Merge branch 'master' of https://github.com/saltstack-formulas/postgres-formula into notOSmap

README.rst

@@ -17,12 +17,12 @@ Available states
 ------------
 
 Installs and configures both PostgreSQL server and client with creation of various DB objects in
-the cluster.
+the cluster. This state applies to both Linux and MacOS.
 
 ``postgres.client``
 -------------------
 
-Installs the PostgreSQL client binaries and libraries.
+Installs the PostgreSQL client binaries and libraries on Linux.
 
 ``postgres.manage``
 -------------------
@@ -33,18 +33,18 @@ See ``pillar.example`` file for details.
 ``postgres.python``
 -------------------
 
-Installs the PostgreSQL adapter for Python.
+Installs the PostgreSQL adapter for Python on Linux.
 
 ``postgres.server``
 -------------------
 
-Installs the PostgreSQL server package, prepares the DB cluster and starts the server using
+Installs the PostgreSQL server package on Linux, prepares the DB cluster and starts the server using
 packaged init script, job or unit.
 
 ``postgres.server.image``
 -------------------------
 
-Installs the PostgreSQL server package, prepares the DB cluster and starts the server by issuing
+Installs the PostgreSQL server package on Linux, prepares the DB cluster and starts the server by issuing
 raw ``pg_ctl`` command. The ``postgres:bake_image`` Pillar toggles this behaviour. For example:
 
 .. code:: yaml
@@ -77,12 +77,15 @@ The state relies on the ``postgres:use_upstream_repo`` Pillar value which could
 
 * ``True`` (default): adds the upstream repository to install packages from
 * ``False``: makes sure that the repository configuration is absent
+* ``'postgresapp'`` (MacOS) uses upstream PostgresApp package repository.
+* ``'homebrew'`` (MacOS) uses Homebrew postgres
 
 The ``postgres:version`` Pillar controls which version of the PostgreSQL packages should be
-installed from the upstream repository. Defaults to ``9.5``.
+installed from the upstream Linux repository. Defaults to ``9.5``.
 
 Testing
 =======
+The postgres state was tested on MacOS (El Capitan 10.11.6)
 
 Testing is done with the ``kitchen-salt``.
 

pillar.example

@@ -1,19 +1,34 @@
 postgres:
-  # Set True to configure upstream postgresql.org repository for YUM or APT
+  # UPSTREAM REPO
+  # Set True to configure upstream postgresql.org repository for YUM/APT/ZYPP
   use_upstream_repo: False
-  # Version to install from upstream repository
+  # Version to install from upstream repository (if upstream_repo: True)
-  version: '9.3'
+  version: '9.6'
 
-  # These are Debian/Ubuntu specific package names
+  ### MACOS
-  pkg: 'postgresql-9.3'
+  # Set to 'postgresapp' OR 'homebrew' for MacOS
-  pkg_client: 'postgresql-client-9.3'
+  #use_upstream_repo: 'postgresapp'
+  #use_upstream_repo: 'homebrew'
 
-  # Additional packages to install with PostgreSQL server,
+  # PACKAGE
-  # this should be in a list format
+  # These pillars are typically never required.
+  # pkg: 'postgresql'
+  # pkg_client: 'postgresql-client'
+  # service: postgresql
   pkgs_extra:
     - postgresql-contrib
     - postgresql-plpython
 
+  #'Alternatives system' priority incremental. 0 disables feature.
+  linux:
+    altpriority: 30
+
+  # macos limits
+  limits:
+    soft: 64000
+    hard: 64000
+
+  # POSTGRES
   # Append the lines under this item to your postgresql.conf file.
   # Pay attention to indent exactly with 4 spaces for all lines.
   postgresconf: |
@@ -39,18 +54,20 @@ postgres:
   # If ``acls`` item value is empty ('', [], null), then the contents of
   # ``pg_hba.conf`` file will not be touched at all.
   acls:
+    - ['local', 'db0', 'connuser', 'peer map=users_as_appuser']
     - ['local', 'db1', 'localUser']
     - ['host', 'db2', 'remoteUser', '192.168.33.0/24']
 
+  identity_map:
+    - ['users_as_appuser', 'jdoe', 'connuser']
+    - ['users_as_appuser', 'jsmith', 'connuser']
+
   # Backup extension for configuration files, defaults to ``.bak``.
   # Set ``False`` to stop creation of backups when config files change.
   {%- if salt['status.time']|default(none) is callable %}
   config_backup: ".backup@{{ salt['status.time']('%y-%m-%d_%H:%M:%S') }}"
   {%- endif %}
 
-  # PostgreSQL service name
-  service: postgresql
-
   {%- if grains['init'] == 'unknown' %}
 
   # If Salt is unable to detect init system running in the scope of state run,

postgres/client.sls

@@ -7,41 +7,34 @@
   {%- endif %}
 {%- endfor %}
 
-{%- if postgres.use_upstream_repo %}
+{%- if postgres.use_upstream_repo == true %}
-
 include:
   - postgres.upstream
-
 {%- endif %}
 
 # Install PostgreSQL client and libraries
-
 postgresql-client-libs:
   pkg.installed:
     - pkgs: {{ pkgs }}
-{%- if postgres.use_upstream_repo %}
+{%- if postgres.use_upstream_repo == true %}
     - refresh: True
     - require:
       - pkgrepo: postgresql-repo
 {%- endif %}
 
-{%- if 'bin_dir' in postgres %}
+# Alternatives system. Make client binaries available in $PATH
-
+{%- if 'bin_dir' in postgres and postgres.linux.altpriority %}
-# Make client binaries available in $PATH
+    {%- for bin in postgres.client_bins %}
-
+      {%- set path = salt['file.join'](postgres.bin_dir, bin) %}
-  {%- for bin in postgres.client_bins %}
-
-    {%- set path = salt['file.join'](postgres.bin_dir, bin) %}
 
 {{ bin }}:
   alternatives.install:
     - link: {{ salt['file.join']('/usr/bin', bin) }}
     - path: {{ path }}
-    - priority: 30
+    - priority: {{ postgres.linux.altpriority }}
     - onlyif: test -f {{ path }}
     - require:
       - pkg: postgresql-client-libs
 
-  {%- endfor %}
+    {%- endfor %}
-
 {%- endif %}

postgres/codenamemap.yaml

@@ -16,7 +16,7 @@
   #}
 
   {# use upstream version if configured #}
-  {% if repo.use_upstream_repo %}
+  {% if repo.use_upstream_repo == true %}
     {% set version = repo.version %}
   {% endif %}
 
@@ -49,7 +49,7 @@
   #}
 
   {# use upstream version if configured #}
-  {% if repo.use_upstream_repo %}
+  {% if repo.use_upstream_repo == true %}
     {% set version = repo.version %}
   {% endif %}
 

postgres/defaults.yaml

@@ -7,8 +7,10 @@ postgres:
   pkgs_extra: []
   pkg_client: postgresql-client
   pkg_dev: postgresql-devel
-  pkg_libpq_dev: postgresql-libs
+  pkg_libpq_dev: libpq-dev
-  python: python-psycopg2
+  pkg_libs: postgresql-libs
+  pkg_python: python-psycopg2
+  userhomes: /home
   user: postgres
   group: postgres
 
@@ -16,11 +18,26 @@ postgres:
     command: initdb --pgdata=/var/lib/pgsql/data
     test: test -f /var/lib/pgsql/data/PG_VERSION
     user: postgres
-    env: {}
+    env: []
 
   conf_dir: /var/lib/pgsql/data
   postgresconf: ""
 
+  macos:
+    archive: postgres.dmg
+    tmpdir: /tmp/postgrestmp
+    postgresapp:
+      #See: https://github.com/PostgresApp/PostgresApp/releases/
+      url: https://github.com/PostgresApp/PostgresApp/releases/download/v2.1.1/Postgres-2.1.1.dmg
+      sum: sha256=ac0656b522a58fd337931313f09509c09610c4a6078fe0b8e469e69af1e1750b
+    homebrew:
+      url:
+      sum:
+    dl:
+      opts: -s -L
+      interval: 60
+      retries: 2
+
   pg_hba.conf: salt://postgres/templates/pg_hba.conf.j2
   acls:
     # "local" is for Unix domain socket connections only
@@ -30,6 +47,9 @@ postgres:
     # IPv6 local connections:
     - ['host', 'all', 'all', '::1/128', 'md5']
 
+  pg_ident.conf: salt://postgres/templates/pg_ident.conf.j2
+  identity_map: []
+
   config_backup: '.bak'
 
   service: postgresql
@@ -41,3 +61,7 @@ postgres:
   databases: {}
   schemas: {}
   extensions: {}
+
+  linux:
+    #Alternatives system are disabled by a 'altpriority=0' pillar.
+    altpriority:

postgres/dev.sls

@@ -1,13 +1,59 @@
 {% from "postgres/map.jinja" import postgres with context %}
 
-{% if postgres.pkg_dev %}
+{% if grains.os not in ('Windows', 'MacOS',) %}
+
+  {% if postgres.pkg_dev %}
 install-postgres-dev-package:
   pkg.installed:
     - name: {{ postgres.pkg_dev }}
-{% endif %}
+  {% endif %}
 
-{% if postgres.pkg_libpq_dev %}
+  {% if postgres.pkg_libpq_dev %}
 install-postgres-libpq-dev:
   pkg.installed:
     - name: {{ postgres.pkg_libpq_dev }}
+  {% endif %}
+
+{% endif %}
+
+
+{% if grains.os == 'MacOS' %}
+
+  # Darwin maxfiles limits
+  {% if postgres.limits.soft or postgres.limits.hard %}
+
+postgres_maxfiles_limits_conf:
+  file.managed:
+    - name: /Library/LaunchDaemons/limit.maxfiles.plist
+    - source: salt://postgres/templates/limit.maxfiles.plist
+    - context:
+      soft_limit: {{ postgres.limits.soft or postgres.limits.hard }}
+      hard_limit: {{ postgres.limits.hard or postgres.limits.soft }}
+    - group: {{ postgres.group }}
+  {% endif %}
+
+  {% if postgres.use_upstream_repo == 'postgresapp' %}
+  # Shortcut for PostgresApp
+postgres-desktop-shortcut-clean:
+  file.absent:
+    - name: '{{ postgres.userhomes }}/{{ postgres.user }}/Desktop/Postgres ({{ postgres.use_upstream_repo }})'
+    - require_in:
+      - file: postgres-desktop-shortcut-add
+
+postgres-desktop-shortcut-add:
+  file.managed:
+    - name: /tmp/mac_shortcut.sh
+    - source: salt://postgres/templates/mac_shortcut.sh
+    - mode: 755
+    - template: jinja
+    - context:
+      user: {{ postgres.user }}
+      homes: {{ postgres.userhomes }}
+  cmd.run:
+    - name: '/tmp/mac_shortcut.sh "Postgres ({{ postgres.use_upstream_repo }})"'
+    - runas: {{ postgres.user }}
+    - require:
+      - file: postgres-desktop-shortcut-add
+  {% endif %}
+
 {% endif %}

postgres/init.sls

@@ -1,4 +1,9 @@
+
 include:
+{% if grains.os == 'MacOS' %}
+  - postgres.macos
+{% else %}
   - postgres.server
   - postgres.client
   - postgres.manage
+{% endif %}

postgres/macos/init.sls

@@ -0,0 +1,10 @@
+{% from "postgres/map.jinja" import postgres with context %}
+
+include:
+{% if postgres.use_upstream_repo == 'postgresapp' %}
+  - postgres.macos.postgresapp
+{% elif postgres.use_upstream_repo == 'homebrew' %}
+  - postgres.server
+  - postgres.client
+{% endif %}
+  - postgres.dev

postgres/macos/postgresapp.sls

@@ -0,0 +1,64 @@
+{% from "postgres/map.jinja" import postgres as pg with context %}
+
+# Cleanup first
+pg-remove-prev-archive:
+  file.absent:
+    - name: '{{ pg.macos.tmpdir }}/{{ pg.macos.archive }}'
+    - require_in:
+      - pg-extract-dirs
+
+pg-extract-dirs:
+  file.directory:
+    - names:
+      - '{{ pg.macos.tmpdir }}'
+    - makedirs: True
+    - clean: True
+    - require_in:
+      - pg-download-archive
+
+pg-download-archive:
+  pkg.installed:
+    - name: curl
+  cmd.run:
+    - name: curl {{ pg.macos.dl.opts }} -o '{{ pg.macos.tmpdir }}/{{ pg.macos.archive }}' {{ pg.macos.postgresapp.url }}
+      {% if grains['saltversioninfo'] >= [2017, 7, 0] %}
+    - retry:
+        attempts: {{ pg.macos.dl.retries }}
+        interval: {{ pg.macos.dl.interval }}
+      {% endif %}
+
+  {%- if pg.macos.postgresapp.sum %}
+pg-check-archive-hash:
+   module.run:
+     - name: file.check_hash
+     - path: '{{ pg.macos.tmpdir }}/{{ pg.macos.archive }}'
+     - file_hash: {{ pg.macos.postgresapp.sum }}
+     - onchanges:
+       - cmd: pg-download-archive
+     - require_in:
+       - archive: pg-package-install
+  {%- endif %}
+
+pg-package-install:
+  macpackage.installed:
+    - name: '{{ pg.macos.tmpdir }}/{{ pg.macos.archive }}'
+    - store: True
+    - dmg: True
+    - app: True
+    - force: True
+    - allow_untrusted: True
+    - onchanges:
+      - cmd: pg-download-archive
+    - require_in:
+      - file: pg-package-install
+      - file: pg-remove-archive
+  file.append:
+    - name: {{ pg.userhomes }}/{{ pg.user }}/.bash_profile
+    - text: 'export PATH=$PATH:/Applications/Postgres.app/Contents/Versions/latest/bin'
+
+pg-remove-archive:
+  file.absent:
+    - name: '{{ pg.macos.tmpdir }}'
+    - onchanges:
+      - macpackage: pg-package-install
+

postgres/macros.jinja

@@ -23,6 +23,8 @@
 {{ state }}-{{ name }}:
   {{ state }}.{{ ensure|default('present') }}:
     {{- format_kwargs(kwarg) }}
+    - onchanges:
+      - test: postgres-reload-modules
 
 {%- endmacro %}
 

postgres/manage.sls

@@ -18,7 +18,7 @@ include:
 # Ensure that Salt is able to use postgres modules
 
 postgres-reload-modules:
-  test.nop:
+  test.succeed_with_changes:
     - reload_modules: True
 
 # User states
@@ -26,8 +26,6 @@ postgres-reload-modules:
 {%- for name, user in postgres.users|dictsort() %}
 
 {{ format_state(name, 'postgres_user', user) }}
-    - require:
-      - test: postgres-reload-modules
 
 {%- endfor %}
 
@@ -36,9 +34,8 @@ postgres-reload-modules:
 {%- for name, tblspace in postgres.tablespaces|dictsort() %}
 
 {{ format_state(name, 'postgres_tablespace', tblspace) }}
-    - require:
-      - test: postgres-reload-modules
   {%- if 'owner' in tblspace %}
+    - require:
       - postgres_user: postgres_user-{{ tblspace.owner }}
   {%- endif %}
 
@@ -49,8 +46,9 @@ postgres-reload-modules:
 {%- for name, db in postgres.databases|dictsort() %}
 
 {{ format_state(name, 'postgres_database', db) }}
+  {%- if 'owner' in db or 'tablespace' in db %}
     - require:
-      - test: postgres-reload-modules
+  {%- endif %}
   {%- if 'owner' in db %}
       - postgres_user: postgres_user-{{ db.owner }}
   {%- endif %}
@@ -65,9 +63,8 @@ postgres-reload-modules:
 {%- for name, schema in postgres.schemas|dictsort() %}
 
 {{ format_state(name, 'postgres_schema', schema) }}
-    - require:
-      - test: postgres-reload-modules
   {%- if 'owner' in schema %}
+    - require:
       - postgres_user: postgres_user-{{ schema.owner }}
   {%- endif %}
 
@@ -78,8 +75,9 @@ postgres-reload-modules:
 {%- for name, extension in postgres.extensions|dictsort() %}
 
 {{ format_state(name, 'postgres_extension', extension) }}
+  {%- if 'maintenance_db' in extension or 'schema' in extension %}
     - require:
-      - test: postgres-reload-modules
+  {%- endif %}
   {%- if 'maintenance_db' in extension %}
       - postgres_database: postgres_database-{{ extension.maintenance_db }}
   {%- endif %}

postgres/osfamilymap.yaml

@@ -17,7 +17,6 @@ Debian:
     file: /etc/apt/sources.list.d/pgdg.list
   pkg_repo_keyid: ACCC4CF8
   pkg_dev: postgresql-server-dev-all
-  pkg_libpq_dev: libpq-dev
 
 FreeBSD:
   user: pgsql
@@ -29,16 +28,21 @@ RedHat:
   pkg_repo:
     name: pgdg{{ release }}
     humanname: PostgreSQL {{ repo.version }} $releasever - $basearch
-    baseurl: 'https://download.postgresql.org/pub/repos/yum/{{ repo.version }}/redhat/rhel-$releasever-$basearch'
     gpgcheck: 1
     gpgkey: 'https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG-{{ release }}'
+    {% if grains.os == 'Fedora' %}
+    baseurl: 'https://download.postgresql.org/pub/repos/yum/{{ repo.version }}/fedora/fedora-$releasever-$basearch'
+    {% else %}
+    baseurl: 'https://download.postgresql.org/pub/repos/yum/{{ repo.version }}/redhat/rhel-$releasever-$basearch'
+    {% endif %}
 
-{% if repo.use_upstream_repo %}
+{% if repo.use_upstream_repo == true %}
-
   {% set data_dir = '/var/lib/pgsql/' ~ repo.version ~ '/data' %}
 
   pkg: postgresql{{ release }}-server
   pkg_client: postgresql{{ release }}
+  pkg_libs: postgresql{{ release }}-libs
+  pkg_dev: postgresql{{ release }}-devel
   conf_dir: /var/lib/pgsql/{{ repo.version }}/data
   service: postgresql-{{ repo.version }}
 
@@ -46,7 +50,11 @@ RedHat:
     command: initdb --pgdata='{{ data_dir }}'
     test: test -f '{{ data_dir }}/PG_VERSION'
 
-  # Directory containing PostgreSQL client executables
+  # Alternatives system
+  linux:
+    altpriority: 30
+
+  # directory containing PostgreSQL client executables
   bin_dir: /usr/pgsql-{{ repo.version }}/bin
   client_bins:
     - clusterdb
@@ -89,11 +97,87 @@ RedHat:
   pkg_client: postgresql
 
 {% endif %}
+  pkg_libpq_dev: libpqxx-devel
 
 Suse:
+  pkg_repo:
+    name: pgdg-sles-{{ release }}
+    humanname: PostgreSQL {{ repo.version }} $releasever - $basearch
+    #Using sles-12 upstream repo for opensuse
+    baseurl: 'https://download.postgresql.org/pub/repos/zypp/{{ repo.version }}/suse/sles-12-$basearch'
+    key_url: 'https://download.postgresql.org/pub/repos/zypp/{{ repo.version }}/suse/sles-12-$basearch/repodata/repomd.xml.key'
+    gpgcheck: 1
+    gpgautoimport: True
+
+{% if repo.use_upstream_repo == true %}
+  {% set lib_dir = '/var/lib/pgsql/' ~ repo.version ~ '/data' %}
+
+  pkg: postgresql{{ release }}-server
+  pkg_client: postgresql{{ release }}
+  pkg_dev: postgresql{{ release }}-devel
+  pkg_libs: postgresql{{ release }}-libs
+  conf_dir: {{ lib_dir }}
+  service: postgresql-{{ repo.version }}
+
+  prepare_cluster:
+    command: /usr/pgsql-{{ repo.version }}/bin/initdb --pgdata='{{ lib_dir }}'
+    test: test -f '{{ lib_dir }}/PG_VERSION'
+
+  # Alternatives system
+  linux:
+    altpriority: 30
+
+  # directory containing PostgreSQL client executables
+  bin_dir: /usr/pgsql-{{ repo.version }}/bin
+  client_bins:
+    - pg_archivecleanup
+    - pg_config
+    - pg_isready
+    - pg_receivexlog
+    - pg_rewind
+    - pg_test_fsync
+    - pg_test_timing
+    - pg_upgrade
+    - pg_xlogdump
+    - pgbench
+  server_bins:
+    - initdb
+    - pg_controldata
+    - pg_ctl
+    - pg_resetxlog
+    - postgres
+    - postgresql{{ release }}-check-db-dir
+    - postgresql{{ release }}-setup
+    - postmaster
+
+{% else %}
+
   pkg: postgresql-server
   pkg_client: postgresql
-  pkg_libpq_dev: postgresql
 
+{% endif %}
+  pkg_libpq_dev: libqpxx
+
+{%- if grains.os == 'MacOS' %}
+## jinja check avoids rendering noise/failure on Linux
+MacOS:
+   {%- if repo.use_upstream_repo == 'homebrew' %}
+  service: homebrew.mxcl.postgresql
+   {%- elif repo.use_upstream_repo == 'postgresapp' %}
+  service: com.postgresapp.Postgres2
+   {%- endif %}
+  pkg: postgresql
+  pkg_client:
+  pkg_libpq_dev:
+  userhomes: /Users
+  user: {{ repo.user }}
+  group: {{ repo.group }}
+  conf_dir: /Users/{{ repo.user }}/Library/AppSupport/postgres_{{ repo.use_upstream_repo }}
+  prepare_cluster:
+    command: initdb -D /Users/{{ repo.user }}/Library/AppSupport/postgres_{{ repo.use_upstream_repo }}
+    test: test -f /Users/{{ repo.user }}/Library/AppSupport/postgres_{{ repo.use_upstream_repo }}/PG_VERSION
+    user: {{ repo.user }}
+    group: {{ repo.group }}
+{%- endif %}
 
 # vim: ft=sls

postgres/python.sls

@@ -2,4 +2,4 @@
 
 postgresql-python:
   pkg.installed:
-    - name: {{ postgres.python}}
+    - name: {{ postgres.pkg_python}}

postgres/repo.yaml

@@ -8,4 +8,12 @@ use_upstream_repo: {{ salt['pillar.get']('postgres:use_upstream_repo',
 version: {{ salt['pillar.get']('postgres:version',
                                defaults.postgres.version) }}
 
+#Early lookup for system user on MacOS
+{% if grains.os == 'MacOS' %}
+  {% set sysuser = salt['pillar.get']('postgres.user') or salt['cmd.run']("stat -f '%Su' /dev/console") %}
+  {% set sysgroup = salt['pillar.get']('postgres.group') or salt['cmd.run']("stat -f '%Sg' /dev/console") %}
+user: {{ sysuser }}
+group: {{ sysgroup }}
+{% endif %}
+
 # vim: ft=sls

postgres/server/init.sls

@@ -4,50 +4,55 @@
 {%- if postgres.bake_image %}
   {%- do includes.append('postgres.server.image') %}
 {%- endif %}
-{%- if postgres.use_upstream_repo -%}
+{%- if postgres.use_upstream_repo == true -%}
   {%- do includes.append('postgres.upstream') %}
 {%- endif %}
 
 {%- if includes -%}
-
 include:
   {{ includes|yaml(false)|indent(2) }}
-
 {%- endif %}
 
 {%- set pkgs = [postgres.pkg] + postgres.pkgs_extra %}
-
 # Install, configure and start PostgreSQL server
-
 postgresql-server:
   pkg.installed:
     - pkgs: {{ pkgs }}
-{%- if postgres.use_upstream_repo %}
+{%- if postgres.use_upstream_repo == true %}
     - refresh: True
     - require:
       - pkgrepo: postgresql-repo
 {%- endif %}
+  {%- if grains.os == 'MacOS' %}
+     #Register as Launchd LaunchAgent for system users
+    - require_in:
+      - file: postgresql-server
+  file.managed:
+    - name: /Library/LaunchAgents/{{ postgres.service }}.plist
+    - source: /usr/local/opt/postgres/{{ postgres.service }}.plist
+    - group: wheel
+    - require_in:
+      - service: postgresql-running
+  {%- else %}
 
-{%- if 'bin_dir' in postgres %}
+# Alternatives system. Make server binaries available in $PATH
-
+    {%- if 'bin_dir' in postgres and postgres.linux.altpriority %}
-# Make server binaries available in $PATH
+      {%- for bin in postgres.server_bins %}
-
+        {%- set path = salt['file.join'](postgres.bin_dir, bin) %}
-  {%- for bin in postgres.server_bins %}
-
-    {%- set path = salt['file.join'](postgres.bin_dir, bin) %}
 
 {{ bin }}:
   alternatives.install:
     - link: {{ salt['file.join']('/usr/bin', bin) }}
     - path: {{ path }}
-    - priority: 30
+    - priority: {{ postgres.linux.altpriority }}
     - onlyif: test -f {{ path }}
     - require:
       - pkg: postgresql-server
     - require_in:
       - cmd: postgresql-cluster-prepared
 
-  {%- endfor %}
+      {%- endfor %}
+    {%- endif %}
 
 {%- endif %}
 
@@ -56,7 +61,7 @@ postgresql-cluster-prepared:
     - name: {{ postgres.prepare_cluster.command }}
     - cwd: /
     - runas: {{ postgres.prepare_cluster.user }}
-    - env: {{ postgres.prepare_cluster.env|default({}) }}
+    - env: {{ postgres.prepare_cluster.env }}
     - unless:
       - {{ postgres.prepare_cluster.test }}
     - require:
@@ -67,6 +72,12 @@ postgresql-config-dir:
     - name: {{ postgres.conf_dir }}
     - user: {{ postgres.user }}
     - group: {{ postgres.group }}
+    - dir_mode: 775
+    - force: True
+    - file_mode: 644
+    - recurse:
+      - user
+      - group
     - makedirs: True
     - require:
       - cmd: postgresql-cluster-prepared
@@ -118,6 +129,33 @@ postgresql-pg_hba:
     - require:
       - file: postgresql-config-dir
 
+{%- set pg_ident_path = salt['file.join'](postgres.conf_dir, 'pg_ident.conf') %}
+
+postgresql-pg_ident:
+  file.managed:
+    - name: {{ pg_ident_path }}
+    - user: {{ postgres.user }}
+    - group: {{ postgres.group }}
+    - mode: 600
+{%- if postgres.identity_map %}
+    - source: {{ postgres['pg_ident.conf'] }}
+    - template: jinja
+    - defaults:
+        mappings: {{ postgres.identity_map }}
+  {%- if postgres.config_backup %}
+    # Create the empty file before managing to overcome the limitation of check_cmd
+    - onlyif: test -f {{ pg_ident_path }} || touch {{ pg_ident_path }}
+    # Make a local backup before the file modification
+    - check_cmd: >-
+        salt-call --local file.copy
+        {{ pg_ident_path }} {{ pg_ident_path ~ postgres.config_backup }} remove_existing=true
+  {%- endif %}
+{%- else %}
+    - replace: False
+{%- endif %}
+    - require:
+      - file: postgresql-config-dir
+
 {%- for name, tblspace in postgres.tablespaces|dictsort() %}
 
 postgresql-tablespace-dir-{{ name }}:
@@ -138,13 +176,15 @@ postgresql-tablespace-dir-{{ name }}:
 {%- if not postgres.bake_image %}
 
 # Start PostgreSQL server using OS init
-
 postgresql-running:
   service.running:
     - name: {{ postgres.service }}
     - enable: True
+   {% if grains.os not in ('MacOS',) %}
     - reload: True
+   {% endif %}
     - watch:
       - file: postgresql-pg_hba
+      - file: postgresql-pg_ident
 
 {%- endif %}

postgres/templates/limit.maxfiles.plist

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>  
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"  
+        "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">  
+  <dict>
+    <key>Label</key>
+    <string>limit.maxfiles</string>
+    <key>ProgramArguments</key>
+    <array>
+      <string>/bin/launchctl</string>
+      <string>limit</string>
+      <string>maxfiles</string>
+      <string>{{ soft_limit }}</string>
+      <string>{{ hard_limit }}</string>
+    </array>
+    <key>RunAtLoad</key>
+    <true/>
+    <key>ServiceIPC</key>
+    <false/>
+  </dict>
+</plist> 

postgres/templates/mac_shortcut.sh

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+shortcutName='${1}'
+app="postgres.app"
+Source="/Applications/$app"
+Destination="{{ homes }}/{{ user }}/Desktop/${shortcutName}"
+/usr/bin/osascript -e "tell application \"Finder\" to make alias file to POSIX file \"$Source\" at POSIX file \"$Destination\""
+

postgres/templates/pg_ident.conf.j2

@@ -0,0 +1,51 @@
+######################################################################
+# ATTENTION! Managed by SaltStack.                                   #
+# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN! #
+######################################################################
+#
+# PostgreSQL User Name Maps
+# =========================
+#
+# Refer to the PostgreSQL documentation, chapter "Client
+# Authentication" for a complete description.  A short synopsis
+# follows.
+#
+# This file controls PostgreSQL user name mapping.  It maps external
+# user names to their corresponding PostgreSQL user names.  Records
+# are of the form:
+#
+# MAPNAME  SYSTEM-USERNAME  PG-USERNAME
+#
+# (The uppercase quantities must be replaced by actual values.)
+#
+# MAPNAME is the (otherwise freely chosen) map name that was used in
+# pg_hba.conf.  SYSTEM-USERNAME is the detected user name of the
+# client.  PG-USERNAME is the requested PostgreSQL user name.  The
+# existence of a record specifies that SYSTEM-USERNAME may connect as
+# PG-USERNAME.
+#
+# If SYSTEM-USERNAME starts with a slash (/), it will be treated as a
+# regular expression.  Optionally this can contain a capture (a
+# parenthesized subexpression).  The substring matching the capture
+# will be substituted for \1 (backslash-one) if present in
+# PG-USERNAME.
+#
+# Multiple maps may be specified in this file and used by pg_hba.conf.
+#
+# No map names are defined in the default configuration.  If all
+# system user names and PostgreSQL user names are the same, you don't
+# need anything in this file.
+#
+# This file is read on server startup and when the postmaster receives
+# a SIGHUP signal.  If you edit the file on a running system, you have
+# to SIGHUP the postmaster for the changes to take effect.  You can
+# use "pg_ctl reload" to do that.
+
+# Put your actual configuration here
+# ----------------------------------
+
+# MAPNAME       SYSTEM-USERNAME         PG-USERNAME
+
+{%- for mapping in mappings %}
+{{ '{0:<15} {1:<22} {2}'.format(mapping) -}}
+{% endfor %}

postgres/upstream.sls

@@ -3,7 +3,7 @@
 
 {%- if 'pkg_repo' in postgres -%}
 
-  {%- if postgres.use_upstream_repo -%}
+  {%- if postgres.use_upstream_repo == true -%}
 
 # Add upstream repository for your distro
 postgresql-repo:
@@ -25,9 +25,11 @@ postgresql-repo:
 {%- else -%}
 
 # Notify that we don't manage this distro
+  {% if grains.os not in ('Windows', 'MacOS',) %}
 postgresql-repo:
   test.show_notification:
     - text: |
         PostgreSQL does not provide package repository for {{ grains['osfinger'] }}
+  {% endif %}
 
 {%- endif %}