp6sZ+Nx2PavsP3 nMFCSD67BqAbcLCVQN7a2dAUXfEbfXJjPHXTbo1/kxtzE+KCRTLdXEbSEe3nHO04 K/EgTBjeBUOxnciH5RylJ2oGy/v4xr9ed7R1jJtshsDKMdWApwoLlCBJ63jg/4T/ z/OtXmu4AvmWaJxaTl7fPf2GqSqqb6jLCrQAH7AIhXr9V0zPZwADBQgAlpptNQHl u7euIdIujFwwcxyQGfee6BG+3zaNSEHMVQMuc6bxuvYmgM9r7aki/b0YMfjJBk8v OJ3Eh1vDH/woJi2iJ13vQ21ot+1JP3fMd6NPR8/qEeDnmVXu7QAtlkmSKI9Rdnjz FFSUJrQPHnKsH4V4uvAM+njwYD+VFiwlBPTKNeL8cdBb4tPN2cdVJzoAp57wkZAN VA2tKxNsTJKBi8wukaLWX8+yPHiWCNWItvyB4WCEp/rZKG4A868NM5sZQMAabpLd l4fTiGu68OYgK9qUPZvhEAL2C1jPDVHPkLm+ZsD+90Pe66w9vB00cxXuHLzm8Pad GaCXCY8h3xi6VIhJBBgRAgAJBQJHg/JKAhsMAAoJEB8W0uFELfD4K4cAoJ4yug8y 1U0cZEiF5W25HDzMTtaDAKCaM1m3Cbd+AZ0NGWNg/VvIX9MsPA== =au6K -----END PGP PUBLIC KEY BLOCK----- puppetlabs-postgresql-4.6.1/files/validate_postgresql_connection.sh000644 000765 000024 00000000543 12631567404 030003 0ustar00helencampbellstaff000000 000000 #!/usr/bin/env bash # usage is: validate_db_connection 2 50 psql SLEEP=$1 TRIES=$2 PSQL=$3 STATE=1 for (( c=1; c<=$TRIES; c++ )) do echo $c if [ $c -gt 1 ] then echo 'sleeping' sleep $SLEEP fi /bin/echo "SELECT 1" | $PSQL STATE=$? if [ $STATE -eq 0 ] then exit 0 fi done echo 'Unable to connect to postgresql' exit 1