Puppet Class: lsys::postgres

Inherits:: lsys::params

Defined in:: manifests/postgres.pp

Summary

PostgreSQL server installation

Overview

PostgreSQL server installation

Examples:

include lsys::postgres

Parameters:

ip_mask_allow_all_users (String) (defaults to: '0.0.0.0/0') —

Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you’d like to allow this, you can override this setting. Set to ‘0.0.0.0/0’ to allow database users to connect from any remote machine, or ‘192.168.0.0/1’ to allow connections from any machine on your local ‘192.168’ subnet. Default value: ‘127.0.0.1/32’.
manage_dnf_module (Boolean) (defaults to: true)
manage_package_repo (Boolean) (defaults to: $lsys::params::postgres_manage_repo)
package_version (Lsys::PGVersion) (defaults to: $lsys::params::postgres_version)
listen_addresses (String) (defaults to: 'localhost')
database_port (Variant[Integer, Pattern[/^[0-9]+$/]]) (defaults to: 5432)
repo_sslverify (Optional[Integer[0,1]]) (defaults to: undef)

# File 'manifests/postgres.pp', line 16

class lsys::postgres (
  Boolean $manage_dnf_module = true,
  Boolean $manage_package_repo = $lsys::params::postgres_manage_repo,
  # https://www.postgresql.org/docs/11/pgupgrade.html
  Lsys::PGVersion $package_version = $lsys::params::postgres_version,
  String $ip_mask_allow_all_users = '0.0.0.0/0',
  String $listen_addresses = 'localhost',
  Variant[Integer, Pattern[/^[0-9]+$/]] $database_port = 5432,
  Optional[Integer[0,1]] $repo_sslverify = undef,
) inherits lsys::params {
  include lsys::repo

  $version_data = split($package_version, '[.]')
  $major_version = $version_data[0]
  $minor_version = $version_data[1]

  $repo_version = $major_version ? {
    '9' => $minor_version ? {
      default => "9.${minor_version}",
    },
    default => $major_version,
  }

  # we can not use maintainer's repo on CentOS 8+ due to issue:
  # All matches were filtered out by modular filtering for argument
  # Therefore we use postgresql:12 dnf module stream
  $_manage_dnf_module = $facts['os']['name'] ? {
    'CentOS' => $facts['os']['release']['major'] ? {
      '6'     => false,
      '7'     => false,
      default => true,
    },
    'Rocky' => true,
    # only CentOS and Rocky supported
    default => false,
  }

  if $manage_dnf_module and $_manage_dnf_module {
    class { 'postgresql::globals':
      manage_package_repo => $manage_package_repo,
      manage_dnf_module   => $_manage_dnf_module,
      version             => $repo_version,
    }
  }
  else {
    class { 'postgresql::globals':
      manage_package_repo => $manage_package_repo,
      version             => $repo_version,
    }
  }

  if $manage_package_repo {
    if $repo_sslverify {
      Yumrepo <| title == 'yum.postgresql.org' |> {
        sslverify => $repo_sslverify,
      }

      Yumrepo <| title == 'pgdg-common' |> {
        sslverify => $repo_sslverify,
      }
    }

    file {
      default: mode => '0600';
      '/etc/yum.repos.d/yum.postgresql.org.repo': ;
      '/etc/yum.repos.d/pgdg-common.repo': ;
    }

    case $facts['os']['family'] {
      'RedHat': {
        Class['postgresql::repo::yum_postgresql_org'] ~> Class['lsys::repo']
      }
      'Debian': {
        Class['postgresql::repo::apt_postgresql_org'] ~> Class['lsys::repo']
      }
      default: {}
    }
  }
  else {
    # remove unmanaged repositories
    file {
      default:
        ensure => 'absent',
        notify => Class['lsys::repo'],
        ;
      '/etc/yum.repos.d/yum.postgresql.org.repo': ;
      '/etc/yum.repos.d/pgdg-common.repo': ;
    }
  }

  class { 'postgresql::server':
    package_ensure          => $package_version,
    ip_mask_allow_all_users => $ip_mask_allow_all_users,
    listen_addresses        => $listen_addresses,
    port                    => $database_port + 0,
  }

  class { 'postgresql::server::contrib': }
}