postgres:
  pg_hba.conf: salt://postgres/pg_hba.conf
  commands:
    initdb: service postgresql initdb

  use_upstream_repo: False

  lookup:
    pkg: 'postgresql-9.3'
    pkg_client: 'postgresql-client-9.3'
    pg_hba: '/etc/postgresql/9.3/main/pg_hba.conf'

  users:
    localUser:
      ensure: present
      password: '98ruj923h4rf'
      createdb: False
      createroles: False
      createuser: False
      inherit: True
      replication: False

    remoteUser:
      ensure: present
      password: '98ruj923h4rf'
      createdb: False
      createroles: False
      createuser: False
      inherit: True
      replication: False

    absentUser:
      ensure: absent
      password: '98ruj923h4rf'
      createdb: False
      createroles: False
      createuser: False
      inherit: True
      replication: False

  # This section cover this ACL management of the pg_hba.conf file.
  # <type>, <database>, <user>, [host], <method>
  acls:
    - ['local', 'db1', 'localUser']
    - ['host', 'db2', 'remoteUser', '123.123.0.0/24']

  databases:
    db1:
      owner: 'localUser'
      user: 'localUser'
      template: 'template0'
      lc_ctype: 'C.UTF-8'
      lc_collate: 'C.UTF-8'
      # optional schemas to enable on database
      schemas:
        uuid_ossp:
          owner: localUser
      # optional extensions to enable on database
      extensions:
        uuid-ossp:
          schema: uuid_ossp
    db2:
      owner: 'localUser'
      user: 'remoteUser'
      template: 'template0'
      lc_ctype: 'C.UTF-8'
      lc_collate: 'C.UTF-8'
      # optional extensions to enable on database
      extensions:
        postgis:
  # This section will append your configuration to postgresql.conf.
  postgresconf: |
    listen_addresses = 'localhost,*'