saltstack-formulas/postgres-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/postgres-formula.git synced 2025-04-16 09:40:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #15 from h3/master

Browse source 
Support for multiple users / databases in Pillar
This commit is contained in:
Seth House 2014-07-27 21:47:52 -06:00
commit 4b5b338304
3 changed files with 88 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
pillar.example
View file

@ -1,13 +1,36 @@
#
# Sample pillar entry to make sure that
# PG 9.3 is installed instead of the default
# 9.1 referenced in this formula
#
postgres: postgres:
lookup:
pkg: postgresql-9.3
pg_hba: '/etc/postgresql/9.3/main/pg_hba.conf'
db:
name: mydb
user: mydb
pg_hba.conf: salt://postgres/pg_hba.conf pg_hba.conf: salt://postgres/pg_hba.conf
lookup:
pkg: 'postgresql-9.3'
pg_hba: '/etc/postgresql/9.3/main/pg_hba.conf'
users:
localUser:
password: '98ruj923h4rf'
createdb: False
remoteUser:
password: '98ruj923h4rf'
createdb: False
# This section cover this ACL management of the pg_hba.conf file.
# <type>, <database>, <user>, [host], <method>
acls:
- ['local', 'db1', 'localUser']
- ['host', 'db2', '123.123.0.0/24', 'remoteUser']
databases:
db1:
owner: 'localUser'
user: 'localUser'
template: 'template0'
lc_ctype: 'C.UTF-8'
lc_collate: 'C.UTF-8'
db2:
owner: 'localUser'
user: 'remoteUser'
template: 'template0'
lc_ctype: 'C.UTF-8'
lc_collate: 'C.UTF-8'

56
postgres/init.sls
View file

@ -1,9 +1,11 @@
{% from "postgres/map.jinja" import postgres with context %} {% from "postgres/map.jinja" import postgres with context %}
postgresql: postgresql:
pkg: pkg:
- installed - installed
- name: {{ postgres.pkg }} - name: {{ postgres.pkg }}
service: service:
- running - running
- enable: true - enable: true
@ -11,6 +13,16 @@ postgresql:
- require: - require:
- pkg: {{ postgres.pkg }} - pkg: {{ postgres.pkg }}
postgresql-server-dev-9.3:
pkg.installed
libpq-dev:
pkg.installed
python-dev:
pkg.installed
{% if 'pg_hba.conf' in pillar.get('postgres', {}) %} {% if 'pg_hba.conf' in pillar.get('postgres', {}) %}
pg_hba.conf: pg_hba.conf:
file.managed: file.managed:
@ -26,25 +38,35 @@ pg_hba.conf:
- service: postgresql - service: postgresql
{% endif %} {% endif %}
{% if 'db' in pillar.get('postgres', {}) %} {% if 'users' in pillar.get('postgres', {}) %}
postgres-app-user: {% for name, user in salt['pillar.get']('postgres:users').items() %}
postgres-user-{{ name }}:
postgres_user.present: postgres_user.present:
- name: {{ salt['pillar.get']('postgres:db:user', 'myuser') }} - name: {{ name }}
- createdb: {{ salt['pillar.get']('postgres:db:createdb', False) }} - createdb: {{ salt['pillar.get']('postgres:users:' + name + ':createdb', False) }}
- password: {{ salt['pillar.get']('postgres:db:password', 'mypass') }} - password: {{ salt['pillar.get']('postgres:users:' + name + ':password', 'changethis') }}
- runas: postgres - runas: postgres
- require: - require:
- service: {{ postgres.service }} - service: {{ postgres.service }}
{% endfor%}
postgres-app-db: {% endif %}
postgres_database.present:
- name: {{ salt['pillar.get']('postgres:db:name', 'mydb') }} {% if 'databases' in pillar.get('postgres', {}) %}
- encoding: UTF8 {% for name, db in salt['pillar.get']('postgres:databases').items() %}
- lc_ctype: en_US.UTF8 postgres-db-{{ name }}:
- lc_collate: en_US.UTF8 postgres_database.present:
- template: template0 - name: {{ name }}
- owner: {{ salt['pillar.get']('postgres:db:user', 'myuser') }} - encoding: {{ salt['pillar.get']('postgres:databases:'+ name +':encoding', 'UTF8') }}
- runas: postgres - lc_ctype: {{ salt['pillar.get']('postgres:databases:'+ name +':lc_ctype', 'en_US.UTF8') }}
- require: - lc_collate: {{ salt['pillar.get']('postgres:databases:'+ name +':lc_collate', 'en_US.UTF8') }}
- postgres_user: postgres-app-user - template: {{ salt['pillar.get']('postgres:databases:'+ name +':template', 'template0') }}
{% if salt['pillar.get']('postgres:databases:'+ name +':owner') %}
- owner: {{ salt['pillar.get']('postgres:databases:'+ name +':owner') }}
{% endif %}
- runas: {{ salt['pillar.get']('postgres:databases:'+ name +':runas', 'postgres') }}
{% if salt['pillar.get']('postgres:databases:'+ name +':user') %}
- require:
- postgres_user: postgres-user-{{ salt['pillar.get']('postgres:databases:'+ name +':user') }}
{% endif %}
{% endfor%}
{% endif %} {% endif %}

17
postgres/pg_hba.conf
View file

@ -1,6 +1,17 @@
# TYPE DATABASE USER ADDRESS METHOD # This section is managed by SaltStack, DO NOT EDIT
#
local {{ pillar['postgres']['db']['name'] }} {{ pillar['postgres']['db']['user'] }} md5 # SALTSTACK
# TYPE DATABASE USER ADDRESS METHOD
{% if 'acls' in pillar.get('postgres', {}) %}
{% for acl in salt['pillar.get']('postgres:acls') %}
{% if acl[0] == 'local' %}
{{ acl[0] }} {{ acl[1] }} {{ acl[2] }} {{ acl[3] if acl|length > 3 else 'md5' }}
{% else %}
{{ acl[0] }} {{ acl[1] }} {{ acl[2] }} {{ acl[3] }} {{ acl[4] if acl|length > 4 else 'md5' }}
{% endif %}
{% endfor %}
{% endif %}
# /SALTSTACK
# DO NOT DISABLE! # DO NOT DISABLE!
# If you change this first entry you will need to make sure that the # If you change this first entry you will need to make sure that the