[TriLUG] n00b puppet question

Igor Partola igor at igorpartola.com
Thu Oct 23 15:44:39 EDT 2014 

Sure. So here's what I did:

1. Download the tarball from here:
https://forge.puppetlabs.com/puppetlabs/postgresql. I don't install puppet
modules using their command line tool, but that's another story. Make sure
to get all the dependencies from
https://forge.puppetlabs.com/puppetlabs/postgresql/dependencies as well.

2. My directory layout is generally like this (in the project root):

puppet/
    manifests/
        base.pp  - everything that goes into every server
        foo.pp - setup for host foo
        bar.pp - setup for host bar

    modules/
        postgres/
            the contents of the tarball

        mymodule/
            manifests/
                init.pp
            templates/
                template files
            files/
                static files

3. Open up puppet/manifests/foo.pp (or base.pp, as the case may be). Add
the following rules:

    # Make Postgres use UTF-8
    class {
        'postgresql::globals':
            encoding => 'UTF8',
            locale   => 'en_US.UTF8',
            notify => Class['postgresql::server'];
    }

    # Define a Postgres server
    class {
        'postgresql::server':
            ip_mask_allow_all_users => '10.10.0.0/16', # If this will be
networked.
            listen_addresses => $ipaddress_eth0; # Set this appropriately
    }

    # Various performance options. You'll have to read the docs for the
Puppet Postgres module to know what these are
    postgresql::server::config_entry {
        'max_connections' : value => 255;
        'lc_messages' : value => "en_US.UTF-8";
        'lc_monetary' : value => "en_US.UTF-8";
        'lc_numeric' : value => "en_US.UTF-8";
        'lc_time' : value => "en_US.UTF-8";
    }

    # Define your databases
    postgresql::server::db {
        'my-database-name':
            user => 'my-database-username',
            password => postgresql_password('my-database-username',
'super-secret-password');

        'my-second-database-name':
            user => 'my-second-database-username',
            password => postgresql_password('my-second-database-username',
'super-secret-password');
    }

    # Create users.
    postgresql::server::role {
        'my-database-username':
            password_hash => postgresql_password('my-database-username',
'super-secret-password''),
            createdb => false;

        'my-second-database-username':
            password_hash =>
postgresql_password('my-second-database-username',
'super-secret-password''),
            createdb => false;

    }

That's it. I think somewhere in there the double listing of users and
passwords is unnecessary, but I know the above configuration works.

Igor

More information about the TriLUG mailing list