diff --git a/modules/postgresql/CHANGELOG.md b/modules/postgresql/CHANGELOG.md deleted file mode 100644 index a045b2e..0000000 --- a/modules/postgresql/CHANGELOG.md +++ /dev/null @@ -1,572 +0,0 @@ -##2014-04-14 - Supported Release 3.4.0 -###Summary - -This feature rolls up several important features, the biggest being PostGIS -handling and allowing `port` to be set on postgresql::server in order to -change the port that Postgres listens on. We've added support for RHEL7 -and Ubuntu 14.04, as well as allowing you to manage the service via -`service_ensure` finally. - -####Features -- Added `perl_package_name` for installing bindings. -- Added `service_ensure` for allowing control of services. -- Added `postgis_version` and postgis class for installing postgis. -- Added `port` for selecting the port Postgres runs on. -- Add support for RHEL7 and Ubuntu 14.04. -- Add `default_db` to postgresql::server::database. -- Widen the selection of unquoted parameters in postgresql_conf{} -- Require the service within postgresql::server::reload for RHEL7. -- Add `inherit` to postgresql::server::role. - -####Bugfixes - -##2014-03-04 - Supported Release 3.3.3 -###Summary - -This is a supported release. This release removes a testing symlink that can -cause trouble on systems where /var is on a seperate filesystem from the -modulepath. - -####Features -####Bugfixes -####Known Bugs -* SLES is not supported. - -##2014-03-04 - Supported Release 3.3.2 -###Summary -This is a supported release. It fixes a problem with updating passwords on postgresql.org distributed versions of PostgreSQL. - -####Bugfixes -- Correct psql path when setting password on custom versions. -- Documentation updates -- Test updates - -####Known Bugs -* SLES is not supported. - - -##2014-02-12 - Version 3.3.1 -####Bugfix: -- Allow dynamic rubygems host - - -##2014-01-28 - Version 3.3.0 - -###Summary - -This release rolls up a bunch of bugfixes our users have found and fixed for -us over the last few months. This improves things for 9.1 users, and makes -this module usable on FreeBSD. - -This release is dedicated to 'bma', who's suffering with Puppet 3.4.1 issues -thanks to Puppet::Util::SUIDManager.run_and_capture. - -####Features - - Add lc_ config entry settings - - Can pass template at database creation. - - Add FreeBSD support. - - Add support for customer `xlogdir` parameter. - - Switch tests from rspec-system to beaker. (This isn't really a feature) - -####Bugfixes - - Properly fix the deprecated Puppet::Util::SUIDManager.run_and_capture errors. - - Fix NOREPLICATION option for Postgres 9.1 - - Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf - - Add $postgresql::server::client_package_name, referred to by install.pp - - Add missing service_provider/service_name descriptions in ::globals. - - Fix several smaller typos/issues throughout. - - Exec['postgresql_initdb'] needs to be done after $datadir exists - - Prevent defined resources from floating in the catalog. - - Fix granting all privileges on a table. - - Add some missing privileges. - - Remove deprecated and unused concat::fragment parameters. - - -##2013-11-05 - Version 3.2.0 - -###Summary - -Add's support for Ubuntu 13.10 (and 14.04) as well as x, y, z. - -####Features -- Add versions for Ubuntu 13.10 and 14.04. -- Use default_database in validate_db_connection instead of a hardcoded -'postgres' -- Add globals/params layering for default_database. -- Allow specification of default database name. - -####Bugs -- Fixes to the README. - - -##2013-10-25 - Version 3.1.0 - -###Summary - -This is a minor feature and bug fix release. - -Firstly, the postgresql_psql type now includes a new parameter `search_path` which is equivalent to using `set search_path` which allows you to change the default schema search path. - -The default version of Fedora 17 has now been added, so that Fedora 17 users can enjoy the module. - -And finally we've extended the capabilities of the defined type postgresql::validate_db_connection so that now it can handle retrying and sleeping between retries. This feature has been monopolized to fix a bug we were seeing with startup race conditions, but it can also be used by remote systems to 'wait' for PostgreSQL to start before their Puppet run continues. - -####Features -- Defined $default_version for Fedora 17 (Bret Comnes) -- add search_path attribute to postgresql_psql resource (Jeremy Kitchen) -- (GH-198) Add wait and retry capability to validate_db_connection (Ken Barber) - -####Bugs -- enabling defined postgres user password without resetting on every puppet run (jonoterc) -- periods are valid in configuration variables also (Jeremy Kitchen) -- Add zero length string to join() function (Jarl Stefansson) -- add require of install to reload class (cdenneen) -- (GH-198) Fix race condition on postgresql startup (Ken Barber) -- Remove concat::setup for include in preparation for the next concat release (Ken Barber) - - -##2013-10-14 - Version 3.0.0 - -Final release of 3.0, enjoy! - - -##2013-10-14 - Version 3.0.0-rc3 - -###Summary - -Add a parameter to unmanage pg_hba.conf to fix a regression from 2.5, as well -as allowing owner to be passed into x. - -####Features -- `manage_pg_hba_conf` parameter added to control pg_hba.conf management. -- `owner` parameter added to server::db. - - -##2013-10-09 - Version 3.0.0-rc2 - -###Summary - -A few bugfixes have been found since -rc1. - -####Fixes -- Special case for $datadir on Amazon -- Fix documentation about username/password for the postgresql_hash function - - -##2013-10-01 - Version 3.0.0-rc1 - -###Summary - -Version 3 was a major rewrite to fix some internal dependency issues, and to -make the new Public API more clear. As a consequence a lot of things have -changed for version 3 and older revisions that we will try to outline here. - -(NOTE: The format of this CHANGELOG differs to normal in an attempt to -explain the scope of changes) - -* Server specific objects now moved under `postgresql::server::` namespace: - -To restructure server specific elements under the `postgresql::server::` -namespaces the following objects were renamed as such: - -`postgresql::database` -> `postgresql::server::database` -`postgresql::database_grant` -> `postgresql::server::database_grant` -`postgresql::db` -> `postgresql::server::db` -`postgresql::grant` -> `postgresql::server::grant` -`postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` -`postgresql::plperl` -> `postgresql::server::plperl` -`postgresql::contrib` -> `postgresql::server::contrib` -`postgresql::role` -> `postgresql::server::role` -`postgresql::table_grant` -> `postgresql::server::table_grant` -`postgresql::tablespace` -> `postgresql::server::tablespace` - -* New `postgresql::server::config_entry` resource for managing configuration: - -Previously we used the `file_line` resource to modify `postgresql.conf`. This -new revision now adds a new resource named `postgresql::server::config_entry` -for managing this file. For example: - -```puppet - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } -``` - -If you were using `file_line` for this purpose, you should change to this new -methodology. - -* `postgresql_puppet_extras.conf` has been removed: - -Now that we have a methodology for managing `postgresql.conf`, and due to -concerns over the file management methodology using an `exec { 'touch ...': }` -as a way to create an empty file the existing postgresql\_puppet\_extras.conf -file is no longer managed by this module. - -If you wish to recreate this methodology yourself, use this pattern: - -```puppet - class { 'postgresql::server': } - - $extras = "/tmp/include.conf" - - file { $extras: - content => 'max_connections = 123', - notify => Class['postgresql::server::service'], - }-> - postgresql::server::config_entry { 'include': - value => $extras, - } -``` - -* All uses of the parameter `charset` changed to `encoding`: - -Since PostgreSQL uses the terminology `encoding` not `charset` the parameter -has been made consisent across all classes and resources. - -* The `postgresql` base class is no longer how you set globals: - -The old global override pattern was less then optimal so it has been fixed, -however we decided to demark this properly by specifying these overrides in -the class `postgresql::global`. Consult the documentation for this class now -to see what options are available. - -Also, some parameter elements have been moved between this and the -`postgresql::server` class where it made sense. - -* `config_hash` parameter collapsed for the `postgresql::server` class: - -Because the `config_hash` was really passing data through to what was in -effect an internal class (`postgresql::config`). And since we don't want this -kind of internal exposure the parameters were collapsed up into the -`postgresql::server` class directly. - -* Lots of changes to 'private' or 'undocumented' classes: - -If you were using these before, these have changed names. You should only use -what is documented in this README.md, and if you don't have what you need you -should raise a patch to add that feature to a public API. All internal classes -now have a comment at the top indicating them as private to make sure the -message is clear that they are not supported as Public API. - -* `pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules: - -The defaults should be good enough for most cases (if not raise a bug) but if -you simply need an escape hatch, this setting will turn off the defaults. If -you want to do this, it may affect the rest of the module so make sure you -replace the rules with something that continues operation. - -* `postgresql::database_user` has now been removed: - -Use `postgresql::server::role` instead. - -* `postgresql::psql` resource has now been removed: - -Use `postgresql_psql` instead. In the future we may recreate this as a wrapper -to add extra capability, but it will not match the old behaviour. - -* `postgresql_default_version` fact has now been removed: - -It didn't make sense to have this logic in a fact any more, the logic has been -moved into `postgresql::params`. - -* `ripienaar/concat` is no longer used, instead we use `puppetlabs/concat`: - -The older concat module is now deprecated and moved into the -`puppetlabs/concat` namespace. Functionality is more or less identical, but -you may need to intervene during the installing of this package - as both use -the same `concat` namespace. - ---- -##2013-09-09 Release 2.5.0 - -###Summary - -The focus of this release is primarily to capture the fixes done to the -types and providers to make sure refreshonly works properly and to set -the stage for the large scale refactoring work of 3.0.0. - -####Features - - -####Bugfixes -- Use boolean for refreshonly. -- Fix postgresql::plperl documentation. -- Add two missing parameters to config::beforeservice -- Style fixes - - -##2013-08-01 Release 2.4.1 - -###Summary - -This minor bugfix release solves an idempotency issue when using plain text -passwords for the password_hash parameter for the postgresql::role defined -type. Without this, users would continually see resource changes everytime -your run Puppet. - -####Bugfixes -- Alter role call not idempotent with cleartext passwords (Ken Barber) - - -##2013-07-19 Release 2.4.0 - -###Summary - -This updates adds the ability to change permissions on tables, create template -databases from normal databases, manage PL-Perl's postgres package, and -disable the management of `pg_hba.conf`. - -####Features -- Add `postgresql::table_grant` defined resource -- Add `postgresql::plperl` class -- Add `manage_pg_hba_conf` parameter to the `postgresql::config` class -- Add `istemplate` parameter to the `postgresql::database` define - -####Bugfixes -- Update `postgresql::role` class to be able to update roles when modified -instead of only on creation. -- Update tests -- Fix documentation of `postgresql::database_grant` - - -##2.3.0 - -This feature release includes the following changes: - -* Add a new parameter `owner` to the `database` type. This can be used to - grant ownership of a new database to a specific user. (Bruno Harbulot) -* Add support for operating systems other than Debian/RedHat, as long as the - user supplies custom values for all of the required paths, package names, etc. - (Chris Price) -* Improved integration testing (Ken Barber) - - -##2.2.1 - -This release fixes a bug whereby one of our shell commands (psql) were not ran from a globally accessible directory. This was causing permission denied errors when the command attempted to change user without changing directory. - -Users of previous versions might have seen this error: - - Error: Error executing SQL; psql returned 256: 'could not change directory to "/root" - -This patch should correct that. - -#### Detail Changes - -* Set /tmp as default CWD for postgresql_psql - - -##2.2.0 - -This feature release introduces a number of new features and bug fixes. - -First of all it includes a new class named `postgresql::python` which provides you with a convenient way of install the python Postgresql client libraries. - - class { 'postgresql::python': - } - -You are now able to use `postgresql::database_user` without having to specify a password_hash, useful for different authentication mechanisms that do not need passwords (ie. cert, local etc.). - -We've also provided a lot more advanced custom parameters now for greater control of your Postgresql installation. Consult the class documentation for PuppetDB in the README. - -This release in particular has largely been contributed by the community members below, a big thanks to one and all. - -#### Detailed Changes - -* Add support for psycopg installation (Flaper Fesp and Dan Prince) -* Added default PostgreSQL version for Ubuntu 13.04 (Kamil Szymanski) -* Add ability to create users without a password (Bruno Harbulot) -* Three Puppet 2.6 fixes (Dominic Cleal) -* Add explicit call to concat::setup when creating concat file (Dominic Cleal) -* Fix readme typo (Jordi Boggiano) -* Update postgres_default_version for Ubuntu (Kamil Szymanski) -* Allow to set connection for noew role (Kamil Szymanski) -* Fix pg_hba_rule for postgres local access (Kamil Szymanski) -* Fix versions for travis-ci (Ken Barber) -* Add replication support (Jordi Boggiano) -* Cleaned up and added unit tests (Ken Barber) -* Generalization to provide more flexability in postgresql configuration (Karel Brezina) -* Create dependent directory for sudoers so tests work on Centos 5 (Ken Barber) -* Allow SQL commands to be run against a specific DB (Carlos Villela) -* Drop trailing comma to support Puppet 2.6 (Michael Arnold) - - -##2.1.1 - - -This release provides a bug fix for RHEL 5 and Centos 5 systems, or specifically systems using PostgreSQL 8.1 or older. On those systems one would have received the error: - - Error: Could not start Service[postgresqld]: Execution of ‘/sbin/service postgresql start’ returned 1: - -And the postgresql log entry: - - FATAL: unrecognized configuration parameter "include" - -This bug is due to a new feature we had added in 2.1.0, whereby the `include` directive in `postgresql.conf` was not compatible. As a work-around we have added checks in our code to make sure systems running PostgreSQL 8.1 or older do not have this directive added. - -#### Detailed Changes - -2013-01-21 - Ken Barber -* Only install `include` directive and included file on PostgreSQL >= 8.2 -* Add system tests for Centos 5 - - -##2.1.0 - -This release is primarily a feature release, introducing some new helpful constructs to the module. - -For starters, we've added the line `include 'postgresql_conf_extras.conf'` by default so extra parameters not managed by the module can be added by other tooling or by Puppet itself. This provides a useful escape-hatch for managing settings that are not currently managed by the module today. - -We've added a new defined resource for managing your tablespace, so you can now create new tablespaces using the syntax: - - postgresql::tablespace { 'dbspace': - location => '/srv/dbspace', - } - -We've added a locale parameter to the `postgresql` class, to provide a default. Also the parameter has been added to the `postgresql::database` and `postgresql::db` defined resources for changing the locale per database: - - postgresql::db { 'mydatabase': - user => 'myuser', - password => 'mypassword', - encoding => 'UTF8', - locale => 'en_NG', - } - -There is a new class for installing the necessary packages to provide the PostgreSQL JDBC client jars: - - class { 'postgresql::java': } - -And we have a brand new defined resource for managing fine-grained rule sets within your pg_hba.conf access lists: - - postgresql::pg_hba { 'Open up postgresql for access from 200.1.2.0/24': - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - } - -Finally, we've also added Travis-CI support and unit tests to help us iterate faster with tests to reduce regression. The current URL for these tests is here: https://travis-ci.org/puppetlabs/puppet-postgresql. Instructions on how to run the unit tests available are provided in the README for the module. - -A big thanks to all those listed below who made this feature release possible :-). - -#### Detailed Changes - -2013-01-18 - Simão Fontes & Flaper Fesp -* Remove trailing commas from params.pp property definition for Puppet 2.6.0 compatibility - -2013-01-18 - Lauren Rother -* Updated README.md to conform with best practices template - -2013-01-09 - Adrien Thebo -* Update postgresql_default_version to 9.1 for Debian 7.0 - -2013-01-28 - Karel Brezina -* Add support for tablespaces - -2013-01-16 - Chris Price & Karel Brezina -* Provide support for an 'include' config file 'postgresql_conf_extras.conf' that users can modify manually or outside of the module. - -2013-01-31 - jv -* Fix typo in README.pp for postgresql::db example - -2013-02-03 - Ken Barber -* Add unit tests and travis-ci support - -2013-02-02 - Ken Barber -* Add locale parameter support to the 'postgresql' class - -2013-01-21 - Michael Arnold -* Add a class for install the packages containing the PostgreSQL JDBC jar - -2013-02-06 - fhrbek -* Coding style fixes to reduce warnings in puppet-lint and Geppetto - -2013-02-10 - Ken Barber -* Provide new defined resource for managing pg_hba.conf - -2013-02-11 - Ken Barber -* Fix bug with reload of Postgresql on Redhat/Centos - -2013-02-15 - Erik Dalén -* Fix more style issues to reduce warnings in puppet-lint and Geppetto - -2013-02-15 - Erik Dalén -* Fix case whereby we were modifying a hash after creation - - -##2.0.1 - -Minor bugfix release. - -2013-01-16 - Chris Price - * Fix revoke command in database.pp to support postgres 8.1 (43ded42) - -2013-01-15 - Jordi Boggiano - * Add support for ubuntu 12.10 status (3504405) - -##2.0.0 - -Many thanks to the following people who contributed patches to this -release: - -* Adrien Thebo -* Albert Koch -* Andreas Ntaflos -* Brett Porter -* Chris Price -* dharwood -* Etienne Pelletier -* Florin Broasca -* Henrik -* Hunter Haugen -* Jari Bakken -* Jordi Boggiano -* Ken Barber -* nzakaria -* Richard Arends -* Spenser Gilliland -* stormcrow -* William Van Hevelingen - -Notable features: - - * Add support for versions of postgres other than the system default version - (which varies depending on OS distro). This includes optional support for - automatically managing the package repo for the "official" postgres yum/apt - repos. (Major thanks to Etienne Pelletier and - Ken Barber for their tireless efforts and patience on this - feature set!) For example usage see `tests/official-postgresql-repos.pp`. - - * Add some support for Debian Wheezy and Ubuntu Quantal - - * Add new `postgres_psql` type with a Ruby provider, to replace the old - exec-based `psql` type. This gives us much more flexibility around - executing SQL statements and controlling their logging / reports output. - - * Major refactor of the "spec" tests--which are actually more like - acceptance tests. We now support testing against multiple OS distros - via vagrant, and the framework is in place to allow us to very easily add - more distros. Currently testing against Cent6 and Ubuntu 10.04. - - * Fixed a bug that was preventing multiple databases from being owned by the - same user - (9adcd182f820101f5e4891b9f2ff6278dfad495c - Etienne Pelletier ) - - * Add support for ACLs for finer-grained control of user/interface access - (b8389d19ad78b4fb66024897097b4ed7db241930 - dharwood ) - - * Many other bug fixes and improvements! - ---- -##1.0.0 - -2012-09-17 - Version 0.3.0 released - -2012-09-14 - Chris Price - * Add a type for validating a postgres connection (ce4a049) - -2012-08-25 - Jari Bakken - * Remove trailing commas. (e6af5e5) - -2012-08-16 - Version 0.2.0 released diff --git a/modules/postgresql/Gemfile b/modules/postgresql/Gemfile deleted file mode 100644 index d6c55ec..0000000 --- a/modules/postgresql/Gemfile +++ /dev/null @@ -1,19 +0,0 @@ -source ENV['GEM_SOURCE'] || "https://rubygems.org" - -group :development, :test do - gem 'rake', '10.1.1' - gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '~> 1.0' - gem 'rspec', '~> 2.11', :require => false - gem 'puppet-lint', '~> 0.3.2' - gem 'beaker-rspec', :require => false - gem 'serverspec', :require => false -end - -if puppetversion = ENV['PUPPET_GEM_VERSION'] - gem 'puppet', puppetversion, :require => false -else - gem 'puppet', :require => false -end - -# vim:ft=ruby diff --git a/modules/postgresql/Gemfile.lock b/modules/postgresql/Gemfile.lock deleted file mode 100644 index cc3f0aa..0000000 --- a/modules/postgresql/Gemfile.lock +++ /dev/null @@ -1,182 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - CFPropertyList (2.2.8) - addressable (2.3.6) - archive-tar-minitar (0.5.2) - autoparse (0.3.3) - addressable (>= 2.3.1) - extlib (>= 0.9.15) - multi_json (>= 1.0.0) - aws-sdk (1.42.0) - json (~> 1.4) - nokogiri (>= 1.4.4) - beaker (1.15.0) - aws-sdk (= 1.42.0) - blimpy (~> 0.6) - docker-api - fission (~> 0.4) - google-api-client (~> 0.7.1) - inifile (~> 2.0) - json (~> 1.8) - mime-types (~> 1.25) - net-scp (~> 1.1) - net-ssh (~> 2.6) - nokogiri (~> 1.5.10) - rbvmomi (= 1.8.1) - unf (~> 0.1) - beaker-rspec (2.2.6) - beaker (~> 1.10) - rspec - serverspec (~> 1.0) - specinfra (~> 1.0) - blimpy (0.6.7) - fog - minitar - thor - builder (3.2.2) - coderay (1.1.0) - diff-lcs (1.2.5) - docile (1.1.5) - docker-api (1.13.0) - archive-tar-minitar - excon (>= 0.37.0) - json - excon (0.37.0) - extlib (0.9.16) - facter (2.1.0) - CFPropertyList (~> 2.2.6) - faraday (0.9.0) - multipart-post (>= 1.2, < 3) - fission (0.5.0) - CFPropertyList (~> 2.2) - fog (1.22.1) - fog-brightbox - fog-core (~> 1.22) - fog-json - ipaddress (~> 0.5) - nokogiri (~> 1.5, >= 1.5.11) - fog-brightbox (0.1.1) - fog-core (~> 1.22) - fog-json - inflecto - fog-core (1.22.0) - builder - excon (~> 0.33) - formatador (~> 0.2) - mime-types - net-scp (~> 1.1) - net-ssh (>= 2.1.3) - fog-json (1.0.0) - multi_json (~> 1.0) - formatador (0.2.5) - google-api-client (0.7.1) - addressable (>= 2.3.2) - autoparse (>= 0.3.3) - extlib (>= 0.9.15) - faraday (>= 0.9.0) - jwt (>= 0.1.5) - launchy (>= 2.1.1) - multi_json (>= 1.0.0) - retriable (>= 1.4) - signet (>= 0.5.0) - uuidtools (>= 2.1.0) - hiera (1.3.4) - json_pure - highline (1.6.21) - inflecto (0.0.2) - inifile (2.0.2) - ipaddress (0.8.0) - json (1.8.1) - json_pure (1.8.1) - jwt (1.0.0) - launchy (2.4.2) - addressable (~> 2.3) - metaclass (0.0.4) - method_source (0.8.2) - mime-types (1.25.1) - minitar (0.5.4) - mocha (1.1.0) - metaclass (~> 0.0.1) - multi_json (1.10.1) - multipart-post (2.0.0) - net-scp (1.2.1) - net-ssh (>= 2.6.5) - net-ssh (2.9.1) - nokogiri (1.5.11) - pry (0.10.0) - coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) - puppet (3.6.2) - facter (> 1.6, < 3) - hiera (~> 1.0) - json_pure - rgen (~> 0.6.5) - puppet-lint (0.3.2) - puppetlabs_spec_helper (0.6.0) - mocha - puppet-lint - rake - rspec - rspec-puppet - rake (10.3.2) - rbvmomi (1.8.1) - builder - nokogiri (>= 1.4.1) - trollop - retriable (1.4.1) - rgen (0.6.6) - rspec (2.99.0) - rspec-core (~> 2.99.0) - rspec-expectations (~> 2.99.0) - rspec-mocks (~> 2.99.0) - rspec-core (2.99.1) - rspec-expectations (2.99.1) - diff-lcs (>= 1.1.3, < 2.0) - rspec-its (1.0.1) - rspec-core (>= 2.99.0.beta1) - rspec-expectations (>= 2.99.0.beta1) - rspec-mocks (2.99.1) - rspec-puppet (1.0.1) - rspec - serverspec (1.9.1) - highline - net-ssh - rspec (~> 2.13) - rspec-its - specinfra (~> 1.18) - signet (0.5.1) - addressable (>= 2.2.3) - faraday (>= 0.9.0.rc5) - jwt (>= 0.1.5) - multi_json (>= 1.0.0) - simplecov (0.8.2) - docile (~> 1.1.0) - multi_json - simplecov-html (~> 0.8.0) - simplecov-html (0.8.0) - slop (3.5.0) - specinfra (1.20.0) - thor (0.19.1) - trollop (2.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.6) - uuidtools (2.1.4) - -PLATFORMS - ruby - -DEPENDENCIES - beaker - beaker-rspec - facter - pry - puppet - puppet-lint - puppetlabs_spec_helper - rake - rspec-puppet - serverspec - simplecov diff --git a/modules/postgresql/LICENSE b/modules/postgresql/LICENSE deleted file mode 100644 index 7a29c73..0000000 --- a/modules/postgresql/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2013 Puppet Labs - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/modules/postgresql/NOTICE b/modules/postgresql/NOTICE deleted file mode 100644 index c01b463..0000000 --- a/modules/postgresql/NOTICE +++ /dev/null @@ -1,14 +0,0 @@ -Puppetlabs postgresql module - -Copyright 2012 Inkling Systems Inc -Copyright 2012-2013 Puppet Labs Inc -Copyright 2012-2013 Camptocamp SA. - -This product includes software developed by: - The Puppet Labs Inc (http://www.puppetlabs.com/). - -This product includes also software developed by: - Camptocamp SA (http://www.camptocamp.com/) - -This product includes also software developed by: - Inkling Systems Inc (https://www.inkling.com/) diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md deleted file mode 100644 index 64006f9..0000000 --- a/modules/postgresql/README.md +++ /dev/null @@ -1,943 +0,0 @@ -postgresql -========== - -Table of Contents ------------------ - -1. [Overview - What is the PostgreSQL module?](#overview) -2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with PostgreSQL module](#setup) - * [PE 3.2 supported module](#pe-3.2-supported-module) - * [Configuring the server](#configuring-the-server) -4. [Usage - How to use the module for various tasks](#usage) -5. [Upgrading - Guide for upgrading from older revisions of this module](#upgrading) -6. [Reference - The classes, defines,functions and facts available in this module](#reference) -7. [Limitations - OS compatibility, etc.](#limitations) -8. [Development - Guide for contributing to the module](#development) -9. [Disclaimer - Licensing information](#disclaimer) -10. [Transfer Notice - Notice of authorship change](#transfer-notice) -11. [Contributors - List of module contributors](#contributors) - -Overview --------- - -The PostgreSQL module allows you to easily manage postgres databases with Puppet. - -Module Description -------------------- - -PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage PostgreSQL packages and services on several operating systems, while also supporting basic management of PostgreSQL databases and users. The module offers support for managing firewall for postgres ports on RedHat-based distros, as well as support for basic management of common security settings. - -Setup ------ - -**What puppetlabs-PostgreSQL affects:** - -* package/service/configuration files for PostgreSQL -* listened-to ports -* system firewall (optional) -* IP and mask (optional) - -**Introductory Questions** - -The postgresql module offers many security configuration settings. Before getting started, you will want to consider: - -* Do you want/need to allow remote connections? - * If yes, what about TCP connections? -* Would you prefer to work around your current firewall settings or overwrite some of them? -* How restrictive do you want the database superuser's permissions to be? - -Your answers to these questions will determine which of the module's parameters you'll want to specify values for. - -###PE 3.2 supported module - -PE 3.2 introduces Puppet Labs supported modules. The version of the postgresql module that ships within PE 3.2 is supported via normal [Puppet Enterprise support](http://puppetlabs.com/services/customer-support) channels. If you would like to access the [supported module](http://forge.puppetlabs.com/supported) version, you will need to uninstall the shipped module and install the supported version from the Puppet Forge. You can do this by first running - - # puppet module uninstall puppetlabs-postgresql -and then running - - # puppet module install puppetlabs/postgresql - -###Configuring the server - -The main configuration you'll need to do will be around the `postgresql::server` class. The default parameters are reasonable, but fairly restrictive regarding permissions for who can connect and from where. To manage a PostgreSQL server with sane defaults: - - class { 'postgresql::server': } - -For a more customized configuration: - - class { 'postgresql::server': - ip_mask_deny_postgres_user => '0.0.0.0/32', - ip_mask_allow_all_users => '0.0.0.0/0', - listen_addresses => '*', - ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'], - manage_firewall => true, - postgres_password => 'TPSrep0rt!', - } - -Once you've completed your configuration of `postgresql::server`, you can test out your settings from the command line: - - $ psql -h localhost -U postgres - $ psql -h my.postgres.server -U - -If you get an error message from these commands, it means that your permissions are set in a way that restricts access from where you're trying to connect. That might be a good thing or a bad thing, depending on your goals. - -For more details about server configuration parameters consult the [PostgreSQL Runtime Configuration docs](http://www.postgresql.org/docs/9.2/static/runtime-config.html). - -Usage ------ - -###Creating a database - -There are many ways to set up a postgres database using the `postgresql::server::db` class. For instance, to set up a database for PuppetDB: - - class { 'postgresql::server': } - - postgresql::server::db { 'mydatabasename': - user => 'mydatabaseuser', - password => postgresql_password('mydatabaseuser', 'mypassword'), - } - -###Managing users, roles and permissions - -To manage users, roles and permissions: - - class { 'postgresql::server': } - - postgresql::server::role { 'marmot': - password_hash => postgresql_password('marmot', 'mypasswd'), - } - - postgresql::server::database_grant { 'test1': - privilege => 'ALL', - db => 'test1', - role => 'marmot', - } - - postgresql::server::table_grant { 'my_table of test2': - privilege => 'ALL', - table => 'my_table', - db => 'test2', - role => 'marmot', - } - -In this example, you would grant ALL privileges on the test1 database and on the `my_table` table of the test2 database to the user or group specified by dan. - -At this point, you would just need to plunk these database name/username/password values into your PuppetDB config files, and you are good to go. - -Upgrading ---------- - -###Upgrading from 2.x to version 3 - -*Note:* if you are upgrading for 2.x, you *must* read this, as just about everything has changed. - -Version 3 was a major rewrite to fix some internal dependency issues, and to make the new Public API more clear. As a consequence a lot of things have changed for version 3 and older revisions that we will try to outline here. - -####Server specific objects now moved under `postgresql::server::` namespace - -To restructure server specific elements under the `postgresql::server::` namespaces the following objects were renamed as such: - -* `postgresql::database` -> `postgresql::server::database` -* `postgresql::database_grant` -> `postgresql::server::database_grant` -* `postgresql::db` -> `postgresql::server::db` -* `postgresql::grant` -> `postgresql::server::grant` -* `postgresql::pg_hba_rule` -> `postgresql::server::pg_hba_rule` -* `postgresql::plperl` -> `postgresql::server::plperl` -* `postgresql::contrib` -> `postgresql::server::contrib` -* `postgresql::role` -> `postgresql::server::role` -* `postgresql::table_grant` -> `postgresql::server::table_grant` -* `postgresql::tablespace` -> `postgresql::server::tablespace` - -####New `postgresql::server::config_entry` resource for managing configuration - -Previously we used the `file_line` resource to modify `postgresql.conf`. This new revision now adds a new resource named `postgresql::server::config_entry` for managing this file. For example: - - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } - -If you were using `file_line` for this purpose, you should change to this new methodology. - -####`postgresql_puppet_extras.conf` has been removed - -Now that we have a methodology for managing `postgresql.conf`, and due to concerns over the file management methodology using an `exec { 'touch ...': }` as a way to create an empty file the existing postgresql\_puppet\_extras.conf file is no longer managed by this module. - -If you wish to recreate this methodology yourself, use this pattern: - - class { 'postgresql::server': } - - $extras = "/tmp/include.conf" - - file { $extras: - content => 'max_connections = 123', - notify => Class['postgresql::server::service'], - }-> - postgresql::server::config_entry { 'include': - value => $extras, - } - -####All uses of the parameter `charset` changed to `encoding` - -Since PostgreSQL uses the terminology `encoding` not `charset` the parameter has been made consisent across all classes and resources. - -####The `postgresql` base class is no longer how you set globals - -The old global override pattern was less then optimal so it has been fixed, however we decided to demark this properly by specifying these overrides in the class `postgresql::globals`. Consult the documentation for this class now to see what options are available. - -Also, some parameter elements have been moved between this and the `postgresql::server` class where it made sense. - -####`config_hash` parameter collapsed for the `postgresql::server` class - -Because the `config_hash` was really passing data through to what was in effect an internal class (`postgresql::config`). And since we don't want this kind of internal exposure the parameters were collapsed up into the `postgresql::server` class directly. - -####Lots of changes to 'private' or 'undocumented' classes - -If you were using these before, these have changed names. You should only use what is documented in this README.md, and if you don't have what you need you should raise a patch to add that feature to a public API. All internal classes now have a comment at the top indicating them as private to make sure the message is clear that they are not supported as Public API. - -####`pg_hba_conf_defaults` parameter included to turn off default pg\_hba rules - -The defaults should be good enough for most cases (if not raise a bug) but if you simply need an escape hatch, this setting will turn off the defaults. If you want to do this, it may affect the rest of the module so make sure you replace the rules with something that continues operation. - -####`postgresql::database_user` has now been removed - -Use `postgresql::server::role` instead. - -####`postgresql::psql` resource has now been removed - -Use `postgresql_psql` instead. In the future we may recreate this as a wrapper to add extra capability, but it will not match the old behaviour. - -####`postgresql_default_version` fact has now been removed - -It didn't make sense to have this logic in a fact any more, the logic has been moved into `postgresql::params`. - -####`ripienaar/concat` is no longer used, instead we use `puppetlabs/concat` - -The older concat module is now deprecated and moved into the `puppetlabs/concat` namespace. Functionality is more or less identical, but you may need to intervene during the installing of this package - as both use the same `concat` namespace. - -Reference ---------- - -The postgresql module comes with many options for configuring the server. While you are unlikely to use all of the below settings, they allow you a decent amount of control over your security settings. - -Classes: - -* [postgresql::client](#class-postgresqlclient) -* [postgresql::globals](#class-postgresqlglobals) -* [postgresql::lib::devel](#class-postgresqllibdevel) -* [postgresql::lib::java](#class-postgresqllibjava) -* [postgresql::lib::perl](#class-postgresqllibperl) -* [postgresql::lib::python](#class-postgresqllibpython) -* [postgresql::server](#class-postgresqlserver) -* [postgresql::server::plperl](#class-postgresqlserverplperl) -* [postgresql::server::contrib](#class-postgresqlservercontrib) -* [postgresql::server::postgis](#class-postgresqlserverpostgis) - -Resources: - -* [postgresql::server::config_entry](#resource-postgresqlserverconfigentry) -* [postgresql::server::db](#resource-postgresqlserverdb) -* [postgresql::server::database](#resource-postgresqlserverdatabase) -* [postgresql::server::database_grant](#resource-postgresqlserverdatabasegrant) -* [postgresql::server::pg_hba_rule](#resource-postgresqlserverpghbarule) -* [postgresql::server::role](#resource-postgresqlserverrole) -* [postgresql::server::table_grant](#resource-postgresqlservertablegrant) -* [postgresql::server::tablespace](#resource-postgresqlservertablespace) -* [postgresql::validate_db_connection](#resource-postgresqlvalidatedbconnection) - -Functions: - -* [postgresql\_password](#function-postgresqlpassword) -* [postgresql\_acls\_to\_resources\_hash](#function-postgresqlaclstoresourceshashaclarray-id-orderoffset) - - -###Class: postgresql::globals -*Note:* most server specific defaults should be overriden in the `postgresql::server` class. This class should only be used if you are using a non-standard OS or if you are changing elements such as `version` or `manage_package_repo` that can only be changed here. - -This class allows you to configure the main settings for this module in a global way, to be used by the other classes and defined resources. On its own it does nothing. - -For example, if you wanted to overwrite the default `locale` and `encoding` for all classes you could use the following combination: - - class { 'postgresql::globals': - encoding => 'UTF8', - locale => 'en_NG', - }-> - class { 'postgresql::server': - } - -That would make the `encoding` and `locale` the default for all classes and defined resources in this module. - -If you want to use the upstream PostgreSQL packaging, and be specific about the version you wish to download, you could use something like this: - - class { 'postgresql::globals': - manage_package_repo => true, - version => '9.2', - }-> - class { 'postgresql::server': } - -####`client_package_name` -This setting can be used to override the default postgresql client package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`server_package_name` -This setting can be used to override the default postgresql server package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`contrib_package_name` -This setting can be used to override the default postgresql contrib package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`devel_package_name` -This setting can be used to override the default postgresql devel package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`java_package_name` -This setting can be used to override the default postgresql java package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`perl_package_name` -This setting can be used to override the default postgresql Perl package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`plperl_package_name` -This setting can be used to override the default postgresql PL/perl package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`python_package_name` -This setting can be used to override the default postgresql Python package name. If not specified, the module will use whatever package name is the default for your OS distro. - -####`service_ensure` -This setting can be used to override the default postgresql service ensure status. If not specified, the module will use `ensure` instead. - -####`service_name` -This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro. - -####`service_provider` -This setting can be used to override the default postgresql service provider. If not specified, the module will use whatever service provider is the default for your OS distro. - -####`service_status` -This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service status is the default for your OS distro. - -####`default_database` -This setting is used to specify the name of the default database to connect with. On most systems this will be "postgres". - -####`initdb_path` -Path to the `initdb` command. - -####`createdb_path` -Path to the `createdb` command. - -####`psql_path` -Path to the `psql` command. - -####`pg_hba_conf_path` -Path to your `pg\_hba.conf` file. - -####`postgresql_conf_path` -Path to your `postgresql.conf` file. - -####`pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg\_hba.conf`. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic `psql` operations for example. - -####`datadir` -This setting can be used to override the default postgresql data directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. - -####`confdir` -This setting can be used to override the default postgresql configuration directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. - -####`bindir` -This setting can be used to override the default postgresql binaries directory for the target platform. If not specified, the module will use whatever directory is the default for your OS distro. - -####`xlogdir` -This setting can be used to override the default postgresql xlog directory. If not specified the module will use initdb's default path. - -####`user` -This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. - -####`group` -This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'. - -####`version` -The version of PostgreSQL to install/manage. This is a simple way of providing a specific version such as '9.2' or '8.4' for example. - -Defaults to your operating system default. - -####`postgis_version` -The version of PostGIS to install if you install PostGIS. Defaults to the lowest available with the version of PostgreSQL to be installed. - -####`needs_initdb` -This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro. - -####`encoding` -This will set the default encoding encoding for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to the operating system default. - -####`locale` -This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. - -#####Debian - -On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. - -####`firewall_supported` -This allows you to override the automated detection to see if your OS supports the `firewall` module. - -####`manage_package_repo` -If `true` this will setup the official PostgreSQL repositories on your host. Defaults to `false`. - -###Class: postgresql::server -The following list are options that you can set in the `config_hash` parameter of `postgresql::server`. - -####`ensure` -This value default to `present`. When set to `absent` it will remove all packages, configuration and data so use this with extreme caution. - -####`postgres_password` -This value defaults to `undef`, meaning the super user account in the postgres database is a user called `postgres` and this account does not have a password. If you provide this setting, the module will set the password for the `postgres` user to your specified value. - -####`package_name` -The name of the package to use for installing the server software. Defaults to the default for your OS distro. - -####`package_ensure` -Value to pass through to the `package` resource when creating the server instance. Defaults to `undef`. - -####`plperl_package_name` -This sets the default package name for the PL/Perl extension. Defaults to utilising the operating system default. - -####`service_name` -This setting can be used to override the default postgresql service name. If not specified, the module will use whatever service name is the default for your OS distro. - -####`service_name` -This setting can be used to override the default postgresql service provider. If not specified, the module will use whatever service name is the default for your OS distro. - -####`service_status` -This setting can be used to override the default status check command for your PostgreSQL service. If not specified, the module will use whatever service name is the default for your OS distro. - -####`default_database` -This setting is used to specify the name of the default database to connect with. On most systems this will be "postgres". - -####`listen_addresses` -This value defaults to `localhost`, meaning the postgres server will only accept connections from localhost. If you'd like to be able to connect to postgres from remote machines, you can override this setting. A value of `*` will tell postgres to accept connections from any remote machine. Alternately, you can specify a comma-separated list of hostnames or IP addresses. (For more info, have a look at the `postgresql.conf` file from your system's postgres package). - -####`port` -This value defaults to `5432`, meaning the postgres server will listen on TCP port 5432. Note that the same port number is used for all IP addresses the server listens on. - -####`ip_mask_deny_postgres_user` -This value defaults to `0.0.0.0/0`. Sometimes it can be useful to block the superuser account from remote connections if you are allowing other database users to connect remotely. Set this to an IP and mask for which you want to deny connections by the postgres superuser account. So, e.g., the default value of `0.0.0.0/0` will match any remote IP and deny access, so the postgres user won't be able to connect remotely at all. Conversely, a value of `0.0.0.0/32` would not match any remote IP, and thus the deny rule will not be applied and the postgres user will be allowed to connect. - -####`ip_mask_allow_all_users` -This value defaults to `127.0.0.1/32`. By default, Postgres does not allow any database user accounts to connect via TCP from remote machines. If you'd like to allow them to, you can override this setting. You might set it to `0.0.0.0/0` to allow database users to connect from any remote machine, or `192.168.0.0/16` to allow connections from any machine on your local 192.168 subnet. - -####`ipv4acls` -List of strings for access control for connection method, users, databases, IPv4 addresses; see [postgresql documentation](http://www.postgresql.org/docs/9.2/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (please note that the link will take you to documentation for the most recent version of Postgres, however links for earlier versions can be found on that page). - -####`ipv6acls` -List of strings for access control for connection method, users, databases, IPv6 addresses; see [postgresql documentation](http://www.postgresql.org/docs/9.2/static/auth-pg-hba-conf.html) about `pg_hba.conf` for information (please note that the link will take you to documentation for the most recent version of Postgres, however links for earlier versions can be found on that page). - -####`initdb_path` -Path to the `initdb` command. - -####`createdb_path` -Path to the `createdb` command. - -####`psql_path` -Path to the `psql` command. - -####`pg_hba_conf_path` -Path to your `pg\_hba.conf` file. - -####`postgresql_conf_path` -Path to your `postgresql.conf` file. - -####`pg_hba_conf_defaults` -If false, disables the defaults supplied with the module for `pg\_hba.conf`. This is useful if you di -sagree with the defaults and wish to override them yourself. Be sure that your changes of course alig -n with the rest of the module, as some access is required to perform basic `psql` operations for exam -ple. - -####`user` -This setting can be used to override the default postgresql super user and owner of postgresql related files in the file system. If not specified, the module will use the user name 'postgres'. - -####`group` -This setting can be used to override the default postgresql user group to be used for related files in the file system. If not specified, the module will use the group name 'postgres'. - -####`needs_initdb` -This setting can be used to explicitly call the initdb operation after server package is installed and before the postgresql service is started. If not specified, the module will decide whether to call initdb or not depending on your OS distro. - -####`encoding` -This will set the default encoding encoding for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to the operating system default. - -####`locale` -This will set the default database locale for all databases created with this module. On certain operating systems this will be used during the `template1` initialization as well so it becomes a default outside of the module as well. Defaults to `undef` which is effectively `C`. - -#####Debian - -On Debian you'll need to ensure that the 'locales-all' package is installed for full functionality of Postgres. - -####`manage_firewall` -This value defaults to `false`. Many distros ship with a fairly restrictive firewall configuration which will block the port that postgres tries to listen on. If you'd like for the puppet module to open this port for you (using the [puppetlabs-firewall](http://forge.puppetlabs.com/puppetlabs/firewall) module), change this value to true. Check the documentation for `puppetlabs/firewall` to ensure the rest of the global setup is applied, to ensure things like persistence and global rules are set correctly. - -####`manage_pg_hba_conf` -This value defaults to `true`. Whether or not manage the pg_hba.conf. If set to `true`, puppet will overwrite this file. If set to `false`, puppet will not modify the file. - - -###Class: postgresql::client - -This class installs postgresql client software. Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): - -####`package_name` -The name of the postgresql client package. - -####`package_ensure` -The ensure parameter passed on to postgresql client package resource. - - -###Class: postgresql::server::contrib -Installs the postgresql contrib package. - -####`package_name` -The name of the postgresql contrib package. - -####`package_ensure` -The ensure parameter passed on to postgresql contrib package resource. - -###Class: postgresql::server::postgis -Installs the postgresql postgis packages. - -###Class: postgresql::lib::devel -Installs the packages containing the development libraries for PostgreSQL. - -####`package_ensure` -Override for the `ensure` parameter during package installation. Defaults to `present`. - -####`package_name` -Overrides the default package name for the distribution you are installing to. Defaults to `postgresql-devel` or `postgresql-devel` depending on your distro. - - -###Class: postgresql::lib::java -This class installs postgresql bindings for Java (JDBC). Alter the following parameters if you have a custom version you would like to install (Note: don't forget to make sure to add any necessary yum or apt repositories if specifying a custom version): - -####`package_name` -The name of the postgresql java package. - -####`package_ensure` -The ensure parameter passed on to postgresql java package resource. - - -###Class: postgresql::lib::perl -This class installs the postgresql Perl libraries. For customer requirements you can customise the following parameters: - -####`package_name` -The name of the postgresql perl package. - -####`package_ensure` -The ensure parameter passed on to postgresql perl package resource. - - -###Class: postgresql::lib::python -This class installs the postgresql Python libraries. For customer requirements you can customise the following parameters: - -####`package_name` -The name of the postgresql python package. - -####`package_ensure` -The ensure parameter passed on to postgresql python package resource. - - -###Class: postgresql::server::plperl -This class installs the PL/Perl procedural language for postgresql. - -####`package_name` -The name of the postgresql PL/Perl package. - -####`package_ensure` -The ensure parameter passed on to postgresql PL/Perl package resource. - - -###Resource: postgresql::server::config\_entry -This resource can be used to modify your `postgresql.conf` configuration file. - -Each resource maps to a line inside your `postgresql.conf` file, for example: - - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } - -####`namevar` -Name of the setting to change. - -####`ensure` -Set to `absent` to remove an entry. - -####`value` -Value for the setting. - - -###Resource: postgresql::server::db -This is a convenience resource that creates a database, user and assigns necessary permissions in one go. - -For example, to create a database called `test1` with a corresponding user of the same name, you can use: - - postgresql::server::db { 'test1': - user => 'test1', - password => 'test1', - } - -####`namevar` -The namevar for the resource designates the name of the database. - -####`dbname` -The name of the database to be created. Defaults to `namevar`. - -####`user` -User to create and assign access to the database upon creation. Mandatory. - -####`password` -Password for the created user. Mandatory. - -####`encoding` -Override the character set during creation of the database. Defaults to the default defined during installation. - -####`locale` -Override the locale during creation of the database. Defaults to the default defined during installation. - -####`grant` -Grant permissions during creation. Defaults to `ALL`. - -####`tablespace` -The name of the tablespace to allocate this database to. If not specifies, it defaults to the PostgreSQL default. - -####`istemplate` -Define database as a template. Defaults to `false`. - - -###Resource: postgresql::server::database -This defined type can be used to create a database with no users and no permissions, which is a rare use case. - -####`namevar` -The name of the database to create. - -####`dbname` -The name of the database, defaults to the namevar. - -####`owner` -Name of the database user who should be set as the owner of the database. Defaults to the $user variable set in `postgresql::server` or `postgresql::globals`. - -####`tablespace` -Tablespace for where to create this database. Defaults to the defaults defined during PostgreSQL installation. - -####`encoding` -Override the character set during creation of the database. Defaults to the default defined during installation. - -####`locale` -Override the locale during creation of the database. Defaults to the default defined during installation. - -####`istemplate` -Define database as a template. Defaults to `false`. - - -###Resource: postgresql::server::database\_grant -This defined type manages grant based access privileges for users, wrapping the `postgresql::server::database_grant` for database specific permissions. Consult the PostgreSQL documentation for `grant` for more information. - -####`namevar` -Used to uniquely identify this resource, but functionality not used during grant. - -####`privilege` -Can be one of `SELECT`, `TEMPORARY`, `TEMP`, `CONNECT`. `ALL` is used as a synonym for `CREATE`. If you need to add multiple privileges, a space delimited string can be used. - -####`db` -Database to grant access to. - -####`role` -Role or user whom you are granting access for. - -####`psql_db` -Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. - -####`psql_user` -OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. - - -###Resource: postgresql::server::pg\_hba\_rule -This defined type allows you to create an access rule for `pg_hba.conf`. For more details see the [PostgreSQL documentation](http://www.postgresql.org/docs/8.2/static/auth-pg-hba-conf.html). - -For example: - - postgresql::server::pg_hba_rule { 'allow application network to access app database': - description => "Open up postgresql for access from 200.1.2.0/24", - type => 'host', - database => 'app', - user => 'app', - address => '200.1.2.0/24', - auth_method => 'md5', - } - -This would create a ruleset in `pg_hba.conf` similar to: - - # Rule Name: allow application network to access app database - # Description: Open up postgresql for access from 200.1.2.0/24 - # Order: 150 - host app app 200.1.2.0/24 md5 - -####`namevar` -A unique identifier or short description for this rule. The namevar doesn't provide any functional usage, but it is stored in the comments of the produced `pg_hba.conf` so the originating resource can be identified. - -####`description` -A longer description for this rule if required. Defaults to `none`. This description is placed in the comments above the rule in `pg_hba.conf`. - -####`type` -The type of rule, this is usually one of: `local`, `host`, `hostssl` or `hostnossl`. - -####`database` -A comma separated list of databases that this rule matches. - -####`user` -A comma separated list of database users that this rule matches. - -####`address` -If the type is not 'local' you can provide a CIDR based address here for rule matching. - -####`auth_method` -The `auth_method` is described further in the `pg_hba.conf` documentation, but it provides the method that is used for authentication for the connection that this rule matches. - -####`auth_option` -For certain `auth_method` settings there are extra options that can be passed. Consult the PostgreSQL `pg_hba.conf` documentation for further details. - -####`order` -An order for placing the rule in `pg_hba.conf`. Defaults to `150`. - -####`target` -This provides the target for the rule, and is generally an internal only property. Use with caution. - - -###Resource: postgresql::server::role -This resource creates a role or user in PostgreSQL. - -####`namevar` -The role name to create. - -####`password_hash` -The hash to use during password creation. If the password is not already pre-encrypted in a format that PostgreSQL supports, use the `postgresql_password` function to provide an MD5 hash here, for example: - - postgresql::role { "myusername": - password_hash => postgresql_password('myusername', 'mypassword'), - } - -####`createdb` -Whether to grant the ability to create new databases with this role. Defaults to `false`. - -####`createrole` -Whether to grant the ability to create new roles with this role. Defaults to `false`. - -####`login` -Whether to grant login capability for the new role. Defaults to `false`. - -####`inherit` -Whether to grant inherit capability for the new role. Defaults to `true`. - -####`superuser` -Whether to grant super user capability for the new role. Defaults to `false`. - -####`replication` -If `true` provides replication capabilities for this role. Defaults to `false`. - -####`connection_limit` -Specifies how many concurrent connections the role can make. Defaults to `-1` meaning no limit. - -####`username` -The username of the role to create, defaults to `namevar`. - - -###Resource: postgresql::server::table\_grant -This defined type manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information. - -####`namevar` -Used to uniquely identify this resource, but functionality not used during grant. - -####`privilege` -Can be one of `SELECT`, `INSERT`, `UPDATE`, `REFERENCES`. `ALL` is used as a synonym for `CREATE`. If you need to add multiple privileges, a space delimited string can be used. - -####`table` -Table to grant access on. - -####`db` -Database of table. - -####`role` -Role or user whom you are granting access for. - -####`psql_db` -Database to execute the grant against. This should not ordinarily be changed from the default, which is `postgres`. - -####`psql_user` -OS user for running `psql`. Defaults to the default user for the module, usually `postgres`. - - -###Resource: postgresql::server::tablespace -This defined type can be used to create a tablespace. For example: - - postgresql::tablespace { 'tablespace1': - location => '/srv/space1', - } - -It will create the location if necessary, assigning it the same permissions as your -PostgreSQL server. - -####`namevar` -The tablespace name to create. - -####`location` -The path to locate this tablespace. - -####`owner` -The default owner of the tablespace. - -####`spcname` -Name of the tablespace. Defaults to `namevar`. - - -###Resource: postgresql::validate\_db\_connection -This resource can be utilised inside composite manifests to validate that a client has a valid connection with a remote PostgreSQL database. It can be ran from any node where the PostgreSQL client software is installed to validate connectivity before commencing other dependent tasks in your Puppet manifests, so it is often used when chained to other tasks such as: starting an application server, performing a database migration. - -Example usage: - - postgresql::validate_db_connection { 'validate my postgres connection': - database_host => 'my.postgres.host', - database_username => 'mydbuser', - database_password => 'mydbpassword', - database_name => 'mydbname', - }-> - exec { 'rake db:migrate': - cwd => '/opt/myrubyapp', - } - -####`namevar` -Uniquely identify this resource, but functionally does nothing. - -####`database_host` -The hostname of the database you wish to test. Defaults to 'undef' which generally uses the designated local unix socket. - -####`database_port` -Port to use when connecting. Default to 'undef' which generally defaults to 5432 depending on your PostgreSQL packaging. - -####`database_name` -The name of the database you wish to test. Defaults to 'postgres'. - -####`database_username` -Username to connect with. Defaults to 'undef', which when using a unix socket and ident auth will be the user you are running as. If the host is remote you must provide a username. - -####`database_password` -Password to connect with. Can be left blank, but that is not recommended. - -####`run_as` -The user to run the `psql` command with for authenticiation. This is important when trying to connect to a database locally using Unix sockets and `ident` authentication. It is not needed for remote testing. - -####`sleep` -Upon failure, sets the number of seconds to sleep for before trying again. - -####`tries` -Upon failure, sets the number of attempts before giving up and failing the resource. - -####`create_db_first` -This will ensure the database is created before running the test. This only really works if your test is local. Defaults to `true`. - - -###Function: postgresql\_password -If you need to generate a postgres encrypted password, use `postgresql_password`. You can call it from your production manifests if you don't mind them containing the clear text versions of your passwords, or you can call it from the command line and then copy and paste the encrypted password into your manifest: - - $ puppet apply --execute 'notify { "test": message => postgresql_password("username", "password") }' - -###Function: postgresql\_acls\_to\_resources\_hash(acl\_array, id, order\_offset) -This internal function converts a list of `pg_hba.conf` based acls (passed in as an array of strings) to a format compatible with the `postgresql::pg_hba_rule` resource. - -**This function should only be used internally by the module**. - -Limitations ------------- - -Works with versions of PostgreSQL from 8.1 through 9.2. - -Current it is only actively tested with the following operating systems: - -* Debian 6.x and 7.x -* Centos 5.x, 6.x, and 7.x. -* Ubuntu 10.04 and 12.04, 14.04 - -Although patches are welcome for making it work with other OS distros, it is considered best effort. - -### Postgis support - -Postgis is currently considered an unsupported feature as it doesn't work on -all platforms correctly. - -### All versions of RHEL/Centos - -If you have selinux enabled you must add any custom ports you use to the postgresql_port_t context. You can do this as follows: - -``` -# semanage port -a -t postgresql_port_t -p tcp $customport -``` - -Development ------------- - -Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. - -We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. - -You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) - -### Tests - -There are two types of tests distributed with the module. Unit tests with rspec-puppet and system tests using rspec-system. - -For unit testing, make sure you have: - -* rake -* bundler - -Install the necessary gems: - - bundle install --path=vendor - -And then run the unit tests: - - bundle exec rake spec - -The unit tests are ran in Travis-CI as well, if you want to see the results of your own tests regsiter the service hook through Travis-CI via the accounts section for your Github clone of this project. - -If you want to run the system tests, make sure you also have: - -* vagrant > 1.2.x -* Virtualbox > 4.2.10 - -Then run the tests using: - - bundle exec rspec spec/acceptance - -To run the tests on different operating systems, see the sets available in .nodeset.yml and run the specific set with the following syntax: - - RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance - -Transfer Notice ----------------- - -This Puppet module was originally authored by Inkling Systems. The maintainer preferred that Puppet Labs take ownership of the module for future improvement and maintenance as Puppet Labs is using it in the PuppetDB module. Existing pull requests and issues were transferred over, please fork and continue to contribute here instead of Inkling. - -Previously: [https://github.com/inkling/puppet-postgresql](https://github.com/inkling/puppet-postgresql) - -Contributors ------------- - - * Andrew Moon - * [Kenn Knowles](https://github.com/kennknowles) ([@kennknowles](https://twitter.com/KennKnowles)) - * Adrien Thebo - * Albert Koch - * Andreas Ntaflos - * Bret Comnes - * Brett Porter - * Chris Price - * dharwood - * Etienne Pelletier - * Florin Broasca - * Henrik - * Hunter Haugen - * Jari Bakken - * Jordi Boggiano - * Ken Barber - * nzakaria - * Richard Arends - * Spenser Gilliland - * stormcrow - * William Van Hevelingen diff --git a/modules/postgresql/Rakefile b/modules/postgresql/Rakefile deleted file mode 100644 index 3e7d005..0000000 --- a/modules/postgresql/Rakefile +++ /dev/null @@ -1,11 +0,0 @@ -require 'rubygems' -require 'bundler/setup' - -Bundler.require :default - -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' - -task :default do - sh %{rake -T} -end diff --git a/modules/postgresql/checksums.json b/modules/postgresql/checksums.json deleted file mode 100644 index fb85e9f..0000000 --- a/modules/postgresql/checksums.json +++ /dev/null @@ -1,115 +0,0 @@ -{ - "CHANGELOG.md": "0988b5bdb4105331ab66e5cb1903af20", - "Gemfile": "e9062e0fb5e3006b5f45f6083992cbdc", - "Gemfile.lock": "04ba92c1e89b28bb0d2b66585413a00f", - "LICENSE": "746fe83ebbf8970af0a9ea13962293e9", - "NOTICE": "d8ffc52f00e00877b45d2b77e709f69e", - "README.md": "a9ecd5d8104851cd25a93d325b2d3d4f", - "Rakefile": "c4f5c8ac6adc0eb4530c4b3d10cb7da0", - "files/RPM-GPG-KEY-PGDG": "78b5db170d33f80ad5a47863a7476b22", - "files/validate_postgresql_connection.sh": "20301932819f035492a30880f5bf335a", - "lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb": "d518a7959b950874820a3b0a7a324488", - "lib/puppet/parser/functions/postgresql_escape.rb": "2e136fcd653ab38d831c5b40806d47d1", - "lib/puppet/parser/functions/postgresql_password.rb": "820da02a888ab42357fe9bc2352b1c37", - "lib/puppet/provider/postgresql_conf/parsed.rb": "53cacac5630209bd4a4ea62433fba764", - "lib/puppet/provider/postgresql_psql/ruby.rb": "7c84a41473c41edba2c2526843c00fbf", - "lib/puppet/type/postgresql_conf.rb": "4f333138a3689f9768e7fe4bc3cde9fd", - "lib/puppet/type/postgresql_psql.rb": "9bdcc5809a2afd9c0d67d7f66f406504", - "manifests/client.pp": "f9bc3a578017fe8eb881de2255bdc023", - "manifests/globals.pp": "f4ecf66904a776116251c9c77c6582cc", - "manifests/lib/devel.pp": "94ae7eac3acf1dd3072d481eca4d2d7f", - "manifests/lib/java.pp": "6e4a2187c2b4caecad8098b46e99c8e0", - "manifests/lib/perl.pp": "5213fb4284f041fe28a22d68119f646d", - "manifests/lib/python.pp": "90736f86301c4c6401ec1180c176b616", - "manifests/params.pp": "44185cc010c3ec4c9499c5f78c214ed5", - "manifests/repo/apt_postgresql_org.pp": "5499d3c362a5297a2a63386c0157fb91", - "manifests/repo/yum_postgresql_org.pp": "e0c445f877cdb39774b735417c967d1d", - "manifests/repo.pp": "a18a5cb760dbb1e10bdd83730300c1fe", - "manifests/server/config.pp": "584bbe930bf30631bdf5c62bea2e3aea", - "manifests/server/config_entry.pp": "d7d6e532ddca64f876085721b4bf4dbb", - "manifests/server/contrib.pp": "3112bd1edbed51b68e1402027f9d53b1", - "manifests/server/database.pp": "66639c9579ae5572d1d39a03256370c1", - "manifests/server/database_grant.pp": "66e5470bb932b087b540c444ee49941b", - "manifests/server/db.pp": "796d0ca0b28c87175e42d0671f32c3ea", - "manifests/server/firewall.pp": "524f43b8d50160a6434bee347836c166", - "manifests/server/grant.pp": "b2ac20bf9fecb640c7fe6eba603d6e1b", - "manifests/server/initdb.pp": "215f84f3d9931372190d9928832e315a", - "manifests/server/install.pp": "3b67ca28ca49dc54081d859b8bad3050", - "manifests/server/passwd.pp": "197af62ecfcbd0982aa6563f2579d8bc", - "manifests/server/pg_hba_rule.pp": "f8e203ac4ea5a18ba065a47c8410f165", - "manifests/server/plperl.pp": "d6a2e2f0c93c7b543e9db64202c2e48d", - "manifests/server/postgis.pp": "4c2de08074b473a6fc6d240a3def1d03", - "manifests/server/reload.pp": "a5310d0d598c7e4c90926524bed19133", - "manifests/server/role.pp": "4e549d109b433e398a91fff402f0bff3", - "manifests/server/service.pp": "100d9026722ee7e1a1f97c3139125b6e", - "manifests/server/table_grant.pp": "7fbf5eafa4e5191b93195b07ef839bf9", - "manifests/server/tablespace.pp": "a7aca8e596fd05817957b8bb73e29336", - "manifests/server.pp": "2cbebd09a1a607fe93794534c65a49af", - "manifests/validate_db_connection.pp": "b0056a7dd2fa7a8fad3d7b7aab3a77fd", - "metadata.json": "0b22f02f59d02cb514a5222555161254", - "spec/acceptance/client_spec.rb": "5fc4174c010624f52d57ee9cefb44da7", - "spec/acceptance/common_patterns_spec.rb": "994e6117a54cbe96402a4c98686c3929", - "spec/acceptance/contrib_spec.rb": "efeaff22f5119067e0d0150edd9630e8", - "spec/acceptance/lib/devel_spec.rb": "8ff9ed46602e54b173dcd144394dddd4", - "spec/acceptance/lib/java_spec.rb": "46cec8b3fbc4a14172a4445ba351f0f8", - "spec/acceptance/lib/perl_spec.rb": "7ddfba081b4edfc68a2e72e04872578e", - "spec/acceptance/lib/python_spec.rb": "2b311428d59918c8a0bd11b0188e6af5", - "spec/acceptance/nodesets/centos-510-x64.yml": "5698f7e61292730c603e03f64fe19359", - "spec/acceptance/nodesets/centos-59-x64.yml": "57eb3e471b9042a8ea40978c467f8151", - "spec/acceptance/nodesets/centos-64-x64-pe.yml": "ec075d95760df3d4702abea1ce0a829b", - "spec/acceptance/nodesets/centos-64-x64.yml": "9cde7b5d2ab6a42366d2344c264d6bdc", - "spec/acceptance/nodesets/debian-607-x64.yml": "d566bf76f534e2af7c9a4605316d232c", - "spec/acceptance/nodesets/debian-73-x64.yml": "ba5a75e27644c48ad8f3564fb6d372a7", - "spec/acceptance/nodesets/default.yml": "9cde7b5d2ab6a42366d2344c264d6bdc", - "spec/acceptance/nodesets/ubuntu-server-10044-x64.yml": "dc0da2d2449f66c8fdae16593811504f", - "spec/acceptance/nodesets/ubuntu-server-12042-x64.yml": "78a3ee42652e26119d90aa62586565b2", - "spec/acceptance/nodesets/ubuntu-server-1404-x64.yml": "ea006afd1329a2d7a8e35d8287ec1658", - "spec/acceptance/postgresql_psql_spec.rb": "2726a4198506325845281f9540a45711", - "spec/acceptance/server/config_entry_spec.rb": "3b90a260d01ff028131d4f6eabdb354a", - "spec/acceptance/server/database_grant_spec.rb": "57fa17960e79b2d6641e148b0ad416de", - "spec/acceptance/server/database_spec.rb": "1eef2cd0b81e01b21a1cc5a715b67a14", - "spec/acceptance/server/db_spec.rb": "80b9bff843a7b5bc8b904583b6c6e99e", - "spec/acceptance/server/grant_spec.rb": "e920c215c4936f2a70ee6bcb6fed5220", - "spec/acceptance/server/pg_hba_rule_spec.rb": "12809f3d42e6c86e2de9583fab908ede", - "spec/acceptance/server/plperl_spec.rb": "c8d175b8235d0c61377866746d2d0186", - "spec/acceptance/server/role_spec.rb": "a3cd31e4245670286c1811f85ca6b266", - "spec/acceptance/server/table_grant_spec.rb": "c7f824d83745f2bcc865e69726f1db92", - "spec/acceptance/server/tablespace_spec.rb": "b367d810e2fbc219adb8bdc46dd8b99b", - "spec/acceptance/server_spec.rb": "9120d47137bccb2cd9aafa266374ed45", - "spec/acceptance/unsupported_spec.rb": "fc8f86f0843fabe29f880514db5be44d", - "spec/acceptance/validate_db_connection_spec.rb": "de172901777cb6973225348fb26a4f51", - "spec/spec_helper.rb": "6f3771a469c9ca3b050d12c19839f442", - "spec/spec_helper_acceptance.rb": "7bca3db19a6bb47a06f537914059f2ae", - "spec/unit/classes/client_spec.rb": "b26438da8906e68d17e568252c1e43b5", - "spec/unit/classes/globals_spec.rb": "acaa1c14215ce4f0b76222b9d344c379", - "spec/unit/classes/lib/devel_spec.rb": "11a2a75953d63a34b3e9ab7b6be2cc69", - "spec/unit/classes/lib/java_spec.rb": "bdb60c3b379a3788b3bf1f6c29b31c0a", - "spec/unit/classes/lib/perl_spec.rb": "efb82d3c12bbaf772a37704cb571ada5", - "spec/unit/classes/lib/python_spec.rb": "677c763c1a43a0e33ef7e6e819ec9f0a", - "spec/unit/classes/params_spec.rb": "2db946aa96446a1e38991c843b765323", - "spec/unit/classes/repo_spec.rb": "bc7e37bf56d82b0bd080391aa46c7f1d", - "spec/unit/classes/server/contrib_spec.rb": "97d0e01330e19b9657d51efb182a299f", - "spec/unit/classes/server/initdb_spec.rb": "a13e8ab43144ba4387f5fa1e14fc6552", - "spec/unit/classes/server/plperl_spec.rb": "48426f8a532690ce6ff758526b428085", - "spec/unit/classes/server/postgis_spec.rb": "b8041550a224a771c6f1c93e34f1bf87", - "spec/unit/classes/server_spec.rb": "1fef0fa2b0ee6e5b203a224dc7cc0526", - "spec/unit/defines/server/config_entry_spec.rb": "e797f48e9774031e86fdfc9687d39040", - "spec/unit/defines/server/database_grant_spec.rb": "2418cfbdb1e913f96a5ec7997526f9bf", - "spec/unit/defines/server/database_spec.rb": "cd8318b25bf775d3540fec1198efa73c", - "spec/unit/defines/server/db_spec.rb": "53ff276aca01971b0357c3cabb2e0525", - "spec/unit/defines/server/grant_spec.rb": "6d3926ed814834268defedf671d4ac96", - "spec/unit/defines/server/pg_hba_rule_spec.rb": "fd5926d6218998d96051179ae31e7d68", - "spec/unit/defines/server/role_spec.rb": "1a8d25c409b210333a50c6cedd2409c7", - "spec/unit/defines/server/table_grant_spec.rb": "ea304aedc93d7801329181f926d8106a", - "spec/unit/defines/server/tablespace_spec.rb": "e087c175bbd7ac0c2ff0ff2076db99d5", - "spec/unit/defines/validate_db_connection_spec.rb": "88e57a8f780d381d75fe062f1178e1ce", - "spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb": "e7740c3cd2110e2fcebab8356012267c", - "spec/unit/functions/postgresql_escape_spec.rb": "6e52e4f3ca56491f8ba2d1490a5fd1ad", - "spec/unit/functions/postgresql_password_spec.rb": "76034569a5ff627073c5e6ff69176ac3", - "spec/unit/provider/postgresql_conf/parsed_spec.rb": "45cbf8783706d85005bd69ebfc013c09", - "spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb": "c0ef725e4e7a5def13c29fad0c42478c", - "spec/unit/puppet/type/postgresql_psql_spec.rb": "2af5b74f7f4b89ff246818cd79488b3e", - "spec/unit/type/postgresql_conf_spec.rb": "5a05106ce1fe78a40d6ff620a75c08e9", - "templates/pg_hba_rule.conf": "13b46eecdfd359eddff71fa485ef2f54", - "templates/systemd-port-override.erb": "9af958cfc89251d8b32dd27050f58826" -} \ No newline at end of file diff --git a/modules/postgresql/files/RPM-GPG-KEY-PGDG b/modules/postgresql/files/RPM-GPG-KEY-PGDG deleted file mode 100644 index 065274e..0000000 --- a/modules/postgresql/files/RPM-GPG-KEY-PGDG +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.7 (GNU/Linux) - -mQGiBEeD8koRBACC1VBRsUwGr9gxFFRho9kZpdRUjBJoPhkeOTvp9LzkdAQMFngr -BFi6N0ov1kCX7LLwBmDG+JPR7N+XcH9YR1coSHpLVg+JNy2kFDd4zAyWxJafjZ3a -9zFg9Yx+0va1BJ2t4zVcmKS4aOfbgQ5KwIOWUujalQW5Y+Fw39Gn86qjbwCg5dIo -tkM0l19h2sx50D027pV5aPsD/2c9pfcFTbMhB0CcKS836GH1qY+NCAdUwPs646ee -Ex/k9Uy4qMwhl3HuCGGGa+N6Plyon7V0TzZuRGp/1742dE8IO+I/KLy2L1d1Fxrn -XOTBZd8qe6nBwh12OMcKrsPBVBxn+iSkaG3ULsgOtx+HHLfa1/p22L5+GzGdxizr -peBuA/90cCp+lYcEwdYaRoFVR501yDOTmmzBc1DrsyWP79QMEGzMqa393G0VnqXt -L4pGmunq66Agw2EhPcIt3pDYiCmEt/obdVtSJH6BtmSDB/zYhbE8u3vLP3jfFDa9 -KXxgtYj0NvuUVoRmxSKm8jtfmj1L7zoKNz3jl+Ba3L0WxIv4+bRBUG9zdGdyZVNR -TCBSUE0gQnVpbGRpbmcgUHJvamVjdCA8cGdzcWxycG1zLWhhY2tlcnNAcGdmb3Vu -ZHJ5Lm9yZz6IYAQTEQIAIAUCR4PySgIbIwYLCQgHAwIEFQIIAwQWAgMBAh4BAheA -AAoJEB8W0uFELfD4jnkAoMqd6ZwwsgYHZ3hP9vt+DJt1uDW7AKDbRwP8ESKFhwdJ -8m91RPBeJW/tMLkCDQRHg/JKEAgA64+ZXgcERPYfZYo4p+yMTJAAa9aqnE3U4Ni6 -ZMB57GPuEy8NfbNya+HiftO8hoozmJdcI6XFyRBCDUVCdZ8SE+PJdOx2FFqZVIu6 -dKnr8ykhgLpNNEFDG3boK9UfLj/5lYQ3Y550Iym1QKOgyrJYeAp6sZ+Nx2PavsP3 -nMFCSD67BqAbcLCVQN7a2dAUXfEbfXJjPHXTbo1/kxtzE+KCRTLdXEbSEe3nHO04 -K/EgTBjeBUOxnciH5RylJ2oGy/v4xr9ed7R1jJtshsDKMdWApwoLlCBJ63jg/4T/ -z/OtXmu4AvmWaJxaTl7fPf2GqSqqb6jLCrQAH7AIhXr9V0zPZwADBQgAlpptNQHl -u7euIdIujFwwcxyQGfee6BG+3zaNSEHMVQMuc6bxuvYmgM9r7aki/b0YMfjJBk8v -OJ3Eh1vDH/woJi2iJ13vQ21ot+1JP3fMd6NPR8/qEeDnmVXu7QAtlkmSKI9Rdnjz -FFSUJrQPHnKsH4V4uvAM+njwYD+VFiwlBPTKNeL8cdBb4tPN2cdVJzoAp57wkZAN -VA2tKxNsTJKBi8wukaLWX8+yPHiWCNWItvyB4WCEp/rZKG4A868NM5sZQMAabpLd -l4fTiGu68OYgK9qUPZvhEAL2C1jPDVHPkLm+ZsD+90Pe66w9vB00cxXuHLzm8Pad -GaCXCY8h3xi6VIhJBBgRAgAJBQJHg/JKAhsMAAoJEB8W0uFELfD4K4cAoJ4yug8y -1U0cZEiF5W25HDzMTtaDAKCaM1m3Cbd+AZ0NGWNg/VvIX9MsPA== -=au6K ------END PGP PUBLIC KEY BLOCK----- diff --git a/modules/postgresql/files/validate_postgresql_connection.sh b/modules/postgresql/files/validate_postgresql_connection.sh deleted file mode 100644 index f126d99..0000000 --- a/modules/postgresql/files/validate_postgresql_connection.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash - -# usage is: validate_db_connection 2 50 psql - -SLEEP=$1 -TRIES=$2 -PSQL=$3 - -STATE=1 - -for (( c=1; c<=$TRIES; c++ )) -do - echo $c - if [ $c -gt 1 ] - then - echo 'sleeping' - sleep $SLEEP - fi - - /bin/echo "SELECT 1" | $PSQL - STATE=$? - - if [ $STATE -eq 0 ] - then - exit 0 - fi -done - -echo 'Unable to connect to postgresql' - -exit 1 diff --git a/modules/postgresql/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb b/modules/postgresql/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb deleted file mode 100644 index 7fa7854..0000000 --- a/modules/postgresql/lib/puppet/parser/functions/postgresql_acls_to_resources_hash.rb +++ /dev/null @@ -1,76 +0,0 @@ -module Puppet::Parser::Functions - newfunction(:postgresql_acls_to_resources_hash, :type => :rvalue, :doc => <<-EOS - This internal function translates the ipv(4|6)acls format into a resource - suitable for create_resources. It is not intended to be used outside of the - postgresql internal classes/defined resources. - - This function accepts an array of strings that are pg_hba.conf rules. It - will return a hash that can be fed into create_resources to create multiple - individual pg_hba_rule resources. - - The second parameter is an identifier that will be included in the namevar - to provide uniqueness. It must be a string. - - The third parameter is an order offset, so you can start the order at an - arbitrary starting point. - EOS - ) do |args| - func_name = "postgresql_acls_to_resources_hash()" - - raise(Puppet::ParseError, "#{func_name}: Wrong number of arguments " + - "given (#{args.size} for 3)") if args.size != 3 - - acls = args[0] - raise(Puppet::ParseError, "#{func_name}: first argument must be an array") \ - unless acls.instance_of? Array - - id = args[1] - raise(Puppet::ParseError, "#{func_name}: second argument must be a string") \ - unless id.instance_of? String - - offset = args[2].to_i - raise(Puppet::ParseError, "#{func_name}: third argument must be a number") \ - unless offset.instance_of? Fixnum - - resources = {} - acls.each do |acl| - index = acls.index(acl) - - parts = acl.split - - raise(Puppet::ParseError, "#{func_name}: acl line #{index} does not " + - "have enough parts") unless parts.length >= 4 - - resource = { - 'type' => parts[0], - 'database' => parts[1], - 'user' => parts[2], - 'order' => format('%03d', offset + index), - } - if parts[0] == 'local' then - resource['auth_method'] = parts[3] - if parts.length > 4 then - resource['auth_option'] = parts.last(parts.length - 4).join(" ") - end - else - if parts[4] =~ /^\d/ - resource['address'] = parts[3] + ' ' + parts[4] - resource['auth_method'] = parts[5] - - if parts.length > 6 then - resource['auth_option'] = parts.last(parts.length - 6).join(" ") - end - else - resource['address'] = parts[3] - resource['auth_method'] = parts[4] - - if parts.length > 5 then - resource['auth_option'] = parts.last(parts.length - 5).join(" ") - end - end - end - resources["postgresql class generated rule #{id} #{index}"] = resource - end - resources - end -end diff --git a/modules/postgresql/lib/puppet/parser/functions/postgresql_escape.rb b/modules/postgresql/lib/puppet/parser/functions/postgresql_escape.rb deleted file mode 100644 index 4089a4e..0000000 --- a/modules/postgresql/lib/puppet/parser/functions/postgresql_escape.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'digest/md5' - -module Puppet::Parser::Functions - newfunction(:postgresql_escape, :type => :rvalue, :doc => <<-EOS - Safely escapes a string using $$ using a random tag which should be consistent - EOS - ) do |args| - - raise(Puppet::ParseError, "postgresql_escape(): Wrong number of arguments " + - "given (#{args.size} for 1)") if args.size != 1 - - password = args[0] - - if password !~ /\$\$/ - retval = "$$#{password}$$" - else - escape = Digest::MD5.hexdigest(password)[0..5].gsub(/\d/,'') - until password !~ /#{escape}/ - escape = Digest::MD5.hexdigest(escape)[0..5].gsub(/\d/,'') - end - retval = "$#{escape}$#{password}$#{escape}$" - end - retval - end -end diff --git a/modules/postgresql/lib/puppet/parser/functions/postgresql_password.rb b/modules/postgresql/lib/puppet/parser/functions/postgresql_password.rb deleted file mode 100644 index 0689e0e..0000000 --- a/modules/postgresql/lib/puppet/parser/functions/postgresql_password.rb +++ /dev/null @@ -1,18 +0,0 @@ -# hash a string as mysql's "PASSWORD()" function would do it -require 'digest/md5' - -module Puppet::Parser::Functions - newfunction(:postgresql_password, :type => :rvalue, :doc => <<-EOS - Returns the postgresql password hash from the clear text username / password. - EOS - ) do |args| - - raise(Puppet::ParseError, "postgresql_password(): Wrong number of arguments " + - "given (#{args.size} for 2)") if args.size != 2 - - username = args[0] - password = args[1] - - 'md5' + Digest::MD5.hexdigest(password + username) - end -end diff --git a/modules/postgresql/lib/puppet/provider/postgresql_conf/parsed.rb b/modules/postgresql/lib/puppet/provider/postgresql_conf/parsed.rb deleted file mode 100644 index d53e6d2..0000000 --- a/modules/postgresql/lib/puppet/provider/postgresql_conf/parsed.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'puppet/provider/parsedfile' - -Puppet::Type.type(:postgresql_conf).provide( - :parsed, - :parent => Puppet::Provider::ParsedFile, - :default_target => '/etc/postgresql.conf', - :filetype => :flat -) do - desc "Set key/values in postgresql.conf." - - text_line :comment, :match => /^\s*#/ - text_line :blank, :match => /^\s*$/ - - record_line :parsed, - :fields => %w{name value comment}, - :optional => %w{comment}, - :match => /^\s*([\w\.]+)\s*=?\s*(.*?)(?:\s*#\s*(.*))?\s*$/, - :to_line => proc { |h| - - # simple string and numeric values don't need to be enclosed in quotes - dontneedquote = h[:value].match(/^(\w+)$/) - dontneedequal = h[:name].match(/^(include|include_if_exists)$/i) - - str = h[:name].downcase # normalize case - str += dontneedequal ? ' ' : ' = ' - str += "'" unless dontneedquote && !dontneedequal - str += h[:value] - str += "'" unless dontneedquote && !dontneedequal - str += " # #{h[:comment]}" unless (h[:comment].nil? or h[:comment] == :absent) - str - }, - :post_parse => proc { |h| - h[:name].downcase! # normalize case - h[:value].gsub!(/(^'|'$)/, '') # strip out quotes - } - -end diff --git a/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb b/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb deleted file mode 100644 index d79f8f6..0000000 --- a/modules/postgresql/lib/puppet/provider/postgresql_psql/ruby.rb +++ /dev/null @@ -1,94 +0,0 @@ -Puppet::Type.type(:postgresql_psql).provide(:ruby) do - - def command() - if ((! resource[:unless]) or (resource[:unless].empty?)) - if (resource.refreshonly?) - # So, if there's no 'unless', and we're in "refreshonly" mode, - # we need to return the target command here. If we don't, - # then Puppet will generate an event indicating that this - # property has changed. - return resource[:command] - end - - # if we're not in refreshonly mode, then we return nil, - # which will cause Puppet to sync this property. This - # is what we want if there is no 'unless' value specified. - return nil - end - - if Puppet::PUPPETVERSION.to_f < 4 - output, status = run_unless_sql_command(resource[:unless]) - else - output = run_unless_sql_command(resource[:unless]) - status = output.exitcode - end - - if status != 0 - puts status - self.fail("Error evaluating 'unless' clause: '#{output}'") - end - result_count = output.strip.to_i - if result_count > 0 - # If the 'unless' query returned rows, then we don't want to execute - # the 'command'. Returning the target 'command' here will cause - # Puppet to treat this property as already being 'insync?', so it - # won't call the setter to run the 'command' later. - return resource[:command] - end - - # Returning 'nil' here will cause Puppet to see this property - # as out-of-sync, so it will call the setter later. - nil - end - - def command=(val) - output, status = run_sql_command(val) - - if status != 0 - self.fail("Error executing SQL; psql returned #{status}: '#{output}'") - end - end - - - def run_unless_sql_command(sql) - # for the 'unless' queries, we wrap the user's query in a 'SELECT COUNT', - # which makes it easier to parse and process the output. - run_sql_command('SELECT COUNT(*) FROM (' << sql << ') count') - end - - def run_sql_command(sql) - if resource[:search_path] - sql = "set search_path to #{Array(resource[:search_path]).join(',')}; #{sql}" - end - - command = [resource[:psql_path]] - command.push("-d", resource[:db]) if resource[:db] - command.push("-p", resource[:port]) if resource[:port] - command.push("-t", "-c", sql) - - if resource[:cwd] - Dir.chdir resource[:cwd] do - run_command(command, resource[:psql_user], resource[:psql_group]) - end - else - run_command(command, resource[:psql_user], resource[:psql_group]) - end - end - - def run_command(command, user, group) - if Puppet::PUPPETVERSION.to_f < 3.4 - Puppet::Util::SUIDManager.run_and_capture(command, user, group) - else - output = Puppet::Util::Execution.execute(command, { - :uid => user, - :gid => group, - :failonfail => false, - :combine => true, - :override_locale => true, - :custom_environment => {} - }) - [output, $CHILD_STATUS.dup] - end - end - -end diff --git a/modules/postgresql/lib/puppet/type/postgresql_conf.rb b/modules/postgresql/lib/puppet/type/postgresql_conf.rb deleted file mode 100644 index f227fd7..0000000 --- a/modules/postgresql/lib/puppet/type/postgresql_conf.rb +++ /dev/null @@ -1,31 +0,0 @@ -module Puppet - newtype(:postgresql_conf) do - - @doc = "This type allows puppet to manage postgresql.conf parameters." - - ensurable - - newparam(:name) do - desc "The postgresql parameter name to manage." - isnamevar - - newvalues(/^[\w\.]+$/) - end - - newproperty(:value) do - desc "The value to set for this parameter." - end - - newproperty(:target) do - desc "The path to postgresql.conf" - defaultto { - if @resource.class.defaultprovider.ancestors.include?(Puppet::Provider::ParsedFile) - @resource.class.defaultprovider.default_target - else - nil - end - } - end - - end -end diff --git a/modules/postgresql/lib/puppet/type/postgresql_psql.rb b/modules/postgresql/lib/puppet/type/postgresql_psql.rb deleted file mode 100644 index 70a056f..0000000 --- a/modules/postgresql/lib/puppet/type/postgresql_psql.rb +++ /dev/null @@ -1,93 +0,0 @@ -Puppet::Type.newtype(:postgresql_psql) do - - newparam(:name) do - desc "An arbitrary tag for your own reference; the name of the message." - isnamevar - end - - newproperty(:command) do - desc 'The SQL command to execute via psql.' - - defaultto { @resource[:name] } - - def sync(refreshing = false) - # We're overriding 'sync' here in order to do some magic - # in support of providing a 'refreshonly' parameter. This - # is kind of hacky because the logic for 'refreshonly' is - # spread between the type and the provider, but this is - # the least horrible way that I could determine to accomplish - # it. - # - # Note that our overridden version of 'sync' takes a parameter, - # 'refreshing', which the parent version doesn't take. This - # allows us to call the sync method directly from the 'refresh' - # method, and then inside of the body of 'sync' we can tell - # whether or not we're refreshing. - - if (!@resource.refreshonly? || refreshing) - # If we're not in 'refreshonly' mode, or we're not currently - # refreshing, then we just call the parent method. - super() - else - # If we get here, it means we're in 'refreshonly' mode and - # we're not being called by the 'refresh' method, so we - # just no-op. We'll be called again by the 'refresh' - # method momentarily. - nil - end - end - end - - newparam(:unless) do - desc "An optional SQL command to execute prior to the main :command; " + - "this is generally intended to be used for idempotency, to check " + - "for the existence of an object in the database to determine whether " + - "or not the main SQL command needs to be executed at all." - end - - newparam(:db) do - desc "The name of the database to execute the SQL command against." - end - - newparam(:port) do - desc "The port of the database server to execute the SQL command against." - end - - newparam(:search_path) do - desc "The schema search path to use when executing the SQL command" - end - - newparam(:psql_path) do - desc "The path to psql executable." - defaultto("psql") - end - - newparam(:psql_user) do - desc "The system user account under which the psql command should be executed." - defaultto("postgres") - end - - newparam(:psql_group) do - desc "The system user group account under which the psql command should be executed." - defaultto("postgres") - end - - newparam(:cwd, :parent => Puppet::Parameter::Path) do - desc "The working directory under which the psql command should be executed." - defaultto("/tmp") - end - - newparam(:refreshonly, :boolean => true) do - desc "If 'true', then the SQL will only be executed via a notify/subscribe event." - - defaultto(:false) - newvalues(:true, :false) - end - - def refresh() - # All of the magic for this type is attached to the ':command' property, so - # we just need to sync it to accomplish a 'refresh'. - self.property(:command).sync(true) - end - -end diff --git a/modules/postgresql/manifests/client.pp b/modules/postgresql/manifests/client.pp deleted file mode 100644 index bdb821d..0000000 --- a/modules/postgresql/manifests/client.pp +++ /dev/null @@ -1,29 +0,0 @@ -# Install client cli tool. See README.md for more details. -class postgresql::client ( - $package_name = $postgresql::params::client_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - validate_string($package_name) - - package { 'postgresql-client': - ensure => $package_ensure, - name => $package_name, - tag => 'postgresql', - } - - $file_ensure = $package_ensure ? { - 'present' => 'file', - true => 'file', - 'absent' => 'absent', - false => 'absent', - default => 'file', - } - file { "/usr/local/bin/validate_postgresql_connection.sh": - ensure => $file_ensure, - source => "puppet:///modules/postgresql/validate_postgresql_connection.sh", - owner => 0, - group => 0, - mode => 0755, - } - -} diff --git a/modules/postgresql/manifests/globals.pp b/modules/postgresql/manifests/globals.pp deleted file mode 100644 index 21e18a1..0000000 --- a/modules/postgresql/manifests/globals.pp +++ /dev/null @@ -1,114 +0,0 @@ -# Class for setting cross-class global overrides. See README.md for more -# details. -class postgresql::globals ( - $ensure = undef, - - $client_package_name = undef, - $server_package_name = undef, - $contrib_package_name = undef, - $devel_package_name = undef, - $java_package_name = undef, - $perl_package_name = undef, - $plperl_package_name = undef, - $python_package_name = undef, - $postgis_package_name = undef, - - $service_name = undef, - $service_provider = undef, - $service_status = undef, - $default_database = undef, - - $initdb_path = undef, - $createdb_path = undef, - $psql_path = undef, - $pg_hba_conf_path = undef, - $postgresql_conf_path = undef, - - $pg_hba_conf_defaults = undef, - - $datadir = undef, - $confdir = undef, - $bindir = undef, - $xlogdir = undef, - - $user = undef, - $group = undef, - - $version = undef, - $postgis_version = undef, - - $needs_initdb = undef, - - $encoding = undef, - $locale = undef, - - $manage_firewall = undef, - $manage_pg_hba_conf = undef, - $firewall_supported = undef, - - $manage_package_repo = undef -) { - # We are determining this here, because it is needed by the package repo - # class. - $default_version = $::osfamily ? { - /^(RedHat|Linux)/ => $::operatingsystem ? { - 'Fedora' => $::operatingsystemrelease ? { - /^(18|19|20)$/ => '9.2', - /^(17)$/ => '9.1', - default => undef, - }, - 'Amazon' => '9.2', - default => $::operatingsystemrelease ? { - /^7\./ => '9.2', - /^6\./ => '8.4', - /^5\./ => '8.1', - default => undef, - }, - }, - 'Debian' => $::operatingsystem ? { - 'Debian' => $::operatingsystemrelease ? { - /^6\./ => '8.4', - /^(wheezy|7\.)/ => '9.1', - default => undef, - }, - 'Ubuntu' => $::operatingsystemrelease ? { - /^(14.04)$/ => '9.3', - /^(11.10|12.04|12.10|13.04|13.10)$/ => '9.1', - /^(10.04|10.10|11.04)$/ => '8.4', - default => undef, - }, - default => undef, - }, - 'Archlinux' => $::operatingsystem ? { - /Archlinux/ => '9.2', - default => '9.2', - }, - 'FreeBSD' => '93', - default => undef, - } - $globals_version = pick($version, $default_version, 'unknown') - if($globals_version == 'unknown') { - fail('No preferred version defined or automatically detected.') - } - - $default_postgis_version = $globals_version ? { - '8.1' => '1.3.6', - '8.4' => '1.5', - '9.0' => '1.5', - '9.1' => '1.5', - '9.2' => '2.0', - '9.3' => '2.1', - } - $globals_postgis_version = pick($postgis_version, $default_postgis_version) - - # Setup of the repo only makes sense globally, so we are doing this here. - if($manage_package_repo) { - # Workaround the lack of RHEL7 repositories for now. - if ! ($::operatingsystem == 'RedHat' and $::operatingsystemrelease =~ /^7/) { - class { 'postgresql::repo': - ensure => $ensure, - version => $globals_version - } - } - } -} diff --git a/modules/postgresql/manifests/lib/devel.pp b/modules/postgresql/manifests/lib/devel.pp deleted file mode 100644 index 0c446d4..0000000 --- a/modules/postgresql/manifests/lib/devel.pp +++ /dev/null @@ -1,15 +0,0 @@ -# This class installs postgresql development libraries. See README.md for more -# details. -class postgresql::lib::devel( - $package_name = $postgresql::params::devel_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - - validate_string($package_name) - - package { 'postgresql-devel': - ensure => $package_ensure, - name => $package_name, - tag => 'postgresql', - } -} diff --git a/modules/postgresql/manifests/lib/java.pp b/modules/postgresql/manifests/lib/java.pp deleted file mode 100644 index e9ee53d..0000000 --- a/modules/postgresql/manifests/lib/java.pp +++ /dev/null @@ -1,15 +0,0 @@ -# This class installs the postgresql jdbc connector. See README.md for more -# details. -class postgresql::lib::java ( - $package_name = $postgresql::params::java_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - - validate_string($package_name) - - package { 'postgresql-jdbc': - ensure => $package_ensure, - name => $package_name, - } - -} diff --git a/modules/postgresql/manifests/lib/perl.pp b/modules/postgresql/manifests/lib/perl.pp deleted file mode 100644 index 6ed2853..0000000 --- a/modules/postgresql/manifests/lib/perl.pp +++ /dev/null @@ -1,13 +0,0 @@ -# This class installs the perl libs for postgresql. See README.md for more -# details. -class postgresql::lib::perl( - $package_name = $postgresql::params::perl_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - - package { 'perl-DBD-Pg': - ensure => $package_ensure, - name => $package_name, - } - -} diff --git a/modules/postgresql/manifests/lib/python.pp b/modules/postgresql/manifests/lib/python.pp deleted file mode 100644 index bfe0585..0000000 --- a/modules/postgresql/manifests/lib/python.pp +++ /dev/null @@ -1,13 +0,0 @@ -# This class installs the python libs for postgresql. See README.md for more -# details. -class postgresql::lib::python( - $package_name = $postgresql::params::python_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - - package { 'python-psycopg2': - ensure => $package_ensure, - name => $package_name, - } - -} diff --git a/modules/postgresql/manifests/params.pp b/modules/postgresql/manifests/params.pp deleted file mode 100644 index 36e3027..0000000 --- a/modules/postgresql/manifests/params.pp +++ /dev/null @@ -1,202 +0,0 @@ -# PRIVATE CLASS: do not use directly -class postgresql::params inherits postgresql::globals { - $ensure = present - $version = $globals_version - $postgis_version = $globals_postgis_version - $listen_addresses = 'localhost' - $port = 5432 - $ip_mask_deny_postgres_user = '0.0.0.0/0' - $ip_mask_allow_all_users = '127.0.0.1/32' - $ipv4acls = [] - $ipv6acls = [] - $encoding = $encoding - $locale = $locale - $service_ensure = undef - $service_provider = $service_provider - $manage_firewall = $manage_firewall - $manage_pg_hba_conf = pick($manage_pg_hba_conf, true) - - # Amazon Linux's OS Family is 'Linux', operating system 'Amazon'. - case $::osfamily { - 'RedHat', 'Linux': { - $user = pick($user, 'postgres') - $group = pick($group, 'postgres') - $needs_initdb = pick($needs_initdb, true) - $firewall_supported = pick($firewall_supported, true) - $version_parts = split($version, '[.]') - $package_version = "${version_parts[0]}${version_parts[1]}" - - if $version == $default_version { - $client_package_name = pick($client_package_name, 'postgresql') - $server_package_name = pick($server_package_name, 'postgresql-server') - $contrib_package_name = pick($contrib_package_name,'postgresql-contrib') - $devel_package_name = pick($devel_package_name, 'postgresql-devel') - $java_package_name = pick($java_package_name, 'postgresql-jdbc') - $plperl_package_name = pick($plperl_package_name, 'postgresql-plperl') - $service_name = pick($service_name, 'postgresql') - $bindir = pick($bindir, '/usr/bin') - $datadir = $::operatingsystem ? { - 'Amazon' => pick($datadir, '/var/lib/pgsql9/data'), - default => pick($datadir, '/var/lib/pgsql/data'), - } - $confdir = pick($confdir, $datadir) - } else { - $client_package_name = pick($client_package_name, "postgresql${package_version}") - $server_package_name = pick($server_package_name, "postgresql${package_version}-server") - $contrib_package_name = pick($contrib_package_name,"postgresql${package_version}-contrib") - $devel_package_name = pick($devel_package_name, "postgresql${package_version}-devel") - $java_package_name = pick($java_package_name, "postgresql${package_version}-jdbc") - $plperl_package_name = pick($plperl_package_name, "postgresql${package_version}-plperl") - $service_name = pick($service_name, "postgresql-${version}") - $bindir = pick($bindir, "/usr/pgsql-${version}/bin") - $datadir = $::operatingsystem ? { - 'Amazon' => pick($datadir, "/var/lib/pgsql9/${version}/data"), - default => pick($datadir, "/var/lib/pgsql/${version}/data"), - } - $confdir = pick($confdir, $datadir) - } - $psql_path = pick($psql_path, "${bindir}/psql") - - $service_status = $service_status - $perl_package_name = pick($perl_package_name, 'perl-DBD-Pg') - $python_package_name = pick($python_package_name, 'python-psycopg2') - - $postgis_package_name = pick( - $postgis_package_name, - $::operatingsystemrelease ? { - /5/ => 'postgis', - default => versioncmp($postgis_version, '2') ? { - '-1' => "postgis${package_version}", - default => "postgis2_${package_version}",} - } - ) - } - - 'Archlinux': { - # Based on the existing version of the firewall module, this is normally - # true for Archlinux, but archlinux users want more control. - # so they can set it themself - $firewall_supported = pick($firewall_supported, true) - $needs_initdb = pick($needs_initdb, true) - $user = pick($user, 'postgres') - $group = pick($group, 'postgres') - - # Archlinux doesn't have a client-package but has a libs package which - # pulls in postgresql server - $client_package_name = pick($client_package_name, 'postgresql') - $server_package_name = pick($server_package_name, 'postgresql-libs') - $java_package_name = pick($java_package_name, 'postgresql-jdbc') - # Archlinux doesn't have develop packages - $devel_package_name = pick($devel_package_name, 'postgresql-devel') - # Archlinux does have postgresql-contrib but it isn't maintained - $contrib_package_name = pick($contrib_package_name,'undef') - # Archlinux postgresql package provides plperl - $plperl_package_name = pick($plperl_package_name, 'undef') - $service_name = pick($service_name, 'postgresql') - $bindir = pick($bindir, '/usr/bin') - $datadir = pick($datadir, '/var/lib/postgres/data') - $confdir = pick($confdir, $datadir) - $psql_path = pick($psql_path, "${bindir}/psql") - - $service_status = $service_status - $python_package_name = pick($python_package_name, 'python-psycopg2') - # Archlinux does not have a perl::DBD::Pg package - $perl_package_name = pick($perl_package_name, 'undef') - } - - 'Debian': { - $user = pick($user, 'postgres') - $group = pick($group, 'postgres') - - if $manage_package_repo == true { - $needs_initdb = pick($needs_initdb, true) - $service_name = pick($service_name, 'postgresql') - } else { - $needs_initdb = pick($needs_initdb, false) - $service_name = $::operatingsystem ? { - 'Debian' => pick($service_name, 'postgresql'), - 'Ubuntu' => $::lsbmajdistrelease ? { - '10' => pick($service_name, "postgresql-${version}"), - default => pick($service_name, 'postgresql'), - }, - default => undef - } - } - - $client_package_name = pick($client_package_name, "postgresql-client-${version}") - $server_package_name = pick($server_package_name, "postgresql-${version}") - $contrib_package_name = pick($contrib_package_name, "postgresql-contrib-${version}") - $postgis_package_name = pick( - $postgis_package_name, - versioncmp($postgis_version, '2') ? { - '-1' => "postgresql-${version}-postgis", - default => "postgresql-${version}-postgis-${postgis_version}", - } - ) - $devel_package_name = pick($devel_package_name, 'libpq-dev') - $java_package_name = pick($java_package_name, 'libpostgresql-jdbc-java') - $perl_package_name = pick($perl_package_name, 'libdbd-pg-perl') - $plperl_package_name = pick($plperl_package_name, "postgresql-plperl-${version}") - $python_package_name = pick($python_package_name, 'python-psycopg2') - - $bindir = pick($bindir, "/usr/lib/postgresql/${version}/bin") - $datadir = pick($datadir, "/var/lib/postgresql/${version}/main") - $confdir = pick($confdir, "/etc/postgresql/${version}/main") - $service_status = pick($service_status, "/etc/init.d/${service_name} status | /bin/egrep -q 'Running clusters: .+|online'") - $psql_path = pick($psql_path, "/usr/bin/psql") - - $firewall_supported = pick($firewall_supported, true) - } - - 'FreeBSD': { - $user = pick($user, 'pgsql') - $group = pick($group, 'pgsql') - - $client_package_name = pick($client_package_name, "databases/postgresql${version}-client") - $server_package_name = pick($server_package_name, "databases/postgresql${version}-server") - $contrib_package_name = pick($contrib_package_name, "databases/postgresql${version}-contrib") - $devel_package_name = pick($devel_package_name, 'databases/postgresql-libpqxx3') - $java_package_name = pick($java_package_name, 'databases/postgresql-jdbc') - $perl_package_name = pick($plperl_package_name, 'databases/p5-DBD-Pg') - $plperl_package_name = pick($plperl_package_name, "databases/postgresql${version}-plperl") - $python_package_name = pick($python_package_name, 'databases/py-psycopg2') - - $service_name = pick($service_name, 'postgresql') - $bindir = pick($bindir, '/usr/local/bin') - $datadir = pick($datadir, '/usr/local/pgsql/data') - $confdir = pick($confdir, $datadir) - $service_status = pick($service_status, "/usr/local/etc/rc.d/${service_name} status") - $psql_path = pick($psql_path, "${bindir}/psql") - - $firewall_supported = pick($firewall_supported, false) - $needs_initdb = pick($needs_initdb, true) - } - - default: { - # Based on the existing version of the firewall module, this is normally - # false for other OS, but this allows an escape hatch to override it. - $firewall_supported = pick($firewall_supported, false) - - $psql_path = pick($psql_path, "${bindir}/psql") - - # Since we can't determine defaults on our own, we rely on users setting - # parameters with the postgresql::globals class. Here we are checking - # that the mandatory minimum is set for the module to operate. - $err_prefix = "Module ${module_name} does not provide defaults for osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}; please specify a value for ${module_name}::globals::" - if ($needs_initdb == undef) { fail("${err_prefix}needs_initdb") } - if ($service_name == undef) { fail("${err_prefix}service_name") } - if ($client_package_name == undef) { fail("${err_prefix}client_package_name") } - if ($server_package_name == undef) { fail("${err_prefix}server_package_name") } - if ($bindir == undef) { fail("${err_prefix}bindir") } - if ($datadir == undef) { fail("${err_prefix}datadir") } - if ($confdir == undef) { fail("${err_prefix}confdir") } - } - } - - $initdb_path = pick($initdb_path, "${bindir}/initdb") - $createdb_path = pick($createdb_path, "${bindir}/createdb") - $pg_hba_conf_path = pick($pg_hba_conf_path, "${confdir}/pg_hba.conf") - $pg_hba_conf_defaults = pick($pg_hba_conf_defaults, true) - $postgresql_conf_path = pick($postgresql_conf_path, "${confdir}/postgresql.conf") - $default_database = pick($default_database, 'postgres') -} diff --git a/modules/postgresql/manifests/repo.pp b/modules/postgresql/manifests/repo.pp deleted file mode 100644 index 2e2cbd3..0000000 --- a/modules/postgresql/manifests/repo.pp +++ /dev/null @@ -1,22 +0,0 @@ -# PRIVATE CLASS: do not use directly -class postgresql::repo ( - $ensure = $postgresql::params::ensure, - $version = undef -) inherits postgresql::params { - case $::osfamily { - 'RedHat', 'Linux': { - if $version == undef { - fail("The parameter 'version' for 'postgresql::repo' is undefined. You must always define it when osfamily == Redhat or Linux") - } - class { 'postgresql::repo::yum_postgresql_org': } - } - - 'Debian': { - class { 'postgresql::repo::apt_postgresql_org': } - } - - default: { - fail("Unsupported managed repository for osfamily: ${::osfamily}, operatingsystem: ${::operatingsystem}, module ${module_name} currently only supports managing repos for osfamily RedHat and Debian") - } - } -} diff --git a/modules/postgresql/manifests/repo/apt_postgresql_org.pp b/modules/postgresql/manifests/repo/apt_postgresql_org.pp deleted file mode 100644 index 25cb148..0000000 --- a/modules/postgresql/manifests/repo/apt_postgresql_org.pp +++ /dev/null @@ -1,31 +0,0 @@ -# PRIVATE CLASS: do not use directly -class postgresql::repo::apt_postgresql_org inherits postgresql::repo { -include ::apt - if($ensure == 'present' or $ensure == true) { - # Here we have tried to replicate the instructions on the PostgreSQL site: - # - # http://www.postgresql.org/download/linux/debian/ - # - apt::pin { 'apt.postgresql.org': - originator => 'apt.postgresql.org', - priority => 500, - }-> - apt::source { 'apt.postgresql.org': - location => 'http://apt.postgresql.org/pub/repos/apt/', - release => "${::lsbdistcodename}-pgdg", - repos => "main ${version}", - key => 'ACCC4CF8', - key_source => 'http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc', - include_src => false, - } - - Apt::Source['apt.postgresql.org']->Package<|tag == 'postgresql'|> - } else { - apt::source { 'apt.postgresql.org': - ensure => absent, - } - apt::pin { 'apt.postgresql.org': - ensure => absent, - } - } -} diff --git a/modules/postgresql/manifests/repo/yum_postgresql_org.pp b/modules/postgresql/manifests/repo/yum_postgresql_org.pp deleted file mode 100644 index 9cdfd4a..0000000 --- a/modules/postgresql/manifests/repo/yum_postgresql_org.pp +++ /dev/null @@ -1,38 +0,0 @@ -# PRIVATE CLASS: do not use directly -class postgresql::repo::yum_postgresql_org inherits postgresql::repo { - $version_parts = split($version, '[.]') - $package_version = "${version_parts[0]}${version_parts[1]}" - $gpg_key_path = "/etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}" - - if ($ensure == 'present' or $ensure == true) { - file { $gpg_key_path: - source => 'puppet:///modules/postgresql/RPM-GPG-KEY-PGDG', - before => Yumrepo['yum.postgresql.org'] - } - - if($::operatingsystem == 'Fedora') { - $label1 = 'fedora' - $label2 = $label1 - } else { - $label1 = 'redhat' - $label2 = 'rhel' - } - - yumrepo { 'yum.postgresql.org': - descr => "PostgreSQL ${version} \$releasever - \$basearch", - baseurl => "http://yum.postgresql.org/${version}/${label1}/${label2}-\$releasever-\$basearch", - enabled => 1, - gpgcheck => 1, - gpgkey => "file:///etc/pki/rpm-gpg/RPM-GPG-KEY-PGDG-${package_version}", - } - - Yumrepo['yum.postgresql.org'] -> Package<|tag == 'postgresql'|> - } else { - yumrepo { 'yum.postgresql.org': - enabled => absent, - }-> - file { $gpg_key_path: - ensure => absent, - } - } -} diff --git a/modules/postgresql/manifests/server.pp b/modules/postgresql/manifests/server.pp deleted file mode 100644 index 53c0885..0000000 --- a/modules/postgresql/manifests/server.pp +++ /dev/null @@ -1,83 +0,0 @@ -# This installs a PostgreSQL server. See README.md for more details. -class postgresql::server ( - $ensure = $postgresql::params::ensure, - - $postgres_password = undef, - - $package_name = $postgresql::params::server_package_name, - $client_package_name = $postgresql::params::client_package_name, - $package_ensure = $ensure, - - $plperl_package_name = $postgresql::params::plperl_package_name, - - $service_ensure = $postgresql::params::service_ensure, - $service_name = $postgresql::params::service_name, - $service_provider = $postgresql::params::service_provider, - $service_status = $postgresql::params::service_status, - $default_database = $postgresql::params::default_database, - - $listen_addresses = $postgresql::params::listen_addresses, - $port = $postgresql::params::port, - $ip_mask_deny_postgres_user = $postgresql::params::ip_mask_deny_postgres_user, - $ip_mask_allow_all_users = $postgresql::params::ip_mask_allow_all_users, - $ipv4acls = $postgresql::params::ipv4acls, - $ipv6acls = $postgresql::params::ipv6acls, - - $initdb_path = $postgresql::params::initdb_path, - $createdb_path = $postgresql::params::createdb_path, - $psql_path = $postgresql::params::psql_path, - $pg_hba_conf_path = $postgresql::params::pg_hba_conf_path, - $postgresql_conf_path = $postgresql::params::postgresql_conf_path, - - $datadir = $postgresql::params::datadir, - $xlogdir = $postgresql::params::xlogdir, - - $pg_hba_conf_defaults = $postgresql::params::pg_hba_conf_defaults, - - $user = $postgresql::params::user, - $group = $postgresql::params::group, - - $needs_initdb = $postgresql::params::needs_initdb, - - $encoding = $postgresql::params::encoding, - $locale = $postgresql::params::locale, - - $manage_firewall = $postgresql::params::manage_firewall, - $manage_pg_hba_conf = $postgresql::params::manage_pg_hba_conf, - $firewall_supported = $postgresql::params::firewall_supported, - - #Deprecated - $version = $postgresql::params::version, -) inherits postgresql::params { - $pg = 'postgresql::server' - - if $version != undef { - warning('Passing "version" to postgresql::server is deprecated; please use postgresql::globals instead.') - $_version = $postgresql::params::version - } else { - $_version = $version - } - - if ($ensure == 'present' or $ensure == true) { - # Reload has its own ordering, specified by other defines - class { "${pg}::reload": require => Class["${pg}::install"] } - - anchor { "${pg}::start": }-> - class { "${pg}::install": }-> - class { "${pg}::initdb": }-> - class { "${pg}::config": }-> - class { "${pg}::service": }-> - class { "${pg}::passwd": }-> - class { "${pg}::firewall": }-> - anchor { "${pg}::end": } - } else { - anchor { "${pg}::start": }-> - class { "${pg}::firewall": }-> - class { "${pg}::passwd": }-> - class { "${pg}::service": }-> - class { "${pg}::install": }-> - class { "${pg}::initdb": }-> - class { "${pg}::config": }-> - anchor { "${pg}::end": } - } -} diff --git a/modules/postgresql/manifests/server/config.pp b/modules/postgresql/manifests/server/config.pp deleted file mode 100644 index eaf599f..0000000 --- a/modules/postgresql/manifests/server/config.pp +++ /dev/null @@ -1,121 +0,0 @@ -# PRIVATE CLASS: do not call directly -class postgresql::server::config { - $ensure = $postgresql::server::ensure - $ip_mask_deny_postgres_user = $postgresql::server::ip_mask_deny_postgres_user - $ip_mask_allow_all_users = $postgresql::server::ip_mask_allow_all_users - $listen_addresses = $postgresql::server::listen_addresses - $port = $postgresql::server::port - $ipv4acls = $postgresql::server::ipv4acls - $ipv6acls = $postgresql::server::ipv6acls - $pg_hba_conf_path = $postgresql::server::pg_hba_conf_path - $postgresql_conf_path = $postgresql::server::postgresql_conf_path - $pg_hba_conf_defaults = $postgresql::server::pg_hba_conf_defaults - $user = $postgresql::server::user - $group = $postgresql::server::group - $version = $postgresql::server::version - $manage_pg_hba_conf = $postgresql::server::manage_pg_hba_conf - - if ($ensure == 'present' or $ensure == true) { - - if ($manage_pg_hba_conf == true) { - # Prepare the main pg_hba file - concat { $pg_hba_conf_path: - owner => $user, - group => $group, - mode => '0640', - warn => true, - notify => Class['postgresql::server::reload'], - } - - if $pg_hba_conf_defaults { - Postgresql::Server::Pg_hba_rule { - database => 'all', - user => 'all', - } - - # Lets setup the base rules - $local_auth_option = $version ? { - '8.1' => 'sameuser', - default => undef, - } - postgresql::server::pg_hba_rule { 'local access as postgres user': - type => 'local', - user => $user, - auth_method => 'ident', - auth_option => $local_auth_option, - order => '001', - } - postgresql::server::pg_hba_rule { 'local access to database with same name': - type => 'local', - auth_method => 'ident', - auth_option => $local_auth_option, - order => '002', - } - postgresql::server::pg_hba_rule { 'allow localhost TCP access to postgresql user': - type => 'host', - user => $user, - address => '127.0.0.1/32', - auth_method => 'md5', - order => '003', - } - postgresql::server::pg_hba_rule { 'deny access to postgresql user': - type => 'host', - user => $user, - address => $ip_mask_deny_postgres_user, - auth_method => 'reject', - order => '004', - } - - # ipv4acls are passed as an array of rule strings, here we transform - # them into a resources hash, and pass the result to create_resources - $ipv4acl_resources = postgresql_acls_to_resources_hash($ipv4acls, - 'ipv4acls', 10) - create_resources('postgresql::server::pg_hba_rule', $ipv4acl_resources) - - postgresql::server::pg_hba_rule { 'allow access to all users': - type => 'host', - address => $ip_mask_allow_all_users, - auth_method => 'md5', - order => '100', - } - postgresql::server::pg_hba_rule { 'allow access to ipv6 localhost': - type => 'host', - address => '::1/128', - auth_method => 'md5', - order => '101', - } - - # ipv6acls are passed as an array of rule strings, here we transform - # them into a resources hash, and pass the result to create_resources - $ipv6acl_resources = postgresql_acls_to_resources_hash($ipv6acls, - 'ipv6acls', 102) - create_resources('postgresql::server::pg_hba_rule', $ipv6acl_resources) - } - } - - # We must set a "listen_addresses" line in the postgresql.conf if we - # want to allow any connections from remote hosts. - postgresql::server::config_entry { 'listen_addresses': - value => $listen_addresses, - } - postgresql::server::config_entry { 'port': - value => "${port}", - } - - # RedHat-based systems hardcode some PG* variables in the init script, and need to be overriden - # in /etc/sysconfig/pgsql/postgresql. Create a blank file so we can manage it with augeas later. - if ($::osfamily == 'RedHat') and ($::operatingsystemrelease !~ /^7/) { - file { '/etc/sysconfig/pgsql/postgresql': - ensure => present, - replace => false, - } - } - } else { - file { $pg_hba_conf_path: - ensure => absent, - } - file { $postgresql_conf_path: - ensure => absent, - } - } -} diff --git a/modules/postgresql/manifests/server/config_entry.pp b/modules/postgresql/manifests/server/config_entry.pp deleted file mode 100644 index a730f60..0000000 --- a/modules/postgresql/manifests/server/config_entry.pp +++ /dev/null @@ -1,93 +0,0 @@ -# Manage a postgresql.conf entry. See README.md for more details. -define postgresql::server::config_entry ( - $ensure = 'present', - $value = undef, - $path = false -) { - $postgresql_conf_path = $postgresql::server::postgresql_conf_path - - $target = $path ? { - false => $postgresql_conf_path, - default => $path, - } - - Exec { - logoutput => 'on_failure', - } - - case $name { - /data_directory|hba_file|ident_file|include|listen_addresses|port|max_connections|superuser_reserved_connections|unix_socket_directory|unix_socket_group|unix_socket_permissions|bonjour|bonjour_name|ssl|ssl_ciphers|shared_buffers|max_prepared_transactions|max_files_per_process|shared_preload_libraries|wal_level|wal_buffers|archive_mode|max_wal_senders|hot_standby|logging_collector|silent_mode|track_activity_query_size|autovacuum_max_workers|autovacuum_freeze_max_age|max_locks_per_transaction|max_pred_locks_per_transaction|restart_after_crash|lc_messages|lc_monetary|lc_numeric|lc_time/: { - Postgresql_conf { - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } - } - - default: { - Postgresql_conf { - notify => Class['postgresql::server::reload'], - } - } - } - - # We have to handle ports in a weird and special way. On Redhat we either - # have to create a systemd override for the port or update the sysconfig - # file. - if $::osfamily == 'RedHat' { - if $::operatingsystemrelease =~ /^7/ { - if $name == 'port' { - file { 'systemd-port-override': - ensure => present, - path => '/etc/systemd/system/postgresql.service', - owner => root, - group => root, - content => template('postgresql/systemd-port-override.erb'), - notify => [ Exec['restart-systemd'], Class['postgresql::server::service'] ], - before => Class['postgresql::server::reload'], - } - exec { 'restart-systemd': - command => 'systemctl daemon-reload', - refreshonly => true, - path => '/bin:/usr/bin:/usr/local/bin' - } - } - } else { - if $name == 'port' { - # We need to force postgresql to stop before updating the port - # because puppet becomes confused and is unable to manage the - # service appropriately. - exec { 'postgresql_stop': - command => "service ${::postgresql::server::service_name} stop", - onlyif => "service ${::postgresql::server::service_name} status", - unless => "grep 'PGPORT=${value}' /etc/sysconfig/pgsql/postgresql", - path => '/sbin:/bin:/usr/bin:/usr/local/bin', - require => File['/etc/sysconfig/pgsql/postgresql'], - } -> - augeas { 'override PGPORT in /etc/sysconfig/pgsql/postgresql': - lens => 'Shellvars.lns', - incl => '/etc/sysconfig/pgsql/*', - context => '/files/etc/sysconfig/pgsql/postgresql', - changes => "set PGPORT ${value}", - require => File['/etc/sysconfig/pgsql/postgresql'], - notify => Class['postgresql::server::service'], - before => Class['postgresql::server::reload'], - } - } - } - } - - case $ensure { - /present|absent/: { - postgresql_conf { $name: - ensure => $ensure, - target => $target, - value => $value, - require => Class['postgresql::server::initdb'], - } - } - - default: { - fail("Unknown value for ensure '${ensure}'.") - } - } -} diff --git a/modules/postgresql/manifests/server/contrib.pp b/modules/postgresql/manifests/server/contrib.pp deleted file mode 100644 index fe6309e..0000000 --- a/modules/postgresql/manifests/server/contrib.pp +++ /dev/null @@ -1,27 +0,0 @@ -# Install the contrib postgresql packaging. See README.md for more details. -class postgresql::server::contrib ( - $package_name = $postgresql::params::contrib_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - validate_string($package_name) - - package { 'postgresql-contrib': - ensure => $package_ensure, - name => $package_name, - tag => 'postgresql', - } - - if($package_ensure == 'present' or $package_ensure == true) { - anchor { 'postgresql::server::contrib::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-contrib']-> - Class['postgresql::server::service']-> - anchor { 'postgresql::server::contrib::end': } - } else { - anchor { 'postgresql::server::contrib::start': }-> - Class['postgresql::server::service']-> - Package['postgresql-contrib']-> - Class['postgresql::server::install']-> - anchor { 'postgresql::server::contrib::end': } - } -} diff --git a/modules/postgresql/manifests/server/database.pp b/modules/postgresql/manifests/server/database.pp deleted file mode 100644 index 1a5e620..0000000 --- a/modules/postgresql/manifests/server/database.pp +++ /dev/null @@ -1,83 +0,0 @@ -# Define for creating a database. See README.md for more details. -define postgresql::server::database( - $dbname = $title, - $owner = $postgresql::server::user, - $tablespace = undef, - $template = 'template0', - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $istemplate = false -) { - $createdb_path = $postgresql::server::createdb_path - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $port = $postgresql::server::port - $version = $postgresql::server::version - $default_db = $postgresql::server::default_database - - # Set the defaults for the postgresql_psql resource - Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, - } - - # Optionally set the locale switch. Older versions of createdb may not accept - # --locale, so if the parameter is undefined its safer not to pass it. - if ($version != '8.1') { - $locale_option = $locale ? { - undef => '', - default => "--locale=${locale} ", - } - $public_revoke_privilege = 'CONNECT' - } else { - $locale_option = '' - $public_revoke_privilege = 'ALL' - } - - $encoding_option = $encoding ? { - undef => '', - default => "--encoding '${encoding}' ", - } - - $tablespace_option = $tablespace ? { - undef => '', - default => "--tablespace='${tablespace}' ", - } - - $createdb_command = "${createdb_path} --port='${port}' --owner='${owner}' --template=${template} ${encoding_option}${locale_option}${tablespace_option} '${dbname}'" - - postgresql_psql { "Check for existence of db '${dbname}'": - command => 'SELECT 1', - unless => "SELECT datname FROM pg_database WHERE datname='${dbname}'", - db => $default_db, - port => $port, - require => Class['postgresql::server::service'] - }~> - exec { $createdb_command : - refreshonly => true, - user => $user, - logoutput => on_failure, - }~> - - # This will prevent users from connecting to the database unless they've been - # granted privileges. - postgresql_psql {"REVOKE ${public_revoke_privilege} ON DATABASE \"${dbname}\" FROM public": - db => $default_db, - port => $port, - refreshonly => true, - } - - Exec [ $createdb_command ]-> - postgresql_psql {"UPDATE pg_database SET datistemplate = ${istemplate} WHERE datname = '${dbname}'": - unless => "SELECT datname FROM pg_database WHERE datname = '${dbname}' AND datistemplate = ${istemplate}", - db => $default_db, - } - - # Build up dependencies on tablespace - if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Exec[$createdb_command] - } -} diff --git a/modules/postgresql/manifests/server/database_grant.pp b/modules/postgresql/manifests/server/database_grant.pp deleted file mode 100644 index 5973144..0000000 --- a/modules/postgresql/manifests/server/database_grant.pp +++ /dev/null @@ -1,18 +0,0 @@ -# Manage a database grant. See README.md for more details. -define postgresql::server::database_grant( - $privilege, - $db, - $role, - $psql_db = undef, - $psql_user = undef -) { - postgresql::server::grant { "database:${name}": - role => $role, - db => $db, - privilege => $privilege, - object_type => 'DATABASE', - object_name => $db, - psql_db => $psql_db, - psql_user => $psql_user, - } -} diff --git a/modules/postgresql/manifests/server/db.pp b/modules/postgresql/manifests/server/db.pp deleted file mode 100644 index afafc41..0000000 --- a/modules/postgresql/manifests/server/db.pp +++ /dev/null @@ -1,44 +0,0 @@ -# Define for conveniently creating a role, database and assigning the correct -# permissions. See README.md for more details. -define postgresql::server::db ( - $user, - $password, - $dbname = $title, - $encoding = $postgresql::server::encoding, - $locale = $postgresql::server::locale, - $grant = 'ALL', - $tablespace = undef, - $template = 'template0', - $istemplate = false, - $owner = undef -) { - - if ! defined(Postgresql::Server::Database[$dbname]) { - postgresql::server::database { $dbname: - encoding => $encoding, - tablespace => $tablespace, - template => $template, - locale => $locale, - istemplate => $istemplate, - owner => $owner, - } - } - - if ! defined(Postgresql::Server::Role[$user]) { - postgresql::server::role { $user: - password_hash => $password, - } - } - - if ! defined(Postgresql::Server::Database_grant["GRANT ${user} - ${grant} - ${dbname}"]) { - postgresql::server::database_grant { "GRANT ${user} - ${grant} - ${dbname}": - privilege => $grant, - db => $dbname, - role => $user, - } - } - - if($tablespace != undef and defined(Postgresql::Server::Tablespace[$tablespace])) { - Postgresql::Server::Tablespace[$tablespace]->Postgresql::Server::Database[$name] - } -} diff --git a/modules/postgresql/manifests/server/firewall.pp b/modules/postgresql/manifests/server/firewall.pp deleted file mode 100644 index 4564048..0000000 --- a/modules/postgresql/manifests/server/firewall.pp +++ /dev/null @@ -1,21 +0,0 @@ -# PRIVATE CLASS: do not use directly -class postgresql::server::firewall { - $ensure = $postgresql::server::ensure - $manage_firewall = $postgresql::server::manage_firewall - $firewall_supported = $postgresql::server::firewall_supported - $port = $postgresql::server::port - - if ($manage_firewall and $firewall_supported) { - if ($ensure == 'present' or $ensure == true) { - firewall { "$port accept - postgres": - port => $port, - proto => 'tcp', - action => 'accept', - } - } else { - firewall { "$port accept - postgres": - ensure => absent, - } - } - } -} diff --git a/modules/postgresql/manifests/server/grant.pp b/modules/postgresql/manifests/server/grant.pp deleted file mode 100644 index 54bf8c7..0000000 --- a/modules/postgresql/manifests/server/grant.pp +++ /dev/null @@ -1,87 +0,0 @@ -# Define for granting permissions to roles. See README.md for more details. -define postgresql::server::grant ( - $role, - $db, - $privilege = undef, - $object_type = 'database', - $object_name = $db, - $psql_db = $postgresql::server::default_database, - $psql_user = $postgresql::server::user, - $port = $postgresql::server::port -) { - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - - ## Munge the input values - $_object_type = upcase($object_type) - $_privilege = upcase($privilege) - - ## Validate that the object type is known - validate_string($_object_type, - #'COLUMN', - 'DATABASE', - #'FOREIGN SERVER', - #'FOREIGN DATA WRAPPER', - #'FUNCTION', - #'PROCEDURAL LANGUAGE', - #'SCHEMA', - #'SEQUENCE', - 'TABLE', - #'TABLESPACE', - #'VIEW', - ) - - ## Validate that the object type's privilege is acceptable - # TODO: this is a terrible hack; if they pass "ALL" as the desired privilege, - # we need a way to test for it--and has_database_privilege does not - # recognize 'ALL' as a valid privilege name. So we probably need to - # hard-code a mapping between 'ALL' and the list of actual privileges that - # it entails, and loop over them to check them. That sort of thing will - # probably need to wait until we port this over to ruby, so, for now, we're - # just going to assume that if they have "CREATE" privileges on a database, - # then they have "ALL". (I told you that it was terrible!) - case $_object_type { - 'DATABASE': { - $unless_privilege = $_privilege ? { - 'ALL' => 'CREATE', - default => $_privilege, - } - validate_string($unless_privilege,'CREATE','CONNECT','TEMPORARY','TEMP', - 'ALL','ALL PRIVILEGES') - $unless_function = 'has_database_privilege' - $on_db = $psql_db - } - 'TABLE': { - $unless_privilege = $_privilege ? { - 'ALL' => 'INSERT', - default => $_privilege, - } - validate_string($unless_privilege,'SELECT','INSERT','UPDATE','DELETE', - 'TRUNCATE','REFERENCES','TRIGGER','ALL','ALL PRIVILEGES') - $unless_function = 'has_table_privilege' - $on_db = $db - } - default: { - fail("Missing privilege validation for object type ${_object_type}") - } - } - - $grant_cmd = "GRANT ${_privilege} ON ${_object_type} \"${object_name}\" TO \"${role}\"" - postgresql_psql { $grant_cmd: - db => $on_db, - port => $port, - psql_user => $psql_user, - psql_group => $group, - psql_path => $psql_path, - unless => "SELECT 1 WHERE ${unless_function}('${role}', '${object_name}', '${unless_privilege}')", - require => Class['postgresql::server'] - } - - if($role != undef and defined(Postgresql::Server::Role[$role])) { - Postgresql::Server::Role[$role]->Postgresql_psql[$grant_cmd] - } - - if($db != undef and defined(Postgresql::Server::Database[$db])) { - Postgresql::Server::Database[$db]->Postgresql_psql[$grant_cmd] - } -} diff --git a/modules/postgresql/manifests/server/initdb.pp b/modules/postgresql/manifests/server/initdb.pp deleted file mode 100644 index a56f19c..0000000 --- a/modules/postgresql/manifests/server/initdb.pp +++ /dev/null @@ -1,76 +0,0 @@ -# PRIVATE CLASS: do not call directly -class postgresql::server::initdb { - $ensure = $postgresql::server::ensure - $needs_initdb = $postgresql::server::needs_initdb - $initdb_path = $postgresql::server::initdb_path - $datadir = $postgresql::server::datadir - $xlogdir = $postgresql::server::xlogdir - $encoding = $postgresql::server::encoding - $locale = $postgresql::server::locale - $group = $postgresql::server::group - $user = $postgresql::server::user - - if($ensure == 'present' or $ensure == true) { - # Make sure the data directory exists, and has the correct permissions. - file { $datadir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - } - - if($xlogdir) { - # Make sure the xlog directory exists, and has the correct permissions. - file { $xlogdir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - } - } - - if($needs_initdb) { - # Build up the initdb command. - # - # We optionally add the locale switch if specified. Older versions of the - # initdb command don't accept this switch. So if the user didn't pass the - # parameter, lets not pass the switch at all. - $ic_base = "${initdb_path} --encoding '${encoding}' --pgdata '${datadir}'" - $ic_xlog = $xlogdir ? { - undef => $ic_base, - default => "${ic_base} --xlogdir '${xlogdir}'" - } - $initdb_command = $locale ? { - undef => $ic_xlog, - default => "${ic_xlog} --locale '${locale}'" - } - - # This runs the initdb command, we use the existance of the PG_VERSION - # file to ensure we don't keep running this command. - exec { 'postgresql_initdb': - command => $initdb_command, - creates => "${datadir}/PG_VERSION", - user => $user, - group => $group, - logoutput => on_failure, - require => File[$datadir], - } - } - } else { - # Purge data directory if ensure => absent - file { $datadir: - ensure => absent, - recurse => true, - force => true, - } - - if($xlogdir) { - # Make sure the xlog directory exists, and has the correct permissions. - file { $xlogdir: - ensure => absent, - recurse => true, - force => true, - } - } - } -} diff --git a/modules/postgresql/manifests/server/install.pp b/modules/postgresql/manifests/server/install.pp deleted file mode 100644 index 1ac55f4..0000000 --- a/modules/postgresql/manifests/server/install.pp +++ /dev/null @@ -1,49 +0,0 @@ -# PRIVATE CLASS: do not call directly -class postgresql::server::install { - $package_ensure = $postgresql::server::package_ensure - $package_name = $postgresql::server::package_name - $client_package_name = $postgresql::server::client_package_name - - # This is necessary to ensure that the extra client package that was - # installed automatically by the server package is removed and all - # of its dependencies are removed also. Without this later installation - # of the native Ubuntu packages will fail. - if($::operatingsystem == 'Ubuntu' and $package_ensure == 'absent') { - # This is an exec, because we want to invoke autoremove. - # - # An alternative would be to have a full list of packages, but that seemed - # more problematic to maintain, not to mention the conflict with the - # client class will create duplicate resources. - exec { 'apt-get-autoremove-postgresql-client-XX': - command => "apt-get autoremove --purge --yes ${client_package_name}", - onlyif => "dpkg -l ${client_package_name} | grep -e '^ii'", - logoutput => on_failure, - path => '/usr/bin:/bin:/usr/sbin/:/sbin', - } - - # This will clean up anything we miss - exec { 'apt-get-autoremove-postgresql-client-brute': - command => 'dpkg -P postgresql*', - onlyif => "dpkg -l postgresql* | grep -e '^ii'", - logoutput => on_failure, - path => '/usr/bin:/bin:/usr/sbin/:/sbin', - } - } - - $_package_ensure = $package_ensure ? { - true => 'present', - false => 'purged', - 'absent' => 'purged', - default => $package_ensure, - } - - package { 'postgresql-server': - ensure => $_package_ensure, - name => $package_name, - - # This is searched for to create relationships with the package repos, be - # careful about its removal - tag => 'postgresql', - } - -} diff --git a/modules/postgresql/manifests/server/passwd.pp b/modules/postgresql/manifests/server/passwd.pp deleted file mode 100644 index 5777b03..0000000 --- a/modules/postgresql/manifests/server/passwd.pp +++ /dev/null @@ -1,35 +0,0 @@ -# PRIVATE CLASS: do not call directly -class postgresql::server::passwd { - $ensure = $postgresql::server::ensure - $postgres_password = $postgresql::server::postgres_password - $user = $postgresql::server::user - $group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - - if($ensure == 'present' or $ensure == true) { - if ($postgres_password != undef) { - # NOTE: this password-setting logic relies on the pg_hba.conf being - # configured to allow the postgres system user to connect via psql - # without specifying a password ('ident' or 'trust' security). This is - # the default for pg_hba.conf. - $escaped = postgresql_escape($postgres_password) - $env = "env PGPASSWORD='${postgres_password}'" - exec { 'set_postgres_postgrespw': - # This command works w/no password because we run it as postgres system - # user - command => "${psql_path} -c 'ALTER ROLE \"${user}\" PASSWORD ${escaped}'", - user => $user, - group => $group, - logoutput => true, - cwd => '/tmp', - # With this command we're passing -h to force TCP authentication, which - # does require a password. We specify the password via the PGPASSWORD - # environment variable. If the password is correct (current), this - # command will exit with an exit code of 0, which will prevent the main - # command from running. - unless => "${env} ${psql_path} -h localhost -c 'select 1' > /dev/null", - path => '/usr/bin:/usr/local/bin:/bin', - } - } - } -} diff --git a/modules/postgresql/manifests/server/pg_hba_rule.pp b/modules/postgresql/manifests/server/pg_hba_rule.pp deleted file mode 100644 index ea300d1..0000000 --- a/modules/postgresql/manifests/server/pg_hba_rule.pp +++ /dev/null @@ -1,52 +0,0 @@ -# This resource manages an individual rule that applies to the file defined in -# $target. See README.md for more details. -define postgresql::server::pg_hba_rule( - $type, - $database, - $user, - $auth_method, - $address = undef, - $description = 'none', - $auth_option = undef, - $order = '150', - - # Needed for testing primarily, support for multiple files is not really - # working. - $target = $postgresql::server::pg_hba_conf_path -) { - - if $postgresql::server::manage_pg_hba_conf == false { - fail('postgresql::server::manage_pg_hba_conf has been disabled, so this resource is now unused and redundant, either enable that option or remove this resource from your manifests') - } else { - validate_re($type, '^(local|host|hostssl|hostnossl)$', - "The type you specified [${type}] must be one of: local, host, hostssl, hostnosssl") - - if($type =~ /^host/ and $address == undef) { - fail('You must specify an address property when type is host based') - } - - $allowed_auth_methods = $postgresql::server::version ? { - '9.3' => ['trust', 'reject', 'md5', 'sha1', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], - '9.2' => ['trust', 'reject', 'md5', 'sha1', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], - '9.1' => ['trust', 'reject', 'md5', 'sha1', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam'], - '9.0' => ['trust', 'reject', 'md5', 'sha1', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'radius', 'cert', 'pam'], - '8.4' => ['trust', 'reject', 'md5', 'sha1', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'cert', 'pam'], - '8.3' => ['trust', 'reject', 'md5', 'sha1', 'crypt', 'password', 'gss', 'sspi', 'krb5', 'ident', 'ldap', 'pam'], - '8.2' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'ldap', 'pam'], - '8.1' => ['trust', 'reject', 'md5', 'crypt', 'password', 'krb5', 'ident', 'pam'], - default => ['trust', 'reject', 'md5', 'password', 'gss', 'sspi', 'krb5', 'ident', 'peer', 'ldap', 'radius', 'cert', 'pam', 'crypt'] - } - - $auth_method_regex = join(['^(', join($allowed_auth_methods, '|'), ')$'],'') - validate_re($auth_method, $auth_method_regex, - join(["The auth_method you specified [${auth_method}] must be one of: ", join($allowed_auth_methods, ', ')],'')) - - # Create a rule fragment - $fragname = "pg_hba_rule_${name}" - concat::fragment { $fragname: - target => $target, - content => template('postgresql/pg_hba_rule.conf'), - order => $order, - } - } -} diff --git a/modules/postgresql/manifests/server/plperl.pp b/modules/postgresql/manifests/server/plperl.pp deleted file mode 100644 index c338f16..0000000 --- a/modules/postgresql/manifests/server/plperl.pp +++ /dev/null @@ -1,27 +0,0 @@ -# This class installs the PL/Perl procedural language for postgresql. See -# README.md for more details. -class postgresql::server::plperl( - $package_ensure = 'present', - $package_name = $postgresql::server::plperl_package_name -) { - package { 'postgresql-plperl': - ensure => $package_ensure, - name => $package_name, - tag => 'postgresql', - } - - if($package_ensure == 'present' or $package_ensure == true) { - anchor { 'postgresql::server::plperl::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-plperl']-> - Class['postgresql::server::service']-> - anchor { 'postgresql::server::plperl::end': } - } else { - anchor { 'postgresql::server::plperl::start': }-> - Class['postgresql::server::service']-> - Package['postgresql-plperl']-> - Class['postgresql::server::install']-> - anchor { 'postgresql::server::plperl::end': } - } - -} diff --git a/modules/postgresql/manifests/server/postgis.pp b/modules/postgresql/manifests/server/postgis.pp deleted file mode 100644 index cb0c2ac..0000000 --- a/modules/postgresql/manifests/server/postgis.pp +++ /dev/null @@ -1,32 +0,0 @@ -# Install the postgis postgresql packaging. See README.md for more details. -class postgresql::server::postgis ( - $package_name = $postgresql::params::postgis_package_name, - $package_ensure = 'present' -) inherits postgresql::params { - validate_string($package_name) - - package { 'postgresql-postgis': - ensure => $package_ensure, - name => $package_name, - tag => 'postgresql', - } - - if($package_ensure == 'present' or $package_ensure == true) { - anchor { 'postgresql::server::postgis::start': }-> - Class['postgresql::server::install']-> - Package['postgresql-postgis']-> - Class['postgresql::server::service']-> - anchor { 'postgresql::server::postgis::end': } - - if $postgresql::globals::manage_package_repo { - Class['postgresql::repo'] -> - Package['postgresql-postgis'] - } - } else { - anchor { 'postgresql::server::postgis::start': }-> - Class['postgresql::server::service']-> - Package['postgresql-postgis']-> - Class['postgresql::server::install']-> - anchor { 'postgresql::server::postgis::end': } - } -} diff --git a/modules/postgresql/manifests/server/reload.pp b/modules/postgresql/manifests/server/reload.pp deleted file mode 100644 index 8da5d20..0000000 --- a/modules/postgresql/manifests/server/reload.pp +++ /dev/null @@ -1,16 +0,0 @@ -# PRIVATE CLASS: do not use directly -class postgresql::server::reload { - $ensure = $postgresql::server::ensure - $service_name = $postgresql::server::service_name - $service_status = $postgresql::server::service_status - - if($ensure == 'present' or $ensure == true) { - exec { 'postgresql_reload': - path => '/usr/bin:/usr/sbin:/bin:/sbin', - command => "service ${service_name} reload", - onlyif => $service_status, - refreshonly => true, - require => Class['postgresql::server::service'], - } - } -} diff --git a/modules/postgresql/manifests/server/role.pp b/modules/postgresql/manifests/server/role.pp deleted file mode 100644 index 8150413..0000000 --- a/modules/postgresql/manifests/server/role.pp +++ /dev/null @@ -1,93 +0,0 @@ -# Define for creating a database role. See README.md for more information -define postgresql::server::role( - $password_hash = false, - $createdb = false, - $createrole = false, - $db = $postgresql::server::default_database, - $port = $postgresql::server::port, - $login = true, - $inherit = true, - $superuser = false, - $replication = false, - $connection_limit = '-1', - $username = $title -) { - $psql_user = $postgresql::server::user - $psql_group = $postgresql::server::group - $psql_path = $postgresql::server::psql_path - $version = $postgresql::server::version - - $login_sql = $login ? { true => 'LOGIN', default => 'NOLOGIN' } - $inherit_sql = $inherit ? { true => 'INHERIT', default => 'NOINHERIT' } - $createrole_sql = $createrole ? { true => 'CREATEROLE', default => 'NOCREATEROLE' } - $createdb_sql = $createdb ? { true => 'CREATEDB', default => 'NOCREATEDB' } - $superuser_sql = $superuser ? { true => 'SUPERUSER', default => 'NOSUPERUSER' } - $replication_sql = $replication ? { true => 'REPLICATION', default => '' } - if ($password_hash != false) { - $password_sql = "ENCRYPTED PASSWORD '${password_hash}'" - } else { - $password_sql = '' - } - - Postgresql_psql { - db => $db, - port => $port, - psql_user => $psql_user, - psql_group => $psql_group, - psql_path => $psql_path, - require => [ Postgresql_psql["CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}"], Class['postgresql::server'] ], - } - - postgresql_psql {"CREATE ROLE \"${username}\" ${password_sql} ${login_sql} ${createrole_sql} ${createdb_sql} ${superuser_sql} ${replication_sql} CONNECTION LIMIT ${connection_limit}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}'", - require => Class['Postgresql::Server'], - } - - postgresql_psql {"ALTER ROLE \"${username}\" ${superuser_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolsuper=${superuser}", - } - - postgresql_psql {"ALTER ROLE \"${username}\" ${createdb_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcreatedb=${createdb}", - } - - postgresql_psql {"ALTER ROLE \"${username}\" ${createrole_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcreaterole=${createrole}", - } - - postgresql_psql {"ALTER ROLE \"${username}\" ${login_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolcanlogin=${login}", - } - - postgresql_psql {"ALTER ROLE \"${username}\" ${inherit_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolinherit=${inherit}", - } - - if(versioncmp($version, '9.1') >= 0) { - if $replication_sql == '' { - postgresql_psql {"ALTER ROLE \"${username}\" NOREPLICATION": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolreplication=${replication}", - } - } else { - postgresql_psql {"ALTER ROLE \"${username}\" ${replication_sql}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolreplication=${replication}", - } - } - } - - postgresql_psql {"ALTER ROLE \"${username}\" CONNECTION LIMIT ${connection_limit}": - unless => "SELECT rolname FROM pg_roles WHERE rolname='${username}' and rolconnlimit=${connection_limit}", - } - - if $password_hash { - if($password_hash =~ /^md5.+/) { - $pwd_hash_sql = $password_hash - } else { - $pwd_md5 = md5("${password_hash}${username}") - $pwd_hash_sql = "md5${pwd_md5}" - } - postgresql_psql {"ALTER ROLE \"${username}\" ${password_sql}": - unless => "SELECT usename FROM pg_shadow WHERE usename='${username}' and passwd='${pwd_hash_sql}'", - } - } -} diff --git a/modules/postgresql/manifests/server/service.pp b/modules/postgresql/manifests/server/service.pp deleted file mode 100644 index d4c81db..0000000 --- a/modules/postgresql/manifests/server/service.pp +++ /dev/null @@ -1,58 +0,0 @@ -# PRIVATE CLASS: do not call directly -class postgresql::server::service { - $ensure = $postgresql::server::ensure - $service_ensure = $postgresql::server::service_ensure - $service_name = $postgresql::server::service_name - $service_provider = $postgresql::server::service_provider - $service_status = $postgresql::server::service_status - $user = $postgresql::server::user - $port = $postgresql::server::port - $default_database = $postgresql::server::default_database - - if $service_ensure { - $real_service_ensure = $service_ensure - } else { - $real_service_ensure = $ensure ? { - present => 'running', - absent => 'stopped', - default => $ensure - } - } - - $service_enable = $ensure ? { - present => true, - absent => false, - default => $ensure - } - - anchor { 'postgresql::server::service::begin': } - - service { 'postgresqld': - ensure => $real_service_ensure, - name => $service_name, - enable => $service_enable, - provider => $service_provider, - hasstatus => true, - status => $service_status, - } - - if $real_service_ensure == 'running' { - # This blocks the class before continuing if chained correctly, making - # sure the service really is 'up' before continuing. - # - # Without it, we may continue doing more work before the database is - # prepared leading to a nasty race condition. - postgresql::validate_db_connection { 'validate_service_is_running': - run_as => $user, - database_name => $default_database, - database_port => $port, - sleep => 1, - tries => 60, - create_db_first => false, - require => Service['postgresqld'], - before => Anchor['postgresql::server::service::end'] - } - } - - anchor { 'postgresql::server::service::end': } -} diff --git a/modules/postgresql/manifests/server/table_grant.pp b/modules/postgresql/manifests/server/table_grant.pp deleted file mode 100644 index 6a50f93..0000000 --- a/modules/postgresql/manifests/server/table_grant.pp +++ /dev/null @@ -1,22 +0,0 @@ -# This resource wraps the grant resource to manage table grants specifically. -# See README.md for more details. -define postgresql::server::table_grant( - $privilege, - $table, - $db, - $role, - $port = $postgresql::server::port, - $psql_db = undef, - $psql_user = undef -) { - postgresql::server::grant { "table:${name}": - role => $role, - db => $db, - port => $port, - privilege => $privilege, - object_type => 'TABLE', - object_name => $table, - psql_db => $psql_db, - psql_user => $psql_user, - } -} diff --git a/modules/postgresql/manifests/server/tablespace.pp b/modules/postgresql/manifests/server/tablespace.pp deleted file mode 100644 index 26ff4d5..0000000 --- a/modules/postgresql/manifests/server/tablespace.pp +++ /dev/null @@ -1,44 +0,0 @@ -# This module creates tablespace. See README.md for more details. -define postgresql::server::tablespace( - $location, - $owner = undef, - $spcname = $title -) { - $user = $postgresql::server::user - $group = $postgresql::server::group - $port = $postgresql::server::port - $psql_path = $postgresql::server::psql_path - - Postgresql_psql { - psql_user => $user, - psql_group => $group, - psql_path => $psql_path, - port => $port, - } - - if ($owner == undef) { - $owner_section = '' - } else { - $owner_section = "OWNER \"${owner}\"" - } - - $create_tablespace_command = "CREATE TABLESPACE \"${spcname}\" ${owner_section} LOCATION '${location}'" - - file { $location: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', - } - - $create_ts = "Create tablespace '${spcname}'" - postgresql_psql { "Create tablespace '${spcname}'": - command => $create_tablespace_command, - unless => "SELECT spcname FROM pg_tablespace WHERE spcname='${spcname}'", - require => [Class['postgresql::server'], File[$location]], - } - - if($owner != undef and defined(Postgresql::Server::Role[$owner])) { - Postgresql::Server::Role[$owner]->Postgresql_psql[$create_ts] - } -} diff --git a/modules/postgresql/manifests/validate_db_connection.pp b/modules/postgresql/manifests/validate_db_connection.pp deleted file mode 100644 index 2514b44..0000000 --- a/modules/postgresql/manifests/validate_db_connection.pp +++ /dev/null @@ -1,75 +0,0 @@ -# This type validates that a successful postgres connection can be established -# between the node on which this resource is run and a specified postgres -# instance (host/port/user/password/database name). -# -# See README.md for more details. -define postgresql::validate_db_connection( - $database_host = undef, - $database_name = undef, - $database_password = undef, - $database_username = undef, - $database_port = undef, - $run_as = undef, - $sleep = 2, - $tries = 10, - $create_db_first = true -) { - require postgresql::client - include postgresql::params - - $psql_path = $postgresql::params::psql_path - - $cmd_init = "${psql_path} --tuples-only --quiet " - $cmd_host = $database_host ? { - default => "-h ${database_host} ", - undef => "", - } - $cmd_user = $database_username ? { - default => "-U ${database_username} ", - undef => "", - } - $cmd_port = $database_port ? { - default => "-p ${database_port} ", - undef => "", - } - $cmd_dbname = $database_name ? { - default => "--dbname ${database_name} ", - undef => "--dbname ${postgresql::params::default_database} ", - } - $env = $database_password ? { - default => "PGPASSWORD=${database_password}", - undef => undef, - } - $cmd = join([$cmd_init, $cmd_host, $cmd_user, $cmd_port, $cmd_dbname]) - $validate_cmd = "/usr/local/bin/validate_postgresql_connection.sh ${sleep} ${tries} '${cmd}'" - - # This is more of a safety valve, we add a little extra to compensate for the - # time it takes to run each psql command. - $timeout = (($sleep + 2) * $tries) - - $exec_name = "validate postgres connection for ${database_host}/${database_name}" - exec { $exec_name: - command => "echo 'Unable to connect to defined database using: ${cmd}' && false", - unless => $validate_cmd, - cwd => '/tmp', - environment => $env, - logoutput => 'on_failure', - user => $run_as, - path => '/bin:/usr/bin:/usr/local/bin', - timeout => $timeout, - require => Package['postgresql-client'], - } - - # This is a little bit of puppet magic. What we want to do here is make - # sure that if the validation and the database instance creation are being - # applied on the same machine, then the database resource is applied *before* - # the validation resource. Otherwise, the validation is guaranteed to fail - # on the first run. - # - # We accomplish this by using Puppet's resource collection syntax to search - # for the Database resource in our current catalog; if it exists, the - # appropriate relationship is created here. - if($create_db_first) { - Postgresql::Server::Database<|title == $database_name|> -> Exec[$exec_name] - } -} diff --git a/modules/postgresql/metadata.json b/modules/postgresql/metadata.json deleted file mode 100644 index 4321f7e..0000000 --- a/modules/postgresql/metadata.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "name": "puppetlabs-postgresql", - "version": "3.4.0", - "author": "Inkling/Puppet Labs", - "summary": "PostgreSQL defined resource types", - "license": "ASL 2.0", - "source": "git://github.com/puppetlabs/puppet-postgresql.git", - "project_page": "https://github.com/puppetlabs/puppet-postgresql", - "issues_url": "https://github.com/puppetlabs/puppet-postgresql/issues", - "operatingsystem_support": [ - { - "operatingsystem": "RedHat", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "CentOS", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "OracleLinux", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Scientific", - "operatingsystemrelease": [ - "5", - "6", - "7" - ] - }, - { - "operatingsystem": "Debian", - "operatingsystemrelease": [ - "6", - "7" - ] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": [ - "10.04", - "12.04", - "14.04" - ] - } - ], - "requirements": [ - { - "name": "pe", - "version_requirement": ">= 3.2.0 < 3.4.0" - }, - { - "name": "puppet", - "version_requirement": "3.x" - } - ], - "description": "PostgreSQL defined resource types", - "dependencies": [ - { - "name": "puppetlabs/stdlib", - "version_requirement": ">=3.2.0 <5.0.0" - }, - { - "name": "puppetlabs/firewall", - "version_requirement": ">= 0.0.4" - }, - { - "name": "puppetlabs/apt", - "version_requirement": ">=1.1.0 <2.0.0" - }, - { - "name": "puppetlabs/concat", - "version_requirement": ">= 1.0.0 <2.0.0" - } - ] -} diff --git a/modules/postgresql/spec/acceptance/client_spec.rb b/modules/postgresql/spec/acceptance/client_spec.rb deleted file mode 100644 index eaff526..0000000 --- a/modules/postgresql/spec/acceptance/client_spec.rb +++ /dev/null @@ -1,18 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::client:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::client': package_ensure => purged }", - :catch_failures => true) - end - - it 'test loading class with no parameters' do - pp = <<-EOS.unindent - class { 'postgresql::client': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/common_patterns_spec.rb b/modules/postgresql/spec/acceptance/common_patterns_spec.rb deleted file mode 100644 index 441da70..0000000 --- a/modules/postgresql/spec/acceptance/common_patterns_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'common patterns:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - describe 'postgresql.conf include pattern' do - after :all do - pp = <<-EOS.unindent - class { 'postgresql::server': ensure => absent } - - file { '/tmp/include.conf': - ensure => absent - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it "should support an 'include' directive at the end of postgresql.conf" do - pending('no support for include directive with centos 5/postgresql 8.1', - :if => (fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5')) - - pp = <<-EOS.unindent - class { 'postgresql::server': } - - $extras = "/etc/postgresql-include.conf" - - file { $extras: - content => 'max_connections = 123', - seltype => 'postgresql_db_t', - seluser => 'system_u', - notify => Class['postgresql::server::service'], - } - - postgresql::server::config_entry { 'include': - value => $extras, - require => File[$extras], - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="show max_connections" -t', 'postgres') do |r| - expect(r.stdout).to match(/123/) - expect(r.stderr).to eq('') - end - end - end -end diff --git a/modules/postgresql/spec/acceptance/contrib_spec.rb b/modules/postgresql/spec/acceptance/contrib_spec.rb deleted file mode 100644 index d6dbb95..0000000 --- a/modules/postgresql/spec/acceptance/contrib_spec.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::contrib:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran, remove both contrib and server as contrib - # pulls in the server based packages. - pp = <<-EOS.unindent - class { 'postgresql::server': - ensure => absent, - } - class { 'postgresql::server::contrib': - package_ensure => purged, - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'test loading class with no parameters' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - class { 'postgresql::server::contrib': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/lib/devel_spec.rb b/modules/postgresql/spec/acceptance/lib/devel_spec.rb deleted file mode 100644 index 51a5ea9..0000000 --- a/modules/postgresql/spec/acceptance/lib/devel_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::lib::devel:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::lib::devel': package_ensure => purged }", :catch_failures => true) - end - - it 'test loading class with no parameters' do - pp = <<-EOS.unindent - class { 'postgresql::lib::devel': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/lib/java_spec.rb b/modules/postgresql/spec/acceptance/lib/java_spec.rb deleted file mode 100644 index c943bed..0000000 --- a/modules/postgresql/spec/acceptance/lib/java_spec.rb +++ /dev/null @@ -1,20 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::lib::java:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::lib::java': package_ensure => purged }", :catch_failures => true) - end - - it 'test loading class with no parameters' do - pending('libpostgresql-java-jdbc not available natively for Ubuntu 10.04 and Debian 6', - :if => (fact('osfamily') == 'Debian' and ['6', '10'].include?(fact('lsbmajdistrelease')))) - - pp = <<-EOS.unindent - class { 'postgresql::lib::java': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/lib/perl_spec.rb b/modules/postgresql/spec/acceptance/lib/perl_spec.rb deleted file mode 100644 index f05b358..0000000 --- a/modules/postgresql/spec/acceptance/lib/perl_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::lib::perl:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::lib::perl': package_ensure => purged }", :catch_failures => true) - end - - it 'test loading class with no parameters' do - pp = <<-EOS.unindent - class { 'postgresql::lib::perl': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/lib/python_spec.rb b/modules/postgresql/spec/acceptance/lib/python_spec.rb deleted file mode 100644 index 173204e..0000000 --- a/modules/postgresql/spec/acceptance/lib/python_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::lib::python:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::lib::python': package_ensure => purged }", :catch_failures => true) - end - - it 'test loading class with no parameters' do - pending('psycopg2 not available natively for centos 5', :if => (fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5')) - - pp = <<-EOS.unindent - class { 'postgresql::lib::python': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/nodesets/centos-510-x64.yml b/modules/postgresql/spec/acceptance/nodesets/centos-510-x64.yml deleted file mode 100644 index 12c9e78..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/centos-510-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-510-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-510-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-510-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/centos-59-x64.yml b/modules/postgresql/spec/acceptance/nodesets/centos-59-x64.yml deleted file mode 100644 index 2ad90b8..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/centos-59-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-59-x64: - roles: - - master - platform: el-5-x86_64 - box : centos-59-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-59-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/centos-64-x64-pe.yml b/modules/postgresql/spec/acceptance/nodesets/centos-64-x64-pe.yml deleted file mode 100644 index 7d9242f..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/centos-64-x64-pe.yml +++ /dev/null @@ -1,12 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - - database - - dashboard - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: pe diff --git a/modules/postgresql/spec/acceptance/nodesets/centos-64-x64.yml b/modules/postgresql/spec/acceptance/nodesets/centos-64-x64.yml deleted file mode 100644 index 0639835..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/centos-64-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/debian-607-x64.yml b/modules/postgresql/spec/acceptance/nodesets/debian-607-x64.yml deleted file mode 100644 index 4c8be42..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/debian-607-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-607-x64: - roles: - - master - platform: debian-6-amd64 - box : debian-607-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-607-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/debian-73-x64.yml b/modules/postgresql/spec/acceptance/nodesets/debian-73-x64.yml deleted file mode 100644 index 3e31a82..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/debian-73-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - debian-73-x64: - roles: - - master - platform: debian-7-amd64 - box : debian-73-x64-virtualbox-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/default.yml b/modules/postgresql/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 0639835..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-64-x64: - roles: - - master - platform: el-6-x86_64 - box : centos-64-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml b/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml deleted file mode 100644 index 5047017..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-10044-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-10044-x64: - roles: - - master - platform: ubuntu-10.04-amd64 - box : ubuntu-server-10044-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-10044-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml b/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml deleted file mode 100644 index 1c7a34c..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-12042-x64.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-server-12042-x64: - roles: - - master - platform: ubuntu-12.04-amd64 - box : ubuntu-server-12042-x64-vbox4210-nocm - box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-server-12042-x64-vbox4210-nocm.box - hypervisor : vagrant -CONFIG: - type: git diff --git a/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml deleted file mode 100644 index 7e789c8..0000000 --- a/modules/postgresql/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml +++ /dev/null @@ -1,9 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-64 - box: puppetlabs/ubuntu-14.04-64-nocm - hypervisor : vagrant -CONFIG: - type: foss diff --git a/modules/postgresql/spec/acceptance/postgresql_psql_spec.rb b/modules/postgresql/spec/acceptance/postgresql_psql_spec.rb deleted file mode 100644 index 5c03a7a..0000000 --- a/modules/postgresql/spec/acceptance/postgresql_psql_spec.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql_psql:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should run some SQL when the unless query returns no rows' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select 1', - unless => 'select 1 where 1=2', - require => Class['postgresql::server'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_failures => true) - end - - it 'should not run SQL when the unless query returns rows' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - - postgresql_psql { 'foobar': - db => 'postgres', - psql_user => 'postgres', - command => 'select * from pg_database limit 1', - unless => 'select 1 where 1=1', - require => Class['postgresql::server'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - -end diff --git a/modules/postgresql/spec/acceptance/server/config_entry_spec.rb b/modules/postgresql/spec/acceptance/server/config_entry_spec.rb deleted file mode 100644 index 6f97f64..0000000 --- a/modules/postgresql/spec/acceptance/server/config_entry_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::config_entry:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should change setting and reflect it in show all' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - - postgresql::server::config_entry { 'check_function_bodies': - value => 'off', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="show all" postgres') do |r| - expect(r.stdout).to match(/check_function_bodies.+off/) - expect(r.stderr).to eq('') - end - end - - it 'should correctly set a quotes-required string' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - - postgresql::server::config_entry { 'log_directory': - value => '/tmp/testfile', - } - EOS - - apply_manifest(pp, :catch_failures => true) - - psql('--command="show all" postgres') do |r| - r.stdout.should =~ /log_directory.+\/tmp\/testfile/ - r.stderr.should be_empty - r.exit_code.should == 0 - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/database_grant_spec.rb b/modules/postgresql/spec/acceptance/server/database_grant_spec.rb deleted file mode 100644 index 99ce44d..0000000 --- a/modules/postgresql/spec/acceptance/server/database_grant_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::database_grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should grant access so a user can create objects in a database' do - begin - pp = <<-EOS.unindent - $db = 'postgres' - $user = 'psql_grant_tester' - $password = 'psql_grant_pw' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: } - - postgresql::server::database_grant { 'grant create test': - privilege => 'CREATE', - db => $db, - role => $user, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Check that the user can create a table in the database - psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r| - expect(r.stdout).to match(/CREATE TABLE/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop table foo" postgres', 'psql_grant_tester') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/database_spec.rb b/modules/postgresql/spec/acceptance/server/database_spec.rb deleted file mode 100644 index 4087b08..0000000 --- a/modules/postgresql/spec/acceptance/server/database_spec.rb +++ /dev/null @@ -1,54 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::database:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should idempotently create a db that we can connect to' do - begin - pp = <<-EOS.unindent - $db = 'postgresql_test_db' - class { 'postgresql::server': } - - postgresql::server::database { $db: } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" postgresql_test_db') do |r| - expect(r.stdout).to match(/postgresql_test_db/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database postgresql_test_db" postgres') - end - end -end - -describe 'postgresql::server::database: alternate port', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should idempotently create a db on a non-default port that we can connect to' do - begin - pp = <<-EOS.unindent - $db = 'postgresql_test_db' - class { 'postgresql::server': - port => 5433, - } - - postgresql::server::database { $db: } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" --port=5433 postgresql_test_db') do |r| - expect(r.stdout).to match(/postgresql_test_db/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database postgresql_test_db" --port=5433 postgres') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/db_spec.rb b/modules/postgresql/spec/acceptance/server/db_spec.rb deleted file mode 100644 index f14578c..0000000 --- a/modules/postgresql/spec/acceptance/server/db_spec.rb +++ /dev/null @@ -1,164 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::db', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should idempotently create a db that we can connect to' do - begin - pp = <<-EOS.unindent - $db = 'postgresql_test_db' - class { 'postgresql::server': } - - postgresql::server::db { $db: - user => $db, - password => postgresql_password($db, $db), - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" postgresql_test_db') do |r| - expect(r.stdout).to match(/postgresql_test_db/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database postgresql_test_db" postgres') - end - end - - it 'should take a locale parameter' do - pending('no support for locale parameter with centos 5', :if => (fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5')) - begin - pp = <<-EOS.unindent - class { 'postgresql::server': } - postgresql::server::db { 'test1': - user => 'test1', - password => postgresql_password('test1', 'test1'), - encoding => 'UTF8', - locale => 'en_NG.UTF-8', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('-c "show lc_ctype" test1') do |r| - expect(r.stdout).to match(/en_NG/) - end - - psql('-c "show lc_collate" test1') do |r| - expect(r.stdout).to match(/en_NG/) - end - ensure - psql('--command="drop database test1" postgres') - end - end - - it 'should take an istemplate parameter' do - begin - pp = <<-EOS.unindent - $db = 'template2' - class { 'postgresql::server': } - - postgresql::server::db { $db: - user => $db, - password => postgresql_password($db, $db), - istemplate => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" template2') do |r| - expect(r.stdout).to match(/template2/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database template2" postgres', 'postgres', [1,2]) do |r| - expect(r.stdout).to eq('') - expect(r.stderr).to match(/cannot drop a template database/) - end - end - end - - it 'should update istemplate parameter' do - begin - pp = <<-EOS.unindent - $db = 'template2' - class { 'postgresql::server': } - - postgresql::server::db { $db: - user => $db, - password => postgresql_password($db, $db), - istemplate => false, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" template2') do |r| - expect(r.stdout).to match(/template2/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database template2" postgres') - end - end - - it 'should take a template parameter' do - begin - pp = <<-EOS.unindent - $db = 'postgresql_test_db' - class { 'postgresql::server': } - - postgresql::server::db { $db: - user => $db, - template => 'template1', - password => postgresql_password($db, $db), - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" postgresql_test_db') do |r| - expect(r.stdout).to match(/postgresql_test_db/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database postgresql_test_db" postgres') - end - end - - it 'should take a dbname parameter' do - begin - pp = <<-EOS.unindent - $db = 'postgresql_test_db' - $dbname = 'postgresql_testtest_db' - class { 'postgresql::server': } - - postgresql::server::db { $db: - dbname => $dbname, - user => $db, - password => postgresql_password($db, $db), - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - psql('--command="select datname from pg_database" postgresql_testtest_db') do |r| - expect(r.stdout).to match(/postgresql_testtest_db/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop database postgresql_testtest_db" postgres') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/grant_spec.rb b/modules/postgresql/spec/acceptance/server/grant_spec.rb deleted file mode 100644 index d34523a..0000000 --- a/modules/postgresql/spec/acceptance/server/grant_spec.rb +++ /dev/null @@ -1,49 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should grant access so a user can create in a database' do - begin - pp = <<-EOS.unindent - $db = 'postgres' - $user = 'psql_grant_tester' - $password = 'psql_grant_pw' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: } - - postgresql::server::grant { 'grant create test': - object_type => 'database', - privilege => 'CREATE', - db => $db, - role => $user, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Check that the user can create a table in the database - psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r| - expect(r.stdout).to match(/CREATE TABLE/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop table foo" postgres', 'psql_grant_tester') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/pg_hba_rule_spec.rb b/modules/postgresql/spec/acceptance/server/pg_hba_rule_spec.rb deleted file mode 100644 index bbc8e94..0000000 --- a/modules/postgresql/spec/acceptance/server/pg_hba_rule_spec.rb +++ /dev/null @@ -1,72 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::pg_hba_rule:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should create a ruleset in pg_hba.conf' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - postgresql::server::pg_hba_rule { "allow application network to access app database": - type => "host", - database => "app", - user => "app", - address => "200.1.2.0/24", - auth_method => md5, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_failures => true) - - shell("grep '200.1.2.0/24' /etc/postgresql/*/*/pg_hba.conf || grep '200.1.2.0/24' /var/lib/pgsql/data/pg_hba.conf") - end - - it 'should create a ruleset in pg_hba.conf that denies db access to db test1' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - - postgresql::server::db { "test1": - user => "test1", - password => postgresql_password('test1', 'test1'), - grant => "all", - } - - postgresql::server::pg_hba_rule { "allow anyone to have access to db test1": - type => "local", - database => "test1", - user => "test1", - auth_method => reject, - order => '001', - } - - user { "test1": - shell => "/bin/bash", - managehome => true, - } - EOS - - apply_manifest(pp, :catch_failures => true) - - shell('su - test1 -c \'psql -U test1 -c "\q" test1\'', :acceptable_exit_codes => [2]) - end - - it 'should fail catalogue if postgresql::server::manage_pga_conf is disabled' do - pp = <<-EOS.unindent - class { 'postgresql::server': - manage_pg_hba_conf => false, - } - postgresql::server::pg_hba_rule { 'foo': - type => "local", - database => "test1", - user => "test1", - auth_method => reject, - order => '001', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end -end diff --git a/modules/postgresql/spec/acceptance/server/plperl_spec.rb b/modules/postgresql/spec/acceptance/server/plperl_spec.rb deleted file mode 100644 index 7331284..0000000 --- a/modules/postgresql/spec/acceptance/server/plperl_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'server plperl:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - pp = <<-EOS.unindent - class { 'postgresql::server': ensure => absent } - class { 'postgresql::server::plperl': package_ensure => purged } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'test loading class with no parameters' do - pending('no support for plperl with default version on centos 5', - :if => (fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5')) - pp = <<-EOS.unindent - class { 'postgresql::server': } - class { 'postgresql::server::plperl': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end -end diff --git a/modules/postgresql/spec/acceptance/server/role_spec.rb b/modules/postgresql/spec/acceptance/server/role_spec.rb deleted file mode 100644 index c2bd452..0000000 --- a/modules/postgresql/spec/acceptance/server/role_spec.rb +++ /dev/null @@ -1,116 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::role:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should idempotently create a user who can log in' do - pp = <<-EOS.unindent - $user = "postgresql_test_user" - $password = "postgresql_test_password" - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - EOS - - apply_manifest(pp, :catch_failures => true) - - # Check that the user can log in - psql('--command="select datname from pg_database" postgres', 'postgresql_test_user') do |r| - expect(r.stdout).to match(/template1/) - expect(r.stderr).to eq('') - end - end - - it 'should idempotently alter a user who can log in' do - pp = <<-EOS.unindent - $user = "postgresql_test_user" - $password = "postgresql_test_password2" - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Check that the user can log in - psql('--command="select datname from pg_database" postgres', 'postgresql_test_user') do |r| - expect(r.stdout).to match(/template1/) - expect(r.stderr).to eq('') - end - end - - it 'should idempotently create a user with a cleartext password' do - pp = <<-EOS.unindent - $user = "postgresql_test_user2" - $password = "postgresql_test_password2" - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => $password, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Check that the user can log in - psql('--command="select datname from pg_database" postgres', 'postgresql_test_user2') do |r| - expect(r.stdout).to match(/template1/) - expect(r.stderr).to eq('') - end - end - - it 'should idempotently create a user with noinherit' do - pp = <<-EOS.unindent - $user = "postgresql_test_noinherit" - $password = "postgresql_test_noinherit" - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => $password, - inherit => false, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Check that the user has noinherit set - psql('--command="select rolname from pg_roles where not rolinherit" postgres', 'postgresql_test_noinherit') do |r| - expect(r.stdout).to match(/postgresql_test_noinherit/) - expect(r.stderr).to eq('') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/table_grant_spec.rb b/modules/postgresql/spec/acceptance/server/table_grant_spec.rb deleted file mode 100644 index 6a779d9..0000000 --- a/modules/postgresql/spec/acceptance/server/table_grant_spec.rb +++ /dev/null @@ -1,124 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::table_grant:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should grant all accesses to a user' do - begin - pp = <<-EOS.unindent - $db = 'table_grant' - $user = 'psql_grant_tester' - $password = 'psql_table_pw' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: } - - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - order => 1, - } - - postgresql_psql { 'Create testing table': - command => 'CREATE TABLE "test_table" (field integer NOT NULL)', - db => $db, - unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'", - require => Postgresql::Server::Database[$db], - } - - postgresql::server::table_grant { 'grant insert test': - privilege => 'ALL', - table => 'test_table', - db => $db, - role => $user, - require => Postgresql_psql['Create testing table'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - ## Check that the user can create a table in the database - psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r| - expect(r.stdout).to match(/CREATE TABLE/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop table foo" postgres', 'psql_grant_tester') - end - end - - it 'should grant access so a user can insert in a table' do - begin - pp = <<-EOS.unindent - $db = 'table_grant' - $user = 'psql_grant_tester' - $password = 'psql_table_pw' - - class { 'postgresql::server': } - - # Since we are not testing pg_hba or any of that, make a local user for ident auth - user { $user: - ensure => present, - } - - postgresql::server::role { $user: - password_hash => postgresql_password($user, $password), - } - - postgresql::server::database { $db: } - - # Create a rule for the user - postgresql::server::pg_hba_rule { "allow ${user}": - type => 'local', - database => $db, - user => $user, - auth_method => 'ident', - order => 1, - } - - postgresql_psql { 'Create testing table': - command => 'CREATE TABLE "test_table" (field integer NOT NULL)', - db => $db, - unless => "SELECT * FROM pg_tables WHERE tablename = 'test_table'", - require => Postgresql::Server::Database[$db], - } - - postgresql::server::table_grant { 'grant insert test': - privilege => 'INSERT', - table => 'test_table', - db => $db, - role => $user, - require => Postgresql_psql['Create testing table'], - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - ## Check that the user can create a table in the database - psql('--command="create table foo (foo int)" postgres', 'psql_grant_tester') do |r| - expect(r.stdout).to match(/CREATE TABLE/) - expect(r.stderr).to eq('') - end - ensure - psql('--command="drop table foo" postgres', 'psql_grant_tester') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server/tablespace_spec.rb b/modules/postgresql/spec/acceptance/server/tablespace_spec.rb deleted file mode 100644 index c633d6d..0000000 --- a/modules/postgresql/spec/acceptance/server/tablespace_spec.rb +++ /dev/null @@ -1,67 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::server::tablespace:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should idempotently create tablespaces and databases that are using them' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - - file { '/tmp/postgres/pg_tablespaces': - ensure => 'directory', - owner => 'postgres', - group => 'postgres', - mode => '0700', - } - - postgresql::server::tablespace { 'tablespace1': - location => '/tmp/postgres/pg_tablespaces/space1', - } - postgresql::server::database { 'tablespacedb1': - encoding => 'utf8', - tablespace => 'tablespace1', - } - postgresql::server::db { 'tablespacedb2': - user => 'dbuser2', - password => postgresql_password('dbuser2', 'dbuser2'), - tablespace => 'tablespace1', - } - - postgresql::server::role { 'spcuser': - password_hash => postgresql_password('spcuser', 'spcuser'), - } - postgresql::server::tablespace { 'tablespace2': - location => '/tmp/postgres/pg_tablespaces/space2', - owner => 'spcuser', - } - postgresql::server::database { 'tablespacedb3': - encoding => 'utf8', - tablespace => 'tablespace2', - } - EOS - - shell('mkdir -p /tmp/postgres') - # Apply appropriate selinux labels - if fact('osfamily') == 'RedHat' - if shell('getenforce').stdout =~ /Enforcing/ - shell('chcon -Rv --type=postgresql_db_t /tmp/postgres') - end - end - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Check that databases use correct tablespaces - psql('--command="select ts.spcname from pg_database db, pg_tablespace ts where db.dattablespace = ts.oid and db.datname = \'"\'tablespacedb1\'"\'"') do |r| - expect(r.stdout).to match(/tablespace1/) - expect(r.stderr).to eq('') - end - - psql('--command="select ts.spcname from pg_database db, pg_tablespace ts where db.dattablespace = ts.oid and db.datname = \'"\'tablespacedb3\'"\'"') do |r| - expect(r.stdout).to match(/tablespace2/) - expect(r.stderr).to eq('') - end - end -end diff --git a/modules/postgresql/spec/acceptance/server_spec.rb b/modules/postgresql/spec/acceptance/server_spec.rb deleted file mode 100644 index 1b3086c..0000000 --- a/modules/postgresql/spec/acceptance/server_spec.rb +++ /dev/null @@ -1,303 +0,0 @@ -require 'spec_helper_acceptance' - -# Hack around the fact that so far only Ubuntu 14.04 seems to have moved this -# file. Can revisit if everyone else gets clever. - -case fact('operatingsystem') -when 'Ubuntu' - case fact('operatingsystemrelease') - when '14.04' - pghba_file = '/etc/postgresql/9.3/main/pg_hba.conf' - when '12.04' - pghba_file = '/etc/postgresql/9.1/main/pg_hba.conf' - end -when 'Debian' - case fact('operatingsystemmajrelease') - when '7' - pghba_file = '/etc/postgresql/9.1/main/pg_hba.conf' - when '6' - pghba_file = '/etc/postgresql/8.4/main/pg_hba.conf' - end -else - pghba_file = '/var/lib/pgsql/data/pg_hba.conf' -end - -describe 'server:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - # Cleanup after tests have ran - pp = <<-EOS.unindent - class { 'postgresql::server': ensure => absent } -> - class { 'postgresql::client': package_ensure => absent } - EOS - apply_manifest(pp, :catch_failures => true) - if fact('osfamily') == 'RedHat' - shell('rpm -qa | grep postgres | xargs rpm -e') - end - end - - it 'test loading class with no parameters' do - pp = <<-EOS.unindent - class { 'postgresql::server': } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(5432) do - it { should be_listening } - end - - describe file(pghba_file) do - it { should be_file } - it { should be_owned_by 'postgres' } - it { should be_grouped_into 'postgres' } - it { should be_mode 640 } - end - - describe 'setting postgres password' do - it 'should install and successfully adjust the password' do - pp = <<-EOS.unindent - class { 'postgresql::server': - postgres_password => 'foobarbaz', - ip_mask_deny_postgres_user => '0.0.0.0/32', - } - EOS - - apply_manifest(pp, :catch_failures => true) do |r| - expect(r.stdout).to match(/\[set_postgres_postgrespw\]\/returns: executed successfully/) - end - apply_manifest(pp, :catch_changes => true) - - pp = <<-EOS.unindent - class { 'postgresql::server': - postgres_password => 'TPSR$$eports!', - ip_mask_deny_postgres_user => '0.0.0.0/32', - } - EOS - - apply_manifest(pp, :catch_failures => true) do |r| - expect(r.stdout).to match(/\[set_postgres_postgrespw\]\/returns: executed successfully/) - end - apply_manifest(pp, :catch_changes => true) - - end - end -end - -describe 'server without defaults:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - context 'test installing non-default version of postgresql' do - after :all do - psql('--command="drop database postgresql_test_db" postgres', 'postgres') - pp = <<-EOS.unindent - if $::osfamily == 'Debian' { - class { 'apt': } - # XXX Need to purge postgresql-common after uninstalling 9.3 because - # it leaves the init script behind. Poor packaging. - package { 'postgresql-common': - ensure => purged, - require => Class['postgresql::server'], - } - } - class { 'postgresql::globals': - manage_package_repo => true, - version => '9.3', - } - class { 'postgresql::server': - ensure => absent, - } -> - class { 'postgresql::client': - package_ensure => absent, - } - EOS - apply_manifest(pp, :catch_failures => true) - if fact('osfamily') == 'RedHat' - shell('rpm -qa | grep postgres | xargs rpm -e') - end - end - - it 'perform installation and create a db' do - pp = <<-EOS.unindent - if $::osfamily == 'Debian' { - class { 'apt': } - } - class { "postgresql::globals": - version => "9.3", - manage_package_repo => true, - encoding => 'UTF8', - locale => 'en_US.UTF-8', - xlogdir => '/tmp/pg_xlogs', - } - class { "postgresql::server": } - postgresql::server::db { "postgresql_test_db": - user => "foo1", - password => postgresql_password('foo1', 'foo1'), - } - EOS - - # Yum cache for yum.postgresql.org is outdated - shell('yum clean all') if fact('osfamily') == 'RedHat' - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - shell('test -d /tmp/pg_xlogs') do |r| - expect(r.stdout).to eq('') - expect(r.stderr).to eq('') - end - - psql('postgresql_test_db --command="select datname from pg_database limit 1"') - end - - describe port(5432) do - it { should be_listening } - end - end - - context 'test deprecating non-default version of postgresql to postgresql::server' do - after :all do - pp = <<-EOS.unindent - class { 'postgresql::globals': - version => '9.3', - } - class { 'postgresql::server': - ensure => absent, - } -> - class { 'postgresql::client': - package_ensure => absent, - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'raises a warning' do - pp = <<-EOS.unindent - class { 'postgresql::server': - ensure => absent, - version => '9.3', - } - EOS - expect(apply_manifest(pp, :catch_failures => false).stderr).to match(/Passing "version" to postgresql::server is deprecated/i) - end - end - - unless ((fact('osfamily') == 'RedHat' and fact('lsbmajdistrelease') == '5') || - fact('osfamily') == 'Debian') - - context 'override locale and encoding' do - before :each do - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'perform installation with different locale and encoding' do - pp = <<-EOS.unindent - class { 'postgresql::server': - locale => 'en_NG', - encoding => 'UTF8', - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - - # Remove db first, if it exists for some reason - shell('su postgres -c "dropdb test1"', :acceptable_exit_codes => [0,1,2]) - shell('su postgres -c "createdb test1"') - shell('su postgres -c \'psql -c "show lc_ctype" test1\'') do |r| - expect(r.stdout).to match(/en_NG/) - end - - shell('su postgres -c \'psql -c "show lc_collate" test1\'') do |r| - expect(r.stdout).to match(/en_NG/) - end - end - end - end -end - -describe 'server with firewall:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - context 'test installing postgresql with firewall management on' do - it 'perform installation and make sure it is idempotent' do - pending('no support for firewall with fedora', :if => (fact('operatingsystem') == 'Fedora')) - pp = <<-EOS.unindent - class { 'firewall': } - class { "postgresql::server": - manage_firewall => true, - } - EOS - - if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '5' - shell('iptables -F') - end - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end -end - -describe 'server without pg_hba.conf:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - context 'test installing postgresql without pg_hba.conf management on' do - it 'perform installation and make sure it is idempotent' do - pp = <<-EOS.unindent - class { "postgresql::server": - manage_pg_hba_conf => false, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - end -end - -describe 'server on alternate port:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - after :all do - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'sets up selinux' do - pp = <<-EOS - if $::osfamily == 'RedHat' and $::selinux == 'true' { - $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - default => 'policycoreutils-python', - } - - package { $semanage_package: ensure => installed } - exec { 'set_postgres': - command => 'semanage port -a -t postgresql_port_t -p tcp 5433', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - subscribe => Package[$semanage_package], - refreshonly => true, - } - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - - context 'test installing postgresql with alternate port' do - it 'perform installation and make sure it is idempotent' do - pp = <<-EOS.unindent - class { "postgresql::server": - port => 5433, - } - EOS - - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(5433) do - it { should be_listening } - end - end -end diff --git a/modules/postgresql/spec/acceptance/unsupported_spec.rb b/modules/postgresql/spec/acceptance/unsupported_spec.rb deleted file mode 100644 index 64964d8..0000000 --- a/modules/postgresql/spec/acceptance/unsupported_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - it 'should fail for client' do - pp = <<-EOS - class { 'postgresql::client': } - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/No preferred version defined or automatically detected/i) - end - it 'should fail for server' do - pp = <<-EOS - class { 'postgresql::server': } - EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/No preferred version defined or automatically detected/i) - end -end diff --git a/modules/postgresql/spec/acceptance/validate_db_connection_spec.rb b/modules/postgresql/spec/acceptance/validate_db_connection_spec.rb deleted file mode 100644 index 5a7245f..0000000 --- a/modules/postgresql/spec/acceptance/validate_db_connection_spec.rb +++ /dev/null @@ -1,97 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'postgresql::validate_db_connection:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do - before :all do - # Setup postgresql server and a sample database for tests to use. - pp = <<-EOS.unindent - $db = 'foo' - class { 'postgresql::server': } - - postgresql::server::db { $db: - user => $db, - password => postgresql_password($db, $db), - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - after :all do - # Remove postgresql server after all tests have ran. - apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true) - end - - it 'should run puppet with no changes declared if socket connectivity works' do - pp = <<-EOS.unindent - postgresql::validate_db_connection { 'foo': - database_name => 'foo', - run_as => 'postgres', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'stops postgresql' do - # First we stop postgresql. - pp = <<-EOS - class { 'postgresql::server': - service_ensure => 'stopped', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should keep retrying if database is down' do - if fact('operatingsystem') == 'RedHat' && fact('operatingsystemrelease') =~ /^7/ - shell('nohup bash -c "sleep 10; systemctl start `basename /usr/lib/systemd/system/postgres*`" > /dev/null 2>&1 &') - else - shell('nohup bash -c "sleep 10; /etc/init.d/postgresql* start" > /dev/null 2>&1 &') - end - - pp = <<-EOS.unindent - postgresql::validate_db_connection { 'foo': - database_name => 'foo', - tries => 30, - sleep => 1, - run_as => 'postgres', - } - EOS - apply_manifest(pp, :catch_failures => true) - end - - it 'should run puppet with no changes declared if db ip connectivity works' do - pp = <<-EOS.unindent - postgresql::validate_db_connection { 'foo': - database_host => 'localhost', - database_name => 'foo', - database_username => 'foo', - database_password => 'foo', - } - EOS - - apply_manifest(pp, :catch_failures => true) - end - - it 'should fail catalogue if database connectivity fails' do - pp = <<-EOS.unindent - postgresql::validate_db_connection { 'foobarbaz': - database_host => 'localhost', - database_name => 'foobarbaz', - database_username => 'foobarbaz', - database_password => 'foobarbaz', - } - EOS - - apply_manifest(pp, :expect_failures => true) - end - - it 'starts postgresql' do - pp = <<-EOS - class { 'postgresql::server': - service_ensure => 'running', - } - EOS - apply_manifest(pp, :catch_failures => true) - end -end diff --git a/modules/postgresql/spec/spec_helper.rb b/modules/postgresql/spec/spec_helper.rb deleted file mode 100644 index f4852aa..0000000 --- a/modules/postgresql/spec/spec_helper.rb +++ /dev/null @@ -1,28 +0,0 @@ -require 'puppetlabs_spec_helper/module_spec_helper' - -RSpec.configure do |c| - c.mock_with :rspec do |mock| - mock.syntax = [:expect, :should] - end - c.include PuppetlabsSpec::Files - - c.before :each do - # Store any environment variables away to be restored later - @old_env = {} - ENV.each_key {|k| @old_env[k] = ENV[k]} - - if ENV['STRICT_VARIABLES'] == 'yes' - Puppet.settings[:strict_variables]=true - end - end - - c.after :each do - PuppetlabsSpec::Files.cleanup - end -end - -# Convenience helper for returning parameters for a type from the -# catalogue. -def param(type, title, param) - param_value(catalogue, type, title, param) -end diff --git a/modules/postgresql/spec/spec_helper_acceptance.rb b/modules/postgresql/spec/spec_helper_acceptance.rb deleted file mode 100644 index 93ddacc..0000000 --- a/modules/postgresql/spec/spec_helper_acceptance.rb +++ /dev/null @@ -1,87 +0,0 @@ -require 'beaker-rspec/spec_helper' -require 'beaker-rspec/helpers/serverspec' - -class String - # Provide ability to remove indentation from strings, for the purpose of - # left justifying heredoc blocks. - def unindent - gsub(/^#{scan(/^\s*/).min_by{|l|l.length}}/, "") - end -end - -def shellescape(str) - str = str.to_s - - # An empty argument will be skipped, so return empty quotes. - return "''" if str.empty? - - str = str.dup - - # Treat multibyte characters as is. It is caller's responsibility - # to encode the string in the right encoding for the shell - # environment. - str.gsub!(/([^A-Za-z0-9_\-.,:\/@\n])/, "\\\\\\1") - - # A LF cannot be escaped with a backslash because a backslash + LF - # combo is regarded as line continuation and simply ignored. - str.gsub!(/\n/, "'\n'") - - return str -end - -def psql(psql_cmd, user = 'postgres', exit_codes = [0,1], &block) - psql = "psql #{psql_cmd}" - shell("su #{shellescape(user)} -c #{shellescape(psql)}", :acceptable_exit_codes => exit_codes, &block) -end - -unless ENV['RS_PROVISION'] == 'no' or ENV['BEAKER_provision'] == 'no' - if hosts.first.is_pe? - install_pe - else - install_puppet - end - hosts.each do |host| - shell("mkdir -p #{host['distmoduledir']}") - if ! host.is_pe? - # Augeas is only used in one place, for Redhat. - if fact('osfamily') == 'RedHat' - install_package host, 'ruby-devel' - install_package host, 'augeas-devel' - install_package host, 'ruby-augeas' - end - end - end -end - -UNSUPPORTED_PLATFORMS = ['AIX','windows','Solaris','Suse'] - -RSpec.configure do |c| - # Project root - proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) - - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - # Install module and dependencies - puppet_module_install(:source => proj_root, :module_name => 'postgresql') - hosts.each do |host| - on host, "/bin/touch #{default['puppetpath']}/hiera.yaml" - on host, 'chmod 755 /root' - if fact('osfamily') == 'Debian' - on host, "echo \"en_US ISO-8859-1\nen_NG.UTF-8 UTF-8\nen_US.UTF-8 UTF-8\n\" > /etc/locale.gen" - on host, '/usr/sbin/locale-gen' - on host, '/usr/sbin/update-locale' - end - if fact('osfamily') == 'RedHat' - shell('yum -y install policycoreutils-python') - shell('semanage port -a -t postgresql_port_t -p tcp 5433') - end - on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-firewall'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } - on host, puppet('module','install','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] } - end - end -end diff --git a/modules/postgresql/spec/unit/classes/client_spec.rb b/modules/postgresql/spec/unit/classes/client_spec.rb deleted file mode 100644 index dd24dbf..0000000 --- a/modules/postgresql/spec/unit/classes/client_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::client', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - - describe 'with parameters' do - let :params do - { - :package_ensure => 'absent', - :package_name => 'mypackage', - } - end - - it 'should modify package' do - should contain_package("postgresql-client").with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) - end - end - - describe 'with no parameters' do - it 'should create package with postgresql tag' do - should contain_package('postgresql-client').with({ - :tag => 'postgresql', - }) - end - end -end diff --git a/modules/postgresql/spec/unit/classes/globals_spec.rb b/modules/postgresql/spec/unit/classes/globals_spec.rb deleted file mode 100644 index 315a349..0000000 --- a/modules/postgresql/spec/unit/classes/globals_spec.rb +++ /dev/null @@ -1,30 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::globals', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :lsbdistid => 'Debian', - :lsbdistcodename => 'squeeze', - } - end - - describe 'with no parameters' do - it 'should work' do - should contain_class("postgresql::globals") - end - end - - describe 'manage_package_repo => true' do - let(:params) do - { - :manage_package_repo => true, - } - end - it 'should pull in class postgresql::repo' do - should contain_class("postgresql::repo") - end - end -end diff --git a/modules/postgresql/spec/unit/classes/lib/devel_spec.rb b/modules/postgresql/spec/unit/classes/lib/devel_spec.rb deleted file mode 100644 index 8c289fc..0000000 --- a/modules/postgresql/spec/unit/classes/lib/devel_spec.rb +++ /dev/null @@ -1,12 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::lib::devel', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - it { should contain_class("postgresql::lib::devel") } -end diff --git a/modules/postgresql/spec/unit/classes/lib/java_spec.rb b/modules/postgresql/spec/unit/classes/lib/java_spec.rb deleted file mode 100644 index 7541bf5..0000000 --- a/modules/postgresql/spec/unit/classes/lib/java_spec.rb +++ /dev/null @@ -1,40 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::lib::java', :type => :class do - - describe 'on a debian based os' do - let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - it { should contain_package('postgresql-jdbc').with( - :name => 'libpostgresql-jdbc-java', - :ensure => 'present' - )} - end - - describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } - end - it { should contain_package('postgresql-jdbc').with( - :name => 'postgresql-jdbc', - :ensure => 'present' - )} - describe 'when parameters are supplied' do - let :params do - {:package_ensure => 'latest', :package_name => 'somepackage'} - end - it { should contain_package('postgresql-jdbc').with( - :name => 'somepackage', - :ensure => 'latest' - )} - end - end - -end diff --git a/modules/postgresql/spec/unit/classes/lib/perl_spec.rb b/modules/postgresql/spec/unit/classes/lib/perl_spec.rb deleted file mode 100644 index e107bf2..0000000 --- a/modules/postgresql/spec/unit/classes/lib/perl_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::lib::perl', :type => :class do - - describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } - end - it { should contain_package('perl-DBD-Pg').with( - :name => 'perl-DBD-Pg', - :ensure => 'present' - )} - end - - describe 'on a debian based os' do - let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - it { should contain_package('perl-DBD-Pg').with( - :name => 'libdbd-pg-perl', - :ensure => 'present' - )} - end - -end diff --git a/modules/postgresql/spec/unit/classes/lib/python_spec.rb b/modules/postgresql/spec/unit/classes/lib/python_spec.rb deleted file mode 100644 index ab3fd32..0000000 --- a/modules/postgresql/spec/unit/classes/lib/python_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::lib::python', :type => :class do - - describe 'on a redhat based os' do - let :facts do { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - } - end - it { should contain_package('python-psycopg2').with( - :name => 'python-psycopg2', - :ensure => 'present' - )} - end - - describe 'on a debian based os' do - let :facts do { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - it { should contain_package('python-psycopg2').with( - :name => 'python-psycopg2', - :ensure => 'present' - )} - end - -end diff --git a/modules/postgresql/spec/unit/classes/params_spec.rb b/modules/postgresql/spec/unit/classes/params_spec.rb deleted file mode 100644 index 730fd10..0000000 --- a/modules/postgresql/spec/unit/classes/params_spec.rb +++ /dev/null @@ -1,12 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::params', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - it { should contain_class("postgresql::params") } -end diff --git a/modules/postgresql/spec/unit/classes/repo_spec.rb b/modules/postgresql/spec/unit/classes/repo_spec.rb deleted file mode 100644 index f31d468..0000000 --- a/modules/postgresql/spec/unit/classes/repo_spec.rb +++ /dev/null @@ -1,19 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::repo', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :lsbdistid => 'Debian', - :lsbdistcodename => 'squeeze', - } - end - - describe 'with no parameters' do - it 'should instantiate apt_postgresql_org class' do - should contain_class('postgresql::repo::apt_postgresql_org') - end - end -end diff --git a/modules/postgresql/spec/unit/classes/server/contrib_spec.rb b/modules/postgresql/spec/unit/classes/server/contrib_spec.rb deleted file mode 100644 index a22a3d0..0000000 --- a/modules/postgresql/spec/unit/classes/server/contrib_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::contrib', :type => :class do - let :pre_condition do - "class { 'postgresql::server': }" - end - - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - describe 'with parameters' do - let(:params) do - { - :package_name => 'mypackage', - :package_ensure => 'absent', - } - end - - it 'should create package with correct params' do - should contain_package('postgresql-contrib').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) - end - end - - describe 'with no parameters' do - it 'should create package with postgresql tag' do - should contain_package('postgresql-contrib').with({ - :tag => 'postgresql', - }) - end - end -end diff --git a/modules/postgresql/spec/unit/classes/server/initdb_spec.rb b/modules/postgresql/spec/unit/classes/server/initdb_spec.rb deleted file mode 100644 index 24ebfa8..0000000 --- a/modules/postgresql/spec/unit/classes/server/initdb_spec.rb +++ /dev/null @@ -1,36 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::initdb', :type => :class do - let (:pre_condition) do - "include postgresql::server" - end - describe 'on RedHat' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - it { should contain_file('/var/lib/pgsql/data').with_ensure('directory') } - end - describe 'on Amazon' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'Amazon', - :operatingsystemrelease => '1.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - it { should contain_file('/var/lib/pgsql9/data').with_ensure('directory') } - end -end - diff --git a/modules/postgresql/spec/unit/classes/server/plperl_spec.rb b/modules/postgresql/spec/unit/classes/server/plperl_spec.rb deleted file mode 100644 index a0c914e..0000000 --- a/modules/postgresql/spec/unit/classes/server/plperl_spec.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::plperl', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('plperl'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :pre_condition do - "class { 'postgresql::server': }" - end - - describe 'with no parameters' do - it { should contain_class("postgresql::server::plperl") } - it 'should create package' do - should contain_package('postgresql-plperl').with({ - :ensure => 'present', - :tag => 'postgresql', - }) - end - end - - describe 'with parameters' do - let :params do - { - :package_ensure => 'absent', - :package_name => 'mypackage', - } - end - - it { should contain_class("postgresql::server::plperl") } - it 'should create package with correct params' do - should contain_package('postgresql-plperl').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) - end - end -end diff --git a/modules/postgresql/spec/unit/classes/server/postgis_spec.rb b/modules/postgresql/spec/unit/classes/server/postgis_spec.rb deleted file mode 100644 index 6636bf2..0000000 --- a/modules/postgresql/spec/unit/classes/server/postgis_spec.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::postgis', :type => :class do - let :pre_condition do - "class { 'postgresql::server': }" - end - - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('postgis'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - describe 'with parameters' do - let(:params) do - { - :package_name => 'mypackage', - :package_ensure => 'absent', - } - end - - it 'should create package with correct params' do - should contain_package('postgresql-postgis').with({ - :ensure => 'absent', - :name => 'mypackage', - :tag => 'postgresql', - }) - end - end - - describe 'with no parameters' do - it 'should create package with postgresql tag' do - should contain_package('postgresql-postgis').with({ - :tag => 'postgresql', - }) - end - end -end diff --git a/modules/postgresql/spec/unit/classes/server_spec.rb b/modules/postgresql/spec/unit/classes/server_spec.rb deleted file mode 100644 index 8fcf93f..0000000 --- a/modules/postgresql/spec/unit/classes/server_spec.rb +++ /dev/null @@ -1,120 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server', :type => :class do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :concat_basedir => tmpfilename('server'), - :kernel => 'Linux', - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - describe 'with no parameters' do - it { should contain_class("postgresql::params") } - it { should contain_class("postgresql::server") } - it 'should validate connection' do - should contain_postgresql__validate_db_connection('validate_service_is_running') - end - end - - describe 'service_ensure => running' do - let(:params) {{ :service_ensure => 'running' }} - it { should contain_class("postgresql::params") } - it { should contain_class("postgresql::server") } - it 'should validate connection' do - should contain_postgresql__validate_db_connection('validate_service_is_running') - end - end - - describe 'service_ensure => stopped' do - let(:params) {{ :service_ensure => 'stopped' }} - it { should contain_class("postgresql::params") } - it { should contain_class("postgresql::server") } - it 'shouldnt validate connection' do - should_not contain_postgresql__validate_db_connection('validate_service_is_running') - end - end - - describe 'manage_firewall => true' do - let(:params) do - { - :manage_firewall => true, - :ensure => true, - } - end - - it 'should create firewall rule' do - should contain_firewall("5432 accept - postgres") - end - end - - describe 'ensure => absent' do - let(:params) do - { - :ensure => 'absent', - :datadir => '/my/path', - :xlogdir => '/xlog/path', - } - end - - it 'should make package purged' do - should contain_package('postgresql-server').with({ - :ensure => 'purged', - }) - end - - it 'stop the service' do - should contain_service('postgresqld').with({ - :ensure => 'stopped', - }) - end - - it 'should remove datadir' do - should contain_file('/my/path').with({ - :ensure => 'absent', - }) - end - - it 'should remove xlogdir' do - should contain_file('/xlog/path').with({ - :ensure => 'absent', - }) - end - end - - describe 'package_ensure => absent' do - let(:params) do - { - :package_ensure => 'absent', - } - end - - it 'should remove the package' do - should contain_package('postgresql-server').with({ - :ensure => 'purged', - }) - end - - it 'should still enable the service' do - should contain_service('postgresqld').with({ - :ensure => 'running', - }) - end - end - - describe 'needs_initdb => true' do - let(:params) do - { - :needs_initdb => true, - } - end - - it 'should contain proper initdb exec' do - should contain_exec('postgresql_initdb') - end - end -end diff --git a/modules/postgresql/spec/unit/defines/server/config_entry_spec.rb b/modules/postgresql/spec/unit/defines/server/config_entry_spec.rb deleted file mode 100644 index e7c59fd..0000000 --- a/modules/postgresql/spec/unit/defines/server/config_entry_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::config_entry', :type => :define do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystem => 'RedHat', - :operatingsystemrelease => '6.4', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let(:title) { 'config_entry'} - - let :target do - tmpfilename('postgresql_conf') - end - - context "syntax check" do - let :pre_condition do - "class {'postgresql::server':}" - end - - let(:params) { { :ensure => 'present'} } - it { should contain_postgresql__server__config_entry('config_entry') } - end -end - diff --git a/modules/postgresql/spec/unit/defines/server/database_grant_spec.rb b/modules/postgresql/spec/unit/defines/server/database_grant_spec.rb deleted file mode 100644 index cf18469..0000000 --- a/modules/postgresql/spec/unit/defines/server/database_grant_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::database_grant', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :title do - 'test' - end - - let :params do - { - :privilege => 'ALL', - :db => 'test', - :role => 'test', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__database_grant('test') } - it { should contain_postgresql__server__grant('database:test') } -end diff --git a/modules/postgresql/spec/unit/defines/server/database_spec.rb b/modules/postgresql/spec/unit/defines/server/database_spec.rb deleted file mode 100644 index a3d1ace..0000000 --- a/modules/postgresql/spec/unit/defines/server/database_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::database', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - let :title do - 'test' - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__database('test') } - it { should contain_postgresql_psql("Check for existence of db 'test'") } -end diff --git a/modules/postgresql/spec/unit/defines/server/db_spec.rb b/modules/postgresql/spec/unit/defines/server/db_spec.rb deleted file mode 100644 index 157de10..0000000 --- a/modules/postgresql/spec/unit/defines/server/db_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::db', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :title do - 'test' - end - - context 'without dbname param' do - - let :params do - { - :user => 'test', - :password => 'test', - :owner => 'tester', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__db('test') } - it { should contain_postgresql__server__database('test').with_owner('tester') } - it { should contain_postgresql__server__role('test') } - it { should contain_postgresql__server__database_grant('GRANT test - ALL - test') } - - end - - context 'dbname' do - - let :params do - { - :dbname => 'testtest', - :user => 'test', - :password => 'test', - :owner => 'tester', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__database('testtest') } - end -end diff --git a/modules/postgresql/spec/unit/defines/server/grant_spec.rb b/modules/postgresql/spec/unit/defines/server/grant_spec.rb deleted file mode 100644 index c020a69..0000000 --- a/modules/postgresql/spec/unit/defines/server/grant_spec.rb +++ /dev/null @@ -1,32 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::grant', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :title do - 'test' - end - - let :params do - { - :db => 'test', - :role => 'test', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__grant('test') } -end diff --git a/modules/postgresql/spec/unit/defines/server/pg_hba_rule_spec.rb b/modules/postgresql/spec/unit/defines/server/pg_hba_rule_spec.rb deleted file mode 100644 index abe4de0..0000000 --- a/modules/postgresql/spec/unit/defines/server/pg_hba_rule_spec.rb +++ /dev/null @@ -1,198 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::pg_hba_rule', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('pg_hba'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - let :title do - 'test' - end - let :target do - tmpfilename('pg_hba_rule') - end - - context 'test template 1' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'host', - :database => 'all', - :user => 'all', - :address => '1.1.1.1/24', - :auth_method => 'md5', - :target => target, - } - end - it do - should contain_concat__fragment('pg_hba_rule_test').with({ - :content => /host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5/ - }) - end - end - - context 'test template 2' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'local', - :database => 'all', - :user => 'all', - :auth_method => 'ident', - :target => target, - } - end - it do - should contain_concat__fragment('pg_hba_rule_test').with({ - :content => /local\s+all\s+all\s+ident/ - }) - end - end - - context 'test template 3' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'host', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'ldap', - :auth_option => 'foo=bar', - :target => target, - } - end - it do - should contain_concat__fragment('pg_hba_rule_test').with({ - :content => /host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar/ - }) - end - end - - context 'validation' do - context 'validate type test 1' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'invalid', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'ldap', - :target => target, - } - end - it 'should fail parsing when type is not valid' do - expect {subject}.to raise_error(Puppet::Error, - /The type you specified \[invalid\] must be one of/) - end - end - - context 'validate auth_method' do - let :pre_condition do - <<-EOS - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'invalid', - :target => target, - } - end - - it 'should fail parsing when auth_method is not valid' do - expect {subject}.to raise_error(Puppet::Error, - /The auth_method you specified \[invalid\] must be one of/) - end - end - - context 'validate unsupported auth_method' do - let :pre_condition do - <<-EOS - class { 'postgresql::globals': - version => '9.0', - } - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'peer', - :target => target, - } - end - - it 'should fail parsing when auth_method is not valid' do - expect {subject}.to raise_error(Puppet::Error, - /The auth_method you specified \[peer\] must be one of: trust, reject, md5, sha1, password, gss, sspi, krb5, ident, ldap, radius, cert, pam/) - end - end - - context 'validate supported auth_method' do - let :pre_condition do - <<-EOS - class { 'postgresql::globals': - version => '9.2', - } - class { 'postgresql::server': } - EOS - end - - let :params do - { - :type => 'local', - :database => 'all', - :user => 'all', - :address => '0.0.0.0/0', - :auth_method => 'peer', - :target => target, - } - end - - it do - should contain_concat__fragment('pg_hba_rule_test').with({ - :content => /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/ - }) - end - end - - end -end diff --git a/modules/postgresql/spec/unit/defines/server/role_spec.rb b/modules/postgresql/spec/unit/defines/server/role_spec.rb deleted file mode 100644 index 18ebb84..0000000 --- a/modules/postgresql/spec/unit/defines/server/role_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::role', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('contrib'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :title do - 'test' - end - - let :params do - { - :password_hash => 'test', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__role('test') } -end diff --git a/modules/postgresql/spec/unit/defines/server/table_grant_spec.rb b/modules/postgresql/spec/unit/defines/server/table_grant_spec.rb deleted file mode 100644 index 0ba0277..0000000 --- a/modules/postgresql/spec/unit/defines/server/table_grant_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::table_grant', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('table_grant'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :title do - 'test' - end - - let :params do - { - :privilege => 'ALL', - :db => 'test', - :role => 'test', - :table => 'foo', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__table_grant('test') } - it { should contain_postgresql__server__grant('table:test') } -end diff --git a/modules/postgresql/spec/unit/defines/server/tablespace_spec.rb b/modules/postgresql/spec/unit/defines/server/tablespace_spec.rb deleted file mode 100644 index 848f461..0000000 --- a/modules/postgresql/spec/unit/defines/server/tablespace_spec.rb +++ /dev/null @@ -1,31 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::server::tablespace', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - :kernel => 'Linux', - :concat_basedir => tmpfilename('tablespace'), - :id => 'root', - :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', - } - end - - let :title do - 'test' - end - - let :params do - { - :location => '/srv/data/foo', - } - end - - let :pre_condition do - "class {'postgresql::server':}" - end - - it { should contain_postgresql__server__tablespace('test') } -end diff --git a/modules/postgresql/spec/unit/defines/validate_db_connection_spec.rb b/modules/postgresql/spec/unit/defines/validate_db_connection_spec.rb deleted file mode 100644 index 7a248f6..0000000 --- a/modules/postgresql/spec/unit/defines/validate_db_connection_spec.rb +++ /dev/null @@ -1,35 +0,0 @@ -require 'spec_helper' - -describe 'postgresql::validate_db_connection', :type => :define do - let :facts do - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => '6.0', - } - end - - let :title do - 'test' - end - - describe 'should work with only default parameters' do - it { should contain_postgresql__validate_db_connection('test') } - end - - describe 'should work with all parameters' do - let :params do - { - :database_host => 'test', - :database_name => 'test', - :database_password => 'test', - :database_username => 'test', - :database_port => 5432, - :run_as => 'postgresq', - :sleep => 4, - :tries => 30, - } - end - it { should contain_postgresql__validate_db_connection('test') } - end -end diff --git a/modules/postgresql/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb b/modules/postgresql/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb deleted file mode 100644 index 0ac1d1b..0000000 --- a/modules/postgresql/spec/unit/functions/postgresql_acls_to_resources_hash_spec.rb +++ /dev/null @@ -1,137 +0,0 @@ -require 'spec_helper' - -describe 'postgresql_acls_to_resources_hash', :type => :puppet_function do - context 'individual transform tests' do - it do - input = 'local all postgres ident' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"local", - "database"=>"all", - "user"=>"postgres", - "auth_method"=>"ident", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'local all root ident' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"local", - "database"=>"all", - "user"=>"root", - "auth_method"=>"ident", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - - it do - input_array = [ - 'local all all ident', - ] - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"local", - "database"=>"all", - "user"=>"all", - "auth_method"=>"ident", - "order"=>"100", - }, - } - - should run.with_params(input_array, 'test', 100).and_return(result) - end - - it do - input = 'host all all 127.0.0.1/32 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"127.0.0.1/32", - "auth_method"=>"md5", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all 0.0.0.0/0 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"0.0.0.0/0", - "auth_method"=>"md5", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all ::1/128 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"::1/128", - "auth_method"=>"md5", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all 1.1.1.1 255.255.255.0 md5' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"1.1.1.1 255.255.255.0", - "auth_method"=>"md5", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - - it do - input = 'host all all 1.1.1.1 255.255.255.0 ldap ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"' - result = { - "postgresql class generated rule test 0"=>{ - "type"=>"host", - "database"=>"all", - "user"=>"all", - "address"=>"1.1.1.1 255.255.255.0", - "auth_method"=>"ldap", - "auth_option"=>"ldapserver=ldap.example.net ldapprefix=\"cn=\" ldapsuffix=\", dc=example, dc=net\"", - "order"=>"100", - }, - } - - should run.with_params([input], 'test', 100).and_return(result) - end - end - - it 'should return an empty hash when input is empty array' do - should run.with_params([], 'test', 100).and_return({}) - end -end diff --git a/modules/postgresql/spec/unit/functions/postgresql_escape_spec.rb b/modules/postgresql/spec/unit/functions/postgresql_escape_spec.rb deleted file mode 100644 index ee1157d..0000000 --- a/modules/postgresql/spec/unit/functions/postgresql_escape_spec.rb +++ /dev/null @@ -1,10 +0,0 @@ -require 'spec_helper' - -describe 'postgresql_escape', :type => :puppet_function do - it { should run.with_params('foo'). - and_return('$$foo$$') } -end -describe 'postgresql_escape', :type => :puppet_function do - it { should run.with_params('fo$$o'). - and_return('$ed$fo$$o$ed$') } -end diff --git a/modules/postgresql/spec/unit/functions/postgresql_password_spec.rb b/modules/postgresql/spec/unit/functions/postgresql_password_spec.rb deleted file mode 100644 index 0d043f8..0000000 --- a/modules/postgresql/spec/unit/functions/postgresql_password_spec.rb +++ /dev/null @@ -1,6 +0,0 @@ -require 'spec_helper' - -describe 'postgresql_password', :type => :puppet_function do - it { should run.with_params('foo', 'bar'). - and_return('md596948aad3fcae80c08a35c9b5958cd89') } -end diff --git a/modules/postgresql/spec/unit/provider/postgresql_conf/parsed_spec.rb b/modules/postgresql/spec/unit/provider/postgresql_conf/parsed_spec.rb deleted file mode 100644 index 5eb638c..0000000 --- a/modules/postgresql/spec/unit/provider/postgresql_conf/parsed_spec.rb +++ /dev/null @@ -1,112 +0,0 @@ -require 'spec_helper' -require "tempfile" - -provider_class = Puppet::Type.type(:postgresql_conf).provider(:parsed) - -describe provider_class do - let(:title) { 'postgresql_conf' } - let(:provider) { - conf_class = Puppet::Type.type(:postgresql_conf) - provider = conf_class.provider(:parsed) - conffile = tmpfilename('postgresql.conf') - provider.any_instance.stub(:target).and_return conffile - provider - } - - before do - end - - after :each do - provider.initvars - end - - describe "simple configuration that should be allowed" do - it "should parse a simple ini line" do - provider.parse_line("listen_addreses = '*'").should == - { :name=>"listen_addreses", :value=>"*", :comment=>nil, :record_type=>:parsed } - end - - it "should parse a simple ini line (2)" do - provider.parse_line(" listen_addreses = '*'").should == - { :name=>"listen_addreses", :value=>"*", :comment=>nil, :record_type=>:parsed } - end - - it "should parse a simple ini line (3)" do - provider.parse_line("listen_addreses = '*' # dont mind me").should == - { :name=>"listen_addreses", :value=>"*", :comment=>"dont mind me", :record_type=>:parsed } - end - - it "should parse a comment" do - provider.parse_line("# dont mind me").should == - { :line=>"# dont mind me", :record_type=>:comment } - end - - it "should parse a comment (2)" do - provider.parse_line(" \t# dont mind me").should == - { :line=>" \t# dont mind me", :record_type=>:comment } - end - - it "should allow includes" do - provider.parse_line("include puppetextra").should == - { :name=>"include", :value=>"puppetextra", :comment=>nil, :record_type=>:parsed } - end - - it "should allow numbers thorugh without quotes" do - provider.parse_line("wal_keep_segments = 32").should == - { :name=>"wal_keep_segments", :value=>"32", :comment=>nil, :record_type=>:parsed } - end - - it "should allow blanks thorugh " do - provider.parse_line("").should == - { :line=>"", :record_type=>:blank } - end - - it "should parse keys with dots " do - provider.parse_line("auto_explain.log_min_duration = 1ms").should == - { :name => "auto_explain.log_min_duration", :value => "1ms", :comment => nil, :record_type => :parsed } - end - end - - describe "configuration that should be set" do - it "should set comment lines" do - provider.to_line({ :line=>"# dont mind me", :record_type=>:comment }).should == - '# dont mind me' - end - - it "should set blank lines" do - provider.to_line({ :line=>"", :record_type=>:blank }).should == - '' - end - - it "should set simple configuration" do - provider.to_line({:name=>"listen_addresses", :value=>"*", :comment=>nil, :record_type=>:parsed }).should == - "listen_addresses = '*'" - end - - it "should set simple configuration with period in name" do - provider.to_line({:name => "auto_explain.log_min_duration", :value => '100ms', :comment => nil, :record_type => :parsed }).should == - "auto_explain.log_min_duration = 100ms" - end - - it "should set simple configuration even with comments" do - provider.to_line({:name=>"listen_addresses", :value=>"*", :comment=>'dont mind me', :record_type=>:parsed }).should == - "listen_addresses = '*' # dont mind me" - end - - it 'should quote includes' do - provider.to_line( {:name=>"include", :value=>"puppetextra", :comment=>nil, :record_type=>:parsed }).should == - "include 'puppetextra'" - end - - it 'should quote multiple words' do - provider.to_line( {:name=>"archive_command", :value=>"rsync up", :comment=>nil, :record_type=>:parsed }).should == - "archive_command = 'rsync up'" - end - - it 'shouldn\'t quote numbers' do - provider.to_line( {:name=>"wal_segments", :value=>"32", :comment=>nil, :record_type=>:parsed }).should == - "wal_segments = 32" - end - end -end - diff --git a/modules/postgresql/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb b/modules/postgresql/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb deleted file mode 100644 index 325e3db..0000000 --- a/modules/postgresql/spec/unit/puppet/provider/postgresql_psql/ruby_spec.rb +++ /dev/null @@ -1,140 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:postgresql_psql).provider(:ruby) do - let(:name) { 'rspec psql test' } - let(:resource) do - Puppet::Type.type(:postgresql_psql).new({ :name => name, :provider => :ruby }.merge attributes) - end - - let(:provider) { resource.provider } - - context("#run_sql_command") do - describe "with default attributes" do - let(:attributes) do { :db => 'spec_db' } end - - it "executes with the given psql_path on the given DB" do - expect(provider).to receive(:run_command).with(['psql', '-d', - attributes[:db], '-t', '-c', 'SELECT something'], 'postgres', - 'postgres') - - provider.run_sql_command("SELECT something") - end - end - describe "with psql_path and db" do - let(:attributes) do { - :psql_path => '/opt/postgres/psql', - :psql_user => 'spec_user', - :psql_group => 'spec_group', - :cwd => '/spec', - :db => 'spec_db' - } end - - it "executes with the given psql_path on the given DB" do - expect(Dir).to receive(:chdir).with(attributes[:cwd]).and_yield - expect(provider).to receive(:run_command).with([attributes[:psql_path], - '-d', attributes[:db], '-t', '-c', 'SELECT something'], - attributes[:psql_user], attributes[:psql_group]) - - provider.run_sql_command("SELECT something") - end - end - describe "with search_path string" do - let(:attributes) do { - :search_path => "schema1" - } end - - it "executes with the given search_path" do - expect(provider).to receive(:run_command).with(['psql', '-t', '-c', - 'set search_path to schema1; SELECT something'], - 'postgres', 'postgres') - - provider.run_sql_command("SELECT something") - end - end - describe "with search_path array" do - let(:attributes) do { - :search_path => ['schema1','schema2'], - } end - - it "executes with the given search_path" do - expect(provider).to receive(:run_command).with(['psql', '-t', '-c', - 'set search_path to schema1,schema2; SELECT something'], - 'postgres', - 'postgres' - ) - - provider.run_sql_command("SELECT something") - end - end - - end - - context("#command") do - context "when unless is specified" do - [:true, :false, true, false].each do |refresh| - context "and refreshonly is #{refresh}" do - let(:attributes) { { - :command => 'SELECT something', - :db => 'spec_db', - :unless => 'SELECT something', - :refreshonly => refresh - } } - - it "does not fail when the status is successful" do - expect(provider).to receive(:run_unless_sql_command).and_return ["1 row returned", 0] - provider.command - end - - it "returns the given command when rows are returned" do - expect(provider).to receive(:run_unless_sql_command).and_return ["1 row returned", 0] - expect(provider.command).to eq("SELECT something") - end - - it "does not return the given command when no rows are returned" do - expect(provider).to receive(:run_unless_sql_command).and_return ["0 rows returned", 0] - expect(provider.command).to_not eq("SELECT something") - end - - it "raises an error when the sql command fails" do - allow(provider).to receive(:run_unless_sql_command).and_return ["Something went wrong", 1] - expect { provider.command }.to raise_error(Puppet::Error, /Something went wrong/) - end - end - end - end - - context "when unless is not specified" do - context "and refreshonly is true" do - let(:attributes) do { - :command => 'SELECT something', - :db => 'spec_db', - :refreshonly => :true - } end - it "does not run unless sql command" do - expect(provider).to_not receive(:run_unless_sql_command) - provider.command - end - - it "returns the given command do disable sync" do - expect(provider.command).to eq("SELECT something") - end - end - - context "and refreshonly is false" do - let(:attributes) do { - :command => 'SELECT something', - :db => 'spec_db', - :refreshonly => :false - } end - it "does not run unless sql command" do - expect(provider).to_not receive(:run_unless_sql_command) - provider.command - end - - it "does not return the command so as to enable sync" do - expect(provider.command).to_not eq("SELECT something") - end - end - end - end -end diff --git a/modules/postgresql/spec/unit/puppet/type/postgresql_psql_spec.rb b/modules/postgresql/spec/unit/puppet/type/postgresql_psql_spec.rb deleted file mode 100644 index e89c05f..0000000 --- a/modules/postgresql/spec/unit/puppet/type/postgresql_psql_spec.rb +++ /dev/null @@ -1,92 +0,0 @@ -require 'spec_helper' - -describe Puppet::Type.type(:postgresql_psql), "when validating attributes" do - [:name, :unless, :db, :psql_path, :psql_user, :psql_group].each do |attr| - it "should have a #{attr} parameter" do - expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:param) - end - end - - [:command].each do |attr| - it "should have a #{attr} property" do - expect(Puppet::Type.type(:postgresql_psql).attrtype(attr)).to eq(:property) - end - end -end - -describe Puppet::Type.type(:postgresql_psql), :unless => Puppet.features.microsoft_windows? do - subject do - Puppet::Type.type(:postgresql_psql).new({:name => 'rspec'}.merge attributes) - end - - describe "available attributes" do - { - :name => "rspec", - :command => "SELECT stuff", - :unless => "SELECT other,stuff", - :db => "postgres", - :psql_path => "/bin/false", - :psql_user => "postgres", - :psql_group => "postgres", - :cwd => "/var/lib", - :refreshonly => :true, - :search_path => [ "schema1", "schema2"] - }.each do |attr, value| - context attr do - let(:attributes) do { attr => value } end - its([attr]) { should == value } - end - end - - context "default values" do - let(:attributes) do {} end - its([:psql_path]) { should eq("psql") } - its([:psql_user]) { should eq("postgres") } - its([:psql_group]) { should eq("postgres") } - its([:cwd]) { should eq("/tmp") } - its(:refreshonly?) { should be_false } - end - end - - describe "#refreshonly" do - [true, :true].each do |refreshonly| - context "=> #{refreshonly.inspect}" do - let(:attributes) do { :refreshonly => refreshonly } end - it "has a value of true" do - expect(subject.refreshonly?).to be_true - end - it "will not enforce command on sync because refresh() will be called" do - expect(subject.provider).to_not receive(:command=) - subject.property(:command).sync - end - end - end - - [false, :false].each do |refreshonly| - context "=> #{refreshonly.inspect}" do - let(:attributes) do { :refreshonly => refreshonly } end - it "has a value of false" do - expect(subject.refreshonly?).to be_false - end - it "will enforce command on sync because refresh() will not be called" do - expect(subject.provider).to receive(:command=) - subject.property(:command).sync - end - end - end - end - - ## If we refresh the resource, the command should always be run regardless of - ## refreshonly - describe "when responding to refresh" do - [true, :true, false, :false].each do |refreshonly| - context "with refreshonly => #{refreshonly.inspect}" do - let(:attributes) do { :refreshonly => refreshonly } end - it "will enforce command on sync" do - expect(subject.provider).to receive(:command=) - subject.refresh - end - end - end - end -end diff --git a/modules/postgresql/spec/unit/type/postgresql_conf_spec.rb b/modules/postgresql/spec/unit/type/postgresql_conf_spec.rb deleted file mode 100644 index 43b4c51..0000000 --- a/modules/postgresql/spec/unit/type/postgresql_conf_spec.rb +++ /dev/null @@ -1,50 +0,0 @@ -#! /usr/bin/env ruby -require 'spec_helper' - -describe Puppet::Type.type(:postgresql_conf) do - before do - @provider_class = described_class.provide(:simple) { mk_resource_methods } - @provider_class.stub(:suitable?).and_return true - described_class.stub(:defaultprovider).and_return @provider_class - end - - describe "namevar validation" do - it "should have :name as its namevar" do - described_class.key_attributes.should == [:name] - end - it "should not invalid names" do - expect { described_class.new(:name => 'foo bar') }.to raise_error(Puppet::Error, /Invalid value/) - end - it "should allow dots in names" do - expect { described_class.new(:name => 'foo.bar') }.to_not raise_error - end - end - - describe "when validating attributes" do - [:name, :provider].each do |param| - it "should have a #{param} parameter" do - described_class.attrtype(param).should == :param - end - end - - [:value, :target].each do |property| - it "should have a #{property} property" do - described_class.attrtype(property).should == :property - end - end - end - - describe "when validating values" do - describe "ensure" do - it "should support present as a value for ensure" do - expect { described_class.new(:name => 'foo', :ensure => :present) }.to_not raise_error - end - it "should support absent as a value for ensure" do - expect { described_class.new(:name => 'foo', :ensure => :absent) }.to_not raise_error - end - it "should not support other values" do - expect { described_class.new(:name => 'foo', :ensure => :foo) }.to raise_error(Puppet::Error, /Invalid value/) - end - end - end -end diff --git a/modules/postgresql/templates/pg_hba_rule.conf b/modules/postgresql/templates/pg_hba_rule.conf deleted file mode 100644 index af54db5..0000000 --- a/modules/postgresql/templates/pg_hba_rule.conf +++ /dev/null @@ -1,5 +0,0 @@ - -# Rule Name: <%=@name%> -# Description: <%=@description%> -# Order: <%=@order%> -<%=@type%> <%=@database%> <%=@user%> <%=@address%> <%=@auth_method%> <%=@auth_option%> diff --git a/modules/postgresql/templates/systemd-port-override.erb b/modules/postgresql/templates/systemd-port-override.erb deleted file mode 100644 index c3f24a6..0000000 --- a/modules/postgresql/templates/systemd-port-override.erb +++ /dev/null @@ -1,3 +0,0 @@ -.include /lib/systemd/system/postgresql.service -[Service] -Environment=PGPORT=<%= @value %>