postgres: # Set True to configure upstream postgresql.org repository for YUM or APT use_upstream_repo: False # Version to install from upstream repository version: '9.3' # These are Debian/Ubuntu specific package names pkg: 'postgresql-9.3' pkg_client: 'postgresql-client-9.3' # Addtional packages to install, this should be in a list format pkgs_extra: - postgresql-contrib - postgresql-plpython # Path to the `pg_hba.conf` file Jinja template on Salt Fileserver pg_hba.conf: salt://postgres/templates/pg_hba.conf.j2 # This section covers ACL management in the `pg_hba.conf` file. # acls list controls: which hosts are allowed to connect, how clients # are authenticated, which PostgreSQL user names they can use, which # databases they can access. Records take one of these forms: # #acls: # - ['local', 'DATABASE', 'USER', 'METHOD'] # - ['host', 'DATABASE', 'USER', 'ADDRESS', 'METHOD'] # - ['hostssl', 'DATABASE', 'USER', 'ADDRESS', 'METHOD'] # - ['hostnossl', 'DATABASE', 'USER', 'ADDRESS', 'METHOD'] # # The uppercase items must be replaced by actual values. # METHOD could be omitted, 'md5' will be appended by default. acls: - ['local', 'db1', 'localUser'] - ['host', 'db2', 'remoteUser', '192.168.33.0/24'] # PostgreSQL service name service: postgresql # Create/remove users, tablespaces, databases, schema and extensions. # Each of these dictionaries contains PostgreSQL entities which # mapped to the `postgres_*` Salt states with arguments. See the Salt # documentaion to get all supported argument for a particular state. # # Format is the following: # #: # NAME: # ensure: # 'present' is the default # ARGUMENT: VALUE # ... # # where 'NAME' is the state name, 'ARGUMENT' is the kwarg name, and # 'VALUE' is kwarg value. # # For example, the Pillar: # #users: # testUser: # password: test # # will render such state: # #postgres_user-testUser: # postgres_user.present: # - name: testUser # - password: test users: localUser: ensure: present password: '98ruj923h4rf' createdb: False createroles: False createuser: False inherit: True replication: False remoteUser: ensure: present password: '98ruj923h4rf' createdb: False createroles: False createuser: False inherit: True replication: False absentUser: ensure: absent tablespaces: my_space: directory: /srv/my_tablespace owner: localUser databases: db1: owner: 'localUser' template: 'template0' lc_ctype: 'en_US.UTF-8' lc_collate: 'en_US.UTF-8' db2: owner: 'remoteUser' template: 'template0' lc_ctype: 'en_US.UTF-8' lc_collate: 'en_US.UTF-8' tablespace: 'my_space' # optional schemas to enable on database schemas: uuid_ossp: dbname: db1 owner: localUser # optional extensions to install in schema extensions: uuid-ossp: schema: uuid_ossp maintenance_db: db1 #postgis: {} # Backup extension defaults to .bak if postgresconf_backup is True. # Set to False to stop creation of backup on postgresql.conf changes. postgresconf_backup: True # This section will append your configuration to postgresql.conf. postgresconf: | listen_addresses = 'localhost,*' # vim: ft=yaml:sw=2