I want to run the following setup script to configure a postgresql database that's being deployed via a virtual machine, provisioned via vagrant using puppet:
#!/bin/bash -e
sudo su - postgres
createdb testdb
psql -s tm351test -c "create user test password 'test';GRANT ALL PRIVILEGES ON DATABASE testdb TO test;"
touch /root/postgresql.done
My vagrant config takes the form:
package {
[
'postgresql',
'postgresql-client'
]: ensure => latest;
}
file {
'/root/postgresql.setup':
source => 'puppet:///modules/infinite_interns/root/postgresql.setup',
owner => root,
group => root,
mode => '0744';
}
#TO DO - how do we guarantee the postgresql server is running and tools available?
exec {
'setup-postgresql':
cwd => '/root',
command => '/root/postgresql.setup',
creates => '/root/postgresql.done';
}
service {
'postgresql':
ensure => running,
enable => true;
}
Package['postgresql'] -> Service['postgresql']
How do I guarantee that that the postgresql server is installed and running, and the command line tools available, before running the config script?
I'm new to Puppet - does the Exec() not run if the created file postgresql.done
exists?
I suspect that the psql
command may also expect a confirmatory "return" to execute the command - how would I do that?
There's an official postgresql module that can be easily installed:
puppet module install puppetlabs-postgresql
or adding following to your Puppetfile
:
mod 'puppetlabs-postgresql'
The configuration might look like this:
class { 'postgresql::globals':
encoding => 'UTF-8',
locale => 'en_US.UTF-8',
version => '9.6',
}->
class { 'postgresql::server':
ip_mask_deny_postgres_user => '0.0.0.0/32',
ip_mask_allow_all_users => '0.0.0.0/0',
listen_addresses => '*',
version => '9.6',
}
postgresql::server::db { 'testdb':
user => 'test',
password => postgresql_password('test', 'testpassword'),
}
postgresql::server::pg_hba_rule { 'allow connection from ...':
description => "Open up PostgreSQL for access from test domain",
type => 'host',
database => 'testdb',
user => 'test',
address => '.testdomain.com',
auth_method => 'md5',
}