unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: move pg_hba to hieradata

Browse Source 
- remove hardcoded pg_hba
- move pg_hba to hieradata
This commit is contained in:
Ben Vincent 2025-07-05 11:15:59 +10:00
parent a9faa098ee
commit 00edd627df
3 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hieradata/roles/infra/puppetdb/sql.yaml
View File

@ -15,6 +15,14 @@ profiles::sql::patroni::cluster_name: "patroni-puppetdb-%{facts.environment}"
profiles::sql::patroni::postgres_exporter_enabled: true profiles::sql::patroni::postgres_exporter_enabled: true
profiles::sql::patroni::postgres_exporter_user: postgres_exporter profiles::sql::patroni::postgres_exporter_user: postgres_exporter
profiles::sql::patroni::pgsql_version: "17" profiles::sql::patroni::pgsql_version: "17"
patroni::bootstrap_pg_hba:
- 'local all postgres ident'
- 'host all all 0.0.0.0/0 md5'
- 'host replication repl 0.0.0.0/0 md5'
patroni::pgsql_pg_hba:
- 'local all postgres ident'
- 'host all all 0.0.0.0/0 md5'
- 'host replication repl 0.0.0.0/0 md5'
# FIXME: puppet-python wants to try manage python-dev, which is required by the ceph package # FIXME: puppet-python wants to try manage python-dev, which is required by the ceph package
python::manage_dev_package: false python::manage_dev_package: false

10
hieradata/roles/infra/sql/shared.yaml
View File

@ -15,6 +15,16 @@ profiles::sql::patroni::cluster_name: "patroni-shared-%{facts.environment}"
profiles::sql::patroni::postgres_exporter_enabled: true profiles::sql::patroni::postgres_exporter_enabled: true
profiles::sql::patroni::postgres_exporter_user: postgres_exporter profiles::sql::patroni::postgres_exporter_user: postgres_exporter
profiles::sql::patroni::pgsql_version: "17" profiles::sql::patroni::pgsql_version: "17"
patroni::bootstrap_pg_hba:
- 'local all postgres ident'
- 'host all all 0.0.0.0/0 md5'
- 'host gitea gitea 0.0.0.0/0 scram-sha-256'
- 'host replication repl 0.0.0.0/0 md5'
patroni::pgsql_pg_hba:
- 'local all postgres ident'
- 'host all all 0.0.0.0/0 md5'
- 'host gitea gitea 0.0.0.0/0 scram-sha-256'
- 'host replication repl 0.0.0.0/0 md5'
python::manage_dev_package: false python::manage_dev_package: false

10
site/profiles/manifests/sql/patroni.pp
View File

@ -64,16 +64,6 @@ class profiles::sql::patroni (
pgsql_parameters => { pgsql_parameters => {
'max_connections' => 5000, 'max_connections' => 5000,
}, },
bootstrap_pg_hba => [
'local all postgres ident',
'host all all 0.0.0.0/0 md5',
'host replication repl 0.0.0.0/0 md5',
],
pgsql_pg_hba => [
'local all postgres ident',
'host all all 0.0.0.0/0 md5',
'host replication repl 0.0.0.0/0 md5',
],
superuser_username => $superuser_username, superuser_username => $superuser_username,
superuser_password => $superuser_password, superuser_password => $superuser_password,
replication_username => $replication_username, replication_username => $replication_username,