manifests/server/pghba/pg_hba.pp

## confdroid_postgresql::server::pg_hba.pp
# Module name: confdroid_postgresql
# Author: 12ww1160 (arne_teuke@puppetsoft.com)
# @summary Class manages pg_hba.conf file and line entries through define
#   pg_hba_rule.pp
# @example     confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for role postgres':
#      pl_auth_type        => 'local',
#      pl_auth_database    => 'all',
#      pl_auth_user        => 'postgres',
#      pl_auth_method      => 'trust',
#      pl_auth_order       => '001',
#      pl_auth_option      => '',
#    }
##############################################################################
class confdroid_postgresql::server::pghba::pg_hba (

) inherits confdroid_postgresql::params {
  if $fqdn == $pl_server_fqdn {
    # create the pg_hba.conf file

    concat { $pl_pg_hba_conf:
      ensure => present,
      owner  => 'postgres',
      mode   => '0600',
      notify => Service[$pl_service],
    }

    # manage file header

    concat::fragment { 'pghba_header':
      target  => $pl_pg_hba_conf,
      content => template($pl_pg_hba_conf_erb),
      order   => '000',
    }

    # manage default rules => should go into  external config set
#    confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for role postgres':
#      pl_auth_type        => 'local',
#      pl_auth_database    => 'all',
#      pl_auth_user        => $ql_user_name,
#      pl_auth_method      => 'trust',
#      pl_auth_order       => '001',
#      pl_auth_option      => $ql_auth_option,
#    }

#    confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for all roles':
#      pl_auth_type        => 'local',
#      pl_auth_database    => 'all',
#      pl_auth_user        => 'all',
#      pl_auth_method      => 'trust',
#      pl_auth_order       => '002',
#      pl_auth_option      => $pl_auth_option,
#    }
  }
}
OP#200 replace class names 2025-12-04 19:49:59 +01:00			`## confdroid_postgresql::server::pg_hba.pp`
			`# Module name: confdroid_postgresql`
fix autoload 2025-12-05 14:22:43 +01:00			`# Author: 12ww1160 (arne_teuke@puppetsoft.com)`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`# @summary Class manages pg_hba.conf file and line entries through define`
			`# pg_hba_rule.pp`
OP#200 replace class names 2025-12-04 19:49:59 +01:00			`# @example confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for role postgres':`
fix parameter description see https://gitlab.confdroid.com/internal/confdroid_management/-/issues/235 2025-10-01 15:56:49 +02:00			`# pl_auth_type => 'local',`
			`# pl_auth_database => 'all',`
			`# pl_auth_user => 'postgres',`
			`# pl_auth_method => 'trust',`
			`# pl_auth_order => '001',`
			`# pl_auth_option => '',`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`# }`
			`##############################################################################`
OP#200 replace class names 2025-12-04 19:49:59 +01:00			`class confdroid_postgresql::server::pghba::pg_hba (`
add pg_hba rules 2025-09-28 15:47:55 +02:00
OP#200 replace class names 2025-12-04 19:49:59 +01:00			`) inherits confdroid_postgresql::params {`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`if $fqdn == $pl_server_fqdn {`
			`# create the pg_hba.conf file`

			`concat { $pl_pg_hba_conf:`
			`ensure => present,`
			`owner => 'postgres',`
fix permissions see https://gitlab.confdroid.com/internal/confdroid_management/-/issues/235 2025-10-01 18:31:18 +02:00			`mode => '0600',`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`notify => Service[$pl_service],`
			`}`

			`# manage file header`

fix header names 2025-12-05 14:28:25 +01:00			`concat::fragment { 'pghba_header':`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`target => $pl_pg_hba_conf,`
			`content => template($pl_pg_hba_conf_erb),`
			`order => '000',`
			`}`

			`# manage default rules => should go into external config set`
OP#200 replace class names 2025-12-04 19:49:59 +01:00			`# confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for role postgres':`
fix parameter description see https://gitlab.confdroid.com/internal/confdroid_management/-/issues/235 2025-10-01 15:56:49 +02:00			`# pl_auth_type => 'local',`
			`# pl_auth_database => 'all',`
			`# pl_auth_user => $ql_user_name,`
			`# pl_auth_method => 'trust',`
			`# pl_auth_order => '001',`
			`# pl_auth_option => $ql_auth_option,`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`# }`

OP#200 replace class names 2025-12-04 19:49:59 +01:00			`# confdroid_postgresql::server::pghba::pg_hba_rule { 'local access for all roles':`
fix parameter description see https://gitlab.confdroid.com/internal/confdroid_management/-/issues/235 2025-10-01 15:56:49 +02:00			`# pl_auth_type => 'local',`
			`# pl_auth_database => 'all',`
			`# pl_auth_user => 'all',`
			`# pl_auth_method => 'trust',`
			`# pl_auth_order => '002',`
			`# pl_auth_option => $pl_auth_option,`
add pg_hba rules 2025-09-28 15:47:55 +02:00			`# }`
			`}`
			`}`