postgresql
Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- , , , , , , , ,
Tasks:
- sql
Start using this module
Add this module to your Puppetfile:
mod 'puppetlabs-postgresql', '10.3.0'Learn more about managing modules with a PuppetfileDocumentation
postgresql
Table of Contents
- Module Description - What does the module do?
- Setup - The basics of getting started with postgresql module
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- License
- Development - Guide for contributing to the module
- Tests
- Contributors - List of module contributors
Module description
The postgresql module allows you to manage PostgreSQL databases with Puppet.
PostgreSQL is a high-performance, free, open-source relational database server. The postgresql module allows you to manage packages, services, databases, users, and common security settings in PostgreSQL.
Setup
What postgresql affects
- Package, service, and configuration files for PostgreSQL
- Listened-to ports
- IP and mask (optional)
Getting started with postgresql
To configure a basic default PostgreSQL server, declare the postgresql::server class.
class { 'postgresql::server':
}
Usage
Configure a server
For default settings, declare the postgresql::server class as above. To customize PostgreSQL server settings, specify the parameters you want to change:
class { 'postgresql::server':
ip_mask_deny_postgres_user => '0.0.0.0/32',
ip_mask_allow_all_users => '0.0.0.0/0',
ipv4acls => ['hostssl all johndoe 192.168.0.0/24 cert'],
postgres_password => 'TPSrep0rt!',
}
After configuration, test your settings from the command line:
psql -h localhost -U postgres
psql -h my.postgres.server -U
If you get an error message from these commands, your permission settings restrict access from the location you're trying to connect from. Depending on whether you want to allow connections from that location, you might need to adjust your permissions.
For more details about server configuration parameters, consult the PostgreSQL Runtime Configuration documentation.
Configure an instance
This module supports managing multiple instances (the default instance is referred to as 'main' and managed via including the server.pp class)
NOTE: This feature is currently tested on Centos 8 Streams/RHEL8 with DNF Modules enabled. Different Linux plattforms and/or the Postgresql.org packages distribute different Systemd service files or use wrapper scripts with Systemd to start Postgres. Additional adjustmentments are needed to get this working on these plattforms.
Working Plattforms
- Centos 8 Streams
- RHEL 8
Background and example
creating a new instance has the following advantages:
- files are owned by the postgres user
- instance is running under a different user, if the instance is hacked, the hacker has no access to the file system
- the instance user can be an LDAP user, higher security because of central login monitoring, password policies, password rotation policies
- main instance can be disabled
Here is a profile which can be used to create instaces
class profiles::postgres (
Hash $instances = {},
String $postgresql_version = '13',
) {
class { 'postgresql::globals':
encoding => 'UTF-8',
locale => 'en_US.UTF-8',
manage_package_repo => false,
manage_dnf_module => true,
needs_initdb => true,
version => $postgresql_version,
}
include postgresql::server
$instances.each |String $instance, Hash $instance_settings| {
postgresql::server_instance { $instance:
* => $instance_settings,
}
}
}
And here is data to create an instance called test1:
# stop default main instance
postgresql::server::service_ensure: "stopped"
postgresql::server::service_enable: false
#define an instance
profiles::postgres::instances:
test1:
instance_user: "ins_test1"
instance_group: "ins_test1"
instance_directories:
"/opt/pgsql":
ensure: directory
"/opt/pgsql/backup":
ensure: directory
"/opt/pgsql/data":
ensure: directory
"/opt/pgsql/data/13":
ensure: directory
"/opt/pgsql/data/home":
ensure: directory
"/opt/pgsql/wal":
ensure: directory
"/opt/pgsql/log":
ensure: directory
"/opt/pgsql/log/13":
ensure: directory
"/opt/pgsql/log/13/test1":
ensure: directory
config_settings:
pg_hba_conf_path: "/opt/pgsql/data/13/test1/pg_hba.conf"
postgresql_conf_path: "/opt/pgsql/data/13/test1/postgresql.conf"
pg_ident_conf_path: "/opt/pgsql/data/13/test1/pg_ident.conf"
datadir: "/opt/pgsql/data/13/test1"
service_name: "postgresql@13-test1"
port: 5433
pg_hba_conf_defaults: false
service_settings:
service_name: "postgresql@13-test1"
service_status: "systemctl status postgresql@13-test1.service"
service_ensure: "running"
service_enable: true
initdb_settings:
auth_local: "peer"
auth_host: "md5"
needs_initdb: true
datadir: "/opt/pgsql/data/13/test1"
encoding: "UTF-8"
lc_messages: "en_US.UTF8"
locale: "en_US.UTF8"
data_checksums: false
group: "postgres"
user: "postgres"
username: "ins_test1"
config_entries:
authentication_timeout:
value: "1min"
comment: "a test"
log_statement_stats:
value: "off"
autovacuum_vacuum_scale_factor:
value: 0.3
databases:
testdb1:
encoding: "UTF8"
locale: "en_US.UTF8"
owner: "dba_test1"
testdb2:
encoding: "UTF8"
locale: "en_US.UTF8"
owner: "dba_test1"
roles:
"ins_test1":
superuser: true
login: true
"dba_test1":
createdb: true
login: true
"app_test1":
login: true
"rep_test1":
replication: true
login: true
"rou_test1":
login: true
pg_hba_rules:
"local all INSTANCE user":
type: "local"
database: "all"
user: "ins_test1"
auth_method: "peer"
order: 1
"local all DB user":
type: "local"
database: "all"
user: "dba_test1"
auth_method: "peer"
order: 2
"local all APP user":
type: "local"
database: "all"
user: "app_test1"
auth_method: "peer"
order: 3
"local all READONLY user":
type: "local"
database: "all"
user: "rou_test1"
auth_method: "peer"
order: 4
"remote all INSTANCE user PGADMIN server":
type: "host"
database: "all"
user: "ins_test1"
address: "192.168.22.131/32"
auth_method: "md5"
order: 5
"local replication INSTANCE user":
type: "local"
database: "replication"
user: "ins_test1"
auth_method: "peer"
order: 6
"local replication REPLICATION user":
type: "local"
database: "replication"
user: "rep_test1"
auth_method: "peer"
order: 7
Create a database
You can set up a variety of PostgreSQL databases with the postgresql::server::db defined type. For instance, to set up a database for PuppetDB:
class { 'postgresql::server':
}
postgresql::server::db { 'mydatabasename':
user => 'mydatabaseuser',
password => postgresql::postgresql_password('mydatabaseuser', 'mypassword'),
}
Manage users, roles, and permissions
To manage users, roles, and permissions:
class { 'postgresql::server':
}
postgresql::server::role { 'marmot':
password_hash => postgresql::postgresql_password('marmot', 'mypasswd'),
}
postgresql::server::database_grant { 'test1':
privilege => 'ALL',
db => 'test1',
role => 'marmot',
}
postgresql::server::table_grant { 'my_table of test2':
privilege => 'ALL',
table => 'my_table',
db => 'test2',
role => 'marmot',
}
This example grants all privileges on the test1 database and on the my_table table of the test2 database to the specified user or group. After the values are added into the PuppetDB config file, this database would be ready for use.
Manage ownership of DB objects
To change the ownership of all objects within a database using REASSIGN OWNED:
postgresql::server::reassign_owned_by { 'new owner is meerkat':
db => 'test_db',
old_role => 'marmot',
new_role => 'meerkat',
}
This would run the PostgreSQL statement 'REASSIGN OWNED' to update to ownership of all tables, sequences, functions and views currently owned by the role 'marmot' to be owned by the role 'meerkat' instead.
This applies to objects within the nominated database, 'test_db' only.
For Postgresql >= 9.3, the ownership of the database is also updated.
Manage default permissions (PostgreSQL >= 9.6)
To change default permissions for newly created objects using ALTER DEFAULT PRIVILEGES:
postgresql::server::default_privileges { 'marmot access to new tables on test_db':
db => 'test_db',
role => 'marmot',
privilege => 'ALL',
object_type => 'TABLES',
}
Override defaults
The postgresql::globals class allows you to configure the main settings for this module globally, so that other classes and defined resources can use them. By itself, it does nothing.
For example, to overwrite the default locale and encoding for all classes, use the following:
class { 'postgresql::globals':
encoding => 'UTF-8',
locale => 'en_US.UTF-8',
}
class { 'postgresql::server':
}
To use a specific version of the PostgreSQL package:
class { 'postgresql::globals':
manage_package_repo => true,
version => '9.2',
}
class { 'postgresql::server':
}
Manage remote users, roles, and permissions
Remote SQL objects are managed using the same Puppet resources as local SQL objects, along with a $connect_settings hash. This provides control over how Puppet connects to the remote Postgres instances and which version is used for generating SQL commands.
The connect_settings hash can contain environment variables to control Postgres client connections, such as 'PGHOST', 'PGPORT', 'PGPASSWORD', 'PGUSER' and 'PGSSLKEY'. See the PostgreSQL Environment Variables documentation for a complete list of variables.
Additionally, you can specify the target database version with the special value of 'DBVERSION'. If the $connect_settings hash is omitted or empty, then Puppet connects to the local PostgreSQL instance.
The $connect_settings hash has priority over the explicit variables like $port and $user
When a user provides only the $port parameter to a resource and no $connect_settings, $port will be used. When $connect_settings contains PGPORT and $port is set, $connect_settings['PGPORT'] will be used.
You can provide a connect_settings hash for each of the Puppet resources, or you can set a default connect_settings hash in postgresql::globals. Configuring connect_settings per resource allows SQL objects to be created on multiple databases by multiple users.
$connection_settings_super2 = {
'PGUSER' => 'super2',
'PGPASSWORD' => 'foobar2',
'PGHOST' => '127.0.0.1',
'PGPORT' => '5432',
'PGDATABASE' => 'postgres',
}
include postgresql::server
# Connect with no special settings, i.e domain sockets, user postgres
postgresql::server::role { 'super2':
password_hash => 'foobar2',
superuser => true,
connect_settings => {},
}
# Now using this new user connect via TCP
postgresql::server::database { 'db1':
connect_settings => $connection_settings_super2,
require => Postgresql::Server::Role['super2'],
}
Create an access rule for pg_hba.conf
To create an access rule for pg_hba.conf:
postgresql::server::pg_hba_rule { 'allow application network to access app database':
description => 'Open up PostgreSQL for access from 200.1.2.0/24',
type => 'host',
database => 'app',
user => 'app',
address => '200.1.2.0/24',
auth_method => 'md5',
}
This would create a ruleset in pg_hba.conf similar to:
# Rule Name: allow application network to access app database
# Description: Open up PostgreSQL for access from 200.1.2.0/24
# Order: 150
host app app 200.1.2.0/24 md5
By default, pg_hba_rule requires that you include postgresql::server. However, you can override that behavior by setting target and postgresql_version when declaring your rule. That might look like the following:
postgresql::server::pg_hba_rule { 'allow application network to access app database':
description => 'Open up postgresql for access from 200.1.2.0/24',
type => 'host',
database => 'app',
user => 'app',
address => '200.1.2.0/24',
auth_method => 'md5',
target => '/path/to/pg_hba.conf',
postgresql_version => '9.4',
}
Create user name maps for pg_ident.conf
To create a user name map for the pg_ident.conf:
postgresql::server::pg_ident_rule { 'Map the SSL certificate of the backup server as a replication user':
map_name => 'sslrepli',
system_username => 'repli1.example.com',
database_username => 'replication',
}
This would create a user name map in pg_ident.conf similar to:
#Rule Name: Map the SSL certificate of the backup server as a replication user
#Description: none
#Order: 150
sslrepli repli1.example.com replication
Create recovery configuration
To create the recovery configuration file (recovery.conf):
postgresql::server::recovery { 'Create a recovery.conf file with the following defined parameters':
restore_command => 'cp /mnt/server/archivedir/%f %p',
archive_cleanup_command => undef,
recovery_end_command => undef,
recovery_target_name => 'daily backup 2015-01-26',
recovery_target_time => '2015-02-08 22:39:00 EST',
recovery_target_xid => undef,
recovery_target_inclusive => true,
recovery_target => 'immediate',
recovery_target_timeline => 'latest',
pause_at_recovery_target => true,
standby_mode => 'on',
primary_conninfo => 'host=localhost port=5432',
primary_slot_name => undef,
trigger_file => undef,
recovery_min_apply_delay => 0,
}
The above creates this recovery.conf config file:
restore_command = 'cp /mnt/server/archivedir/%f %p'
recovery_target_name = 'daily backup 2015-01-26'
recovery_target_time = '2015-02-08 22:39:00 EST'
recovery_target_inclusive = true
recovery_target = 'immediate'
recovery_target_timeline = 'latest'
pause_at_recovery_target = true
standby_mode = 'on'
primary_conninfo = 'host=localhost port=5432'
recovery_min_apply_delay = 0
Only the specified parameters are recognized in the template. The recovery.conf is only created if at least one parameter is set and manage_recovery_conf is set to true.
Validate connectivity
To validate client connections to a remote PostgreSQL database before starting dependent tasks, use the postgresql_conn_validator resource. You can use this on any node where the PostgreSQL client software is installed. It is often chained to other tasks such as starting an application server or performing a database migration.
Example usage:
postgresql_conn_validator { 'validate my postgres connection':
host => 'my.postgres.host',
db_username => 'mydbuser',
db_password => 'mydbpassword',
db_name => 'mydbname',
psql_path => '/usr/bin/psql',
}
-> exec { 'rake db:migrate':
cwd => '/opt/myrubyapp',
}
Backups
This example demonstrates how to configure PostgreSQL backups with "pg_dump". This sets up a daily cron job to perform a full backup. Each backup will create a new directory. A cleanup job will automatically remove backups that are older than 15 days.
class { 'postgresql::server':
backup_enable => true,
backup_provider => 'pg_dump',
backup_options => {
db_user => 'backupuser',
db_password => 'secret',
manage_user => true,
rotate => 15,
},
...
}
It is possible to set parameter $ensure to absent in order to remove the backup job, user/role, backup script and password file. However, the actual backup files and directories will remain untouched.
Reference
For information on the classes and types, see the REFERENCE.md
Limitations
Works with versions of PostgreSQL on supported OSes.
For an extensive list of supported operating systems, see metadata.json
Apt module support
While this module supports both 1.x and 2.x versions of the 'puppetlabs-apt' module, it does not support 'puppetlabs-apt' 2.0.0 or 2.0.1.
PostGIS support
PostGIS is currently considered an unsupported feature, as it doesn't work on all platforms correctly.
All versions of RHEL/CentOS with manage_selinux => false
If you have SELinux enabled and you are not using the selinux module to manage SELinux (this is the default configuration) you will need to label any custom ports you use with the postgresql_port_t context. The postgresql service will not start until this is done. To label a port use the semanage command as follows:
semanage port -a -t postgresql_port_t -p tcp $customport
License
This codebase is licensed under the Apache2.0 licensing, however due to the nature of the codebase the open source dependencies may also use a combination of AGPL, BSD-2, BSD-3, GPL2.0, LGPL, MIT and MPL Licensing.
Development
Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. For more information, see our module contribution guide.
Tests
There are two types of tests distributed with this module. Unit tests with rspec-puppet and system tests using rspec-system.
For unit testing, make sure you have:
- rake
- bundler
Install the necessary gems:
bundle install --path=vendor
And then run the unit tests:
bundle exec rake spec
To run the system tests, make sure you also have:
- Vagrant > 1.2.x
- VirtualBox > 4.2.10
Then run the tests using:
bundle exec rspec spec/acceptance
To run the tests on different operating systems, see the sets available in .nodeset.yml and run the specific set with the following syntax:
RSPEC_SET=debian-607-x64 bundle exec rspec spec/acceptance
Contributors
View the full list of contributors on Github.
Reference
Table of Contents
Classes
Public Classes
postgresql::client: Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install.postgresql::globals: Class for setting cross-class global overrides.postgresql::lib::devel: This class installs postgresql development libraries.postgresql::lib::docs: Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install.postgresql::lib::java: This class installs the postgresql jdbc connector.postgresql::lib::perl: This class installs the perl libs for postgresql.postgresql::lib::python: This class installs the python libs for postgresql.postgresql::server: This installs a PostgreSQL serverpostgresql::server::contrib: Install the contrib postgresql packaging.postgresql::server::plperl: This class installs the PL/Perl procedural language for postgresql.postgresql::server::plpython: This class installs the PL/Python procedural language for postgresql.postgresql::server::postgis: Install the postgis postgresql packaging.
Private Classes
postgresql::backup::pg_dump: "Provider" for pg_dump backuppostgresql::dnfmodule: Manage the DNF modulepostgresql::paramspostgresql::repopostgresql::repo::apt_postgresql_orgpostgresql::repo::yum_postgresql_orgpostgresql::server::configpostgresql::server::initdbpostgresql::server::installpostgresql::server::late_initdb: Manage the default encoding when database initialization is managed by the packagepostgresql::server::passwdpostgresql::server::reloadpostgresql::server::service
Defined types
Public Defined types
postgresql::server::config_entry: Manage a postgresql.conf entry.postgresql::server::database: Define for creating a database.postgresql::server::database_grant: Manage a database grant.postgresql::server::db: Define for conveniently creating a role, database and assigning the correct permissions.postgresql::server::default_privileges: Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above.postgresql::server::extension: Activate an extension on a postgresql database.postgresql::server::grant: Define for granting permissions to roles.postgresql::server::grant_role: Define for granting membership to a role.postgresql::server::instance::config: Manages the config for a postgresql::server instancepostgresql::server::instance::initdb: Manages initdb feature for a postgresql::server instancepostgresql::server::instance::late_initdb: Manage the default encoding when database initialization is managed by the packagepostgresql::server::instance::passwd: Overrides the default PostgreSQL superuserpostgresql::server::instance::reload: Overrides the default reload or status command for your PostgreSQL servicepostgresql::server::instance::service: Manages the service for the postgres main instance (default) or additional instancespostgresql::server::pg_hba_rule: This resource manages an individual rule that applies to the file defined in target.postgresql::server::pg_ident_rule: This resource manages an individual rule that applies to the file defined in target.postgresql::server::reassign_owned_by: Define for reassigning the ownership of objects within a database.postgresql::server::recovery: This resource manages the parameters that applies to the recovery.conf template.postgresql::server::role: Define for creating a database role.postgresql::server::schema: Create a new schema.postgresql::server::table_grant: This resource wraps the grant resource to manage table grants specifically.postgresql::server::tablespace: This module creates tablespace.postgresql::server_instance: define to install and manage additional postgresql instances
Private Defined types
postgresql::server::instance::systemd: This define handles systemd drop-in files for the postgres main instance (default) or additional instances
Resource types
postgresql_conf: This type allows puppet to manage postgresql.conf parameters.postgresql_conn_validator: Verify if a connection can be successfully establishedpostgresql_psql: An arbitrary tag for your own reference; the name of the message.postgresql_replication_slot: Manages Postgresql replication slots.
Functions
Public Functions
postgresql::default: This function pull default values from theparamsclass orglobalsclass if the value is not present inparams.postgresql::postgresql_escape: This function escapes a string using Dollar Quoting using a randomly generated tag if required.postgresql::postgresql_password: This function returns the postgresql password hash from the clear text username / passwordpostgresql::prepend_sql_password: This function exists for usage of a role password that is a deferred functionpostgresql_escape: DEPRECATED. Use the namespaced functionpostgresql::postgresql_escapeinstead.postgresql_password: DEPRECATED. Use the namespaced functionpostgresql::postgresql_passwordinstead.
Private Functions
postgresql::postgresql_acls_to_resources_hash: This internal function translates the ipv(4|6)acls format into a resource suitable for create_resources.
Data types
Postgresql::Pg_hba_rule: type for all parameters in the postgresql::server::hba_rule defined resourcePostgresql::Pg_hba_rule_address: Supported address typesPostgresql::Pg_hba_rule_type: enum for all different types for the pg_hba_confPostgresql::Pg_hba_rules: validates a hash of entries for postgresql::server::pg_hab_confPostgresql::Pg_password_encryption: the supported password_encryption
Tasks
sql: Allows you to execute arbitary SQL
Classes
postgresql::client
Installs PostgreSQL client software. Set the following parameters if you have a custom version you would like to install.
- Note Make sure to add any necessary yum or apt repositories if specifying a custom version.
Parameters
The following parameters are available in the postgresql::client class:
file_ensure
Data type: Enum['file', 'absent']
Ensure the connection validation script is present
Default value: 'file'
validcon_script_path
Data type: Stdlib::Absolutepath
Optional. Absolute path for the postgresql connection validation script.
Default value: $postgresql::params::validcon_script_path
package_name
Data type: String[1]
Sets the name of the PostgreSQL client package.
Default value: $postgresql::params::client_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Ensure the client package is installed
Default value: 'present'
postgresql::globals
Class for setting cross-class global overrides.
- Note Most server-specific defaults should be overridden in the postgresql::server class. This class should be used only if you are using a non-standard OS, or if you are changing elements that can only be changed here, such as version or manage_package_repo.
Parameters
The following parameters are available in the postgresql::globals class:
client_package_nameserver_package_namecontrib_package_namedevel_package_namejava_package_namedocs_package_nameperl_package_nameplperl_package_nameplpython_package_namepython_package_namepostgis_package_nameservice_nameservice_providerservice_statusdefault_databasevalidcon_script_pathinitdb_pathpsql_pathpg_hba_conf_pathpg_ident_conf_pathpostgresql_conf_pathpostgresql_conf_moderecovery_conf_pathdefault_connect_settingspg_hba_conf_defaultsdatadirconfdirbindirxlogdirlogdirlog_line_prefixusergroupversionpostgis_versionrepo_proxyrepo_baseurlyum_repo_commonurlapt_source_releaseneeds_initdbencodinglocaledata_checksumstimezonepassword_encryptionmanage_pg_hba_confmanage_pg_ident_confmanage_recovery_confmanage_postgresql_conf_permsmanage_selinuxmanage_datadirmanage_logdirmanage_xlogdirmanage_package_repomanage_dnf_modulemodule_workdir
client_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL client package name.
Default value: undef
server_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL server package name.
Default value: undef
contrib_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL contrib package name.
Default value: undef
devel_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL devel package name.
Default value: undef
java_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL java package name.
Default value: undef
docs_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL docs package name.
Default value: undef
perl_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL Perl package name.
Default value: undef
plperl_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL PL/Perl package name.
Default value: undef
plpython_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL PL/Python package name.
Default value: undef
python_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL Python package name.
Default value: undef
postgis_package_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL PostGIS package name.
Default value: undef
service_name
Data type: Optional[String[1]]
Overrides the default PostgreSQL service name.
Default value: undef
service_provider
Data type: Optional[String[1]]
Overrides the default PostgreSQL service provider.
Default value: undef
service_status
Data type: Optional[String[1]]
Overrides the default status check command for your PostgreSQL service.
Default value: undef
default_database
Data type: Optional[String[1]]
Specifies the name of the default database to connect with.
Default value: undef
validcon_script_path
Data type: Optional[String[1]]
Scipt path for the connection validation check.
Default value: undef
initdb_path
Data type: Optional[Stdlib::Absolutepath]
Path to the initdb command.
Default value: undef
psql_path
Data type: Optional[Stdlib::Absolutepath]
Sets the path to the psql command.
Default value: undef
pg_hba_conf_path
Data type: Optional[Stdlib::Absolutepath]
Specifies the path to your pg_hba.conf file.
Default value: undef
pg_ident_conf_path
Data type: Optional[Stdlib::Absolutepath]
Specifies the path to your pg_ident.conf file.
Default value: undef
postgresql_conf_path
Data type: Optional[Stdlib::Absolutepath]
Sets the path to your postgresql.conf file.
Default value: undef
postgresql_conf_mode
Data type: Optional[Stdlib::Filemode]
Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true.
Default value: undef
recovery_conf_path
Data type: Optional[Stdlib::Absolutepath]
Path to your recovery.conf file.
Default value: undef
default_connect_settings
Data type: Hash
Default connection settings.
Default value: {}
pg_hba_conf_defaults
Data type: Optional[Boolean]
Disables the defaults supplied with the module for pg_hba.conf if set to false.
Default value: undef
datadir
Data type: Optional[Stdlib::Absolutepath]
Overrides the default PostgreSQL data directory for the target platform. Changing the datadir after installation causes the server to come to a full stop before making the change. For Red Hat systems, the data directory must be labeled appropriately for SELinux. On Ubuntu, you must explicitly set needs_initdb = true to allow Puppet to initialize the database in the new datadir (needs_initdb defaults to true on other systems). Warning! If datadir is changed from the default, Puppet does not manage purging of the original data directory, which causes it to fail if the data directory is changed back to the original
Default value: undef
confdir
Data type: Optional[Stdlib::Absolutepath]
Overrides the default PostgreSQL configuration directory for the target platform.
Default value: undef
bindir
Data type: Optional[Stdlib::Absolutepath]
Overrides the default PostgreSQL binaries directory for the target platform.
Default value: undef
xlogdir
Data type: Optional[Stdlib::Absolutepath]
Overrides the default PostgreSQL xlog directory.
Default value: undef
logdir
Data type: Optional[Stdlib::Absolutepath]
Overrides the default PostgreSQL log directory.
Default value: undef
log_line_prefix
Data type: Optional[String[1]]
Overrides the default PostgreSQL log prefix.
Default value: undef
user
Data type: Optional[String[1]]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: undef
group
Data type: Optional[String[1]]
Overrides the default postgres user group to be used for related files in the file system.
Default value: undef
version
Data type: Optional[String[1]]
The version of PostgreSQL to install and manage.
Default value: undef
postgis_version
Data type: Optional[String[1]]
Defines the version of PostGIS to install, if you install PostGIS.
Default value: undef
repo_proxy
Data type: Optional[String[1]]
Sets the proxy option for the official PostgreSQL yum-repositories only.
Default value: undef
repo_baseurl
Data type: Optional[String[1]]
Sets the baseurl for the PostgreSQL repository. Useful if you host your own mirror of the repository.
Default value: undef
yum_repo_commonurl
Data type: Optional[String[1]]
Sets the url for the PostgreSQL common Yum repository. Useful if you host your own mirror of the YUM repository.
Default value: undef
apt_source_release
Data type: Optional[String[1]]
Overrides the default release for the apt source.
Default value: undef
needs_initdb
Data type: Optional[Boolean]
Explicitly calls the initdb operation after the server package is installed and before the PostgreSQL service is started.
Default value: undef
encoding
Data type: Optional[String[1]]
Sets the default encoding for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well.
Default value: undef
locale
Data type: Optional[String[1]]
Sets the default database locale for all databases created with this module. On certain operating systems, this is also used during the template1 initialization, so it becomes a default outside of the module as well. On Debian, you'll need to ensure that the 'locales-all' package is installed for full functionality of PostgreSQL.
Default value: undef
data_checksums
Data type: Optional[Boolean]
Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later.
Default value: undef
timezone
Data type: Optional[String[1]]
Sets the default timezone of the postgresql server. The postgresql built-in default is taking the systems timezone information.
Default value: undef
password_encryption
Data type: Optional[Postgresql::Pg_password_encryption]
Specify the type of encryption set for the password. Defaults to scram-sha-256 for PostgreSQL >= 14, otherwise md5.
Default value: undef
manage_pg_hba_conf
Data type: Optional[Boolean]
Allow Puppet to manage the pg_hba.conf file.
Default value: undef
manage_pg_ident_conf
Data type: Optional[Boolean]
Allow Puppet to manage the pg_ident.conf file.
Default value: undef
manage_recovery_conf
Data type: Optional[Boolean]
Allow Puppet to manage the recovery.conf file.
Default value: undef
manage_postgresql_conf_perms
Data type: Optional[Boolean]
Whether to manage the postgresql conf file permissions. This means owner, group and mode. Contents are not managed but should be managed through postgresql::server::config_entry.
Default value: undef
manage_selinux
Data type: Optional[Boolean]
Allows Puppet to manage the appropriate configuration file for selinux.
Default value: undef
manage_datadir
Data type: Optional[Boolean]
Set to false if you have file{ $datadir: } already defined
Default value: undef
manage_logdir
Data type: Optional[Boolean]
Set to false if you have file{ $logdir: } already defined
Default value: undef
manage_xlogdir
Data type: Optional[Boolean]
Set to false if you have file{ $xlogdir: } already defined
Default value: undef
manage_package_repo
Data type: Optional[Boolean]
Sets up official PostgreSQL repositories on your host if set to true.
Default value: undef
manage_dnf_module
Data type: Boolean
Manage the DNF module. This only makes sense on distributions that use DNF package manager, such as EL8, EL9 or Fedora.
Default value: false
module_workdir
Data type: Optional[Stdlib::Absolutepath]
Specifies working directory under which the psql command should be executed. May need to specify if '/tmp' is on volume mounted with noexec option.
Default value: undef
postgresql::lib::devel
This class installs postgresql development libraries.
Parameters
The following parameters are available in the postgresql::lib::devel class:
package_name
Data type: String
Override devel package name
Default value: $postgresql::params::devel_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Ensure the development libraries are installed
Default value: 'present'
link_pg_config
Data type: Boolean
If the bin directory used by the PostgreSQL page is not /usr/bin or /usr/local/bin, symlinks pg_config from the package's bin dir into usr/bin (not applicable to Debian systems). Set to false to disable this behavior.
Default value: $postgresql::params::link_pg_config
postgresql::lib::docs
Installs PostgreSQL bindings for Postgres-Docs. Set the following parameters if you have a custom version you would like to install.
- Note Make sure to add any necessary yum or apt repositories if specifying a custom version.
Parameters
The following parameters are available in the postgresql::lib::docs class:
package_name
Data type: String
Specifies the name of the PostgreSQL docs package.
Default value: $postgresql::params::docs_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Whether the PostgreSQL docs package resource should be present.
Default value: 'present'
postgresql::lib::java
This class installs the postgresql jdbc connector.
- Note Make sure to add any necessary yum or apt repositories if specifying a custom version.
Parameters
The following parameters are available in the postgresql::lib::java class:
package_name
Data type: String
Specifies the name of the PostgreSQL java package.
Default value: $postgresql::params::java_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Specifies whether the package is present.
Default value: 'present'
postgresql::lib::perl
This class installs the perl libs for postgresql.
Parameters
The following parameters are available in the postgresql::lib::perl class:
package_name
Data type: String
Specifies the name of the PostgreSQL perl package to install.
Default value: $postgresql::params::perl_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Ensure the perl libs for postgresql are installed.
Default value: 'present'
postgresql::lib::python
This class installs the python libs for postgresql.
Parameters
The following parameters are available in the postgresql::lib::python class:
package_name
Data type: String[1]
The name of the PostgreSQL Python package.
Default value: $postgresql::params::python_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Ensure the python libs for postgresql are installed.
Default value: 'present'
postgresql::server
This installs a PostgreSQL server
Parameters
The following parameters are available in the postgresql::server class:
postgres_passwordpackage_namepackage_ensureplperl_package_nameplpython_package_nameservice_ensureservice_enableservice_manageservice_nameservice_restart_on_changeservice_providerservice_reloadservice_statusdefault_databasedefault_connect_settingslisten_addressesportip_mask_deny_postgres_userip_mask_allow_all_usersipv4aclsipv6aclsinitdb_pathpsql_pathpg_hba_conf_pathpg_ident_conf_pathpostgresql_conf_pathpostgresql_conf_moderecovery_conf_pathdatadirxlogdirlogdirlog_line_prefixpg_hba_conf_defaultsusergroupneeds_initdbencodinglocaledata_checksumstimezonemanage_pg_hba_confmanage_pg_ident_confmanage_recovery_confmanage_postgresql_conf_permsmanage_selinuxmodule_workdirmanage_datadirmanage_logdirmanage_xlogdirpassword_encryptionpg_hba_auth_password_encryptionrolesconfig_entriespg_hba_rulesbackup_enablebackup_optionsbackup_providerextra_systemd_configauth_hostauth_locallc_messagesusername
postgres_password
Data type: Optional[Variant[String[1], Sensitive[String[1]], Integer]]
Sets the password for the postgres user to your specified value. By default, this setting uses the superuser account in the Postgres database, with a user called postgres and no password.
Default value: undef
package_name
Data type: String[1]
Specifies the name of the package to use for installing the server software.
Default value: $postgresql::params::server_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Passes a value through to the package resource when creating the server instance.
Default value: $postgresql::params::package_ensure
plperl_package_name
Data type: Optional[String[1]]
Sets the default package name for the PL/Perl extension.
Default value: $postgresql::params::plperl_package_name
plpython_package_name
Data type: Optional[String[1]]
Sets the default package name for the PL/Python extension.
Default value: $postgresql::params::plpython_package_name
service_ensure
Data type: Variant[Enum['running', 'stopped'], Boolean]
Ensure service is installed
Default value: $postgresql::params::service_ensure
service_enable
Data type: Boolean
Enable the PostgreSQL service
Default value: $postgresql::params::service_enable
service_manage
Data type: Boolean
Defines whether or not Puppet should manage the service.
Default value: $postgresql::params::service_manage
service_name
Data type: String[1]
Overrides the default PostgreSQL service name.
Default value: $postgresql::params::service_name
service_restart_on_change
Data type: Boolean
Overrides the default behavior to restart your PostgreSQL service when a config entry has been changed that requires a service restart to become active.
Default value: $postgresql::params::service_restart_on_change
service_provider
Data type: Optional[String[1]]
Overrides the default PostgreSQL service provider.
Default value: $postgresql::params::service_provider
service_reload
Data type: String[1]
Overrides the default reload command for your PostgreSQL service.
Default value: $postgresql::params::service_reload
service_status
Data type: Optional[String[1]]
Overrides the default status check command for your PostgreSQL service.
Default value: $postgresql::params::service_status
default_database
Data type: String[1]
Specifies the name of the default database to connect with. On most systems this is 'postgres'.
Default value: $postgresql::params::default_database
default_connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server. Becomes the default for other defined types, such as postgresql::server::role.
Default value: $postgresql::globals::default_connect_settings
listen_addresses
Data type: Optional[Variant[String[1], Array[String[1]]]]
Address list on which the PostgreSQL service will listen
Default value: $postgresql::params::listen_addresses
port
Data type: Stdlib::Port
Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432.
Default value: $postgresql::params::port
ip_mask_deny_postgres_user
Data type: String[1]
Specifies the IP mask from which remote connections should be denied for the postgres superuser. Default value: '0.0.0.0/0', which denies any remote connection.
Default value: $postgresql::params::ip_mask_deny_postgres_user
ip_mask_allow_all_users
Data type: String[1]
Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. Default value: '127.0.0.1/32'.
Default value: $postgresql::params::ip_mask_allow_all_users
ipv4acls
Data type: Array[String[1]]
Lists strings for access control for connection method, users, databases, IPv4 addresses;
Default value: $postgresql::params::ipv4acls
ipv6acls
Data type: Array[String[1]]
Lists strings for access control for connection method, users, databases, IPv6 addresses.
Default value: $postgresql::params::ipv6acls
initdb_path
Data type: Stdlib::Absolutepath
Specifies the path to the initdb command.
Default value: $postgresql::params::initdb_path
psql_path
Data type: Stdlib::Absolutepath
Specifies the path to the psql command.
Default value: $postgresql::params::psql_path
pg_hba_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your pg_hba.conf file.
Default value: $postgresql::params::pg_hba_conf_path
pg_ident_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your pg_ident.conf file.
Default value: $postgresql::params::pg_ident_conf_path
postgresql_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your postgresql.conf file.
Default value: $postgresql::params::postgresql_conf_path
postgresql_conf_mode
Data type: Optional[Stdlib::Filemode]
Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true.
Default value: $postgresql::params::postgresql_conf_mode
recovery_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your recovery.conf file.
Default value: $postgresql::params::recovery_conf_path
datadir
Data type: Stdlib::Absolutepath
PostgreSQL data directory
Default value: $postgresql::params::datadir
xlogdir
Data type: Optional[Stdlib::Absolutepath]
PostgreSQL xlog directory
Default value: $postgresql::params::xlogdir
logdir
Data type: Optional[Stdlib::Absolutepath]
PostgreSQL log directory
Default value: $postgresql::params::logdir
log_line_prefix
Data type: Optional[String[1]]
PostgreSQL log line prefix
Default value: $postgresql::params::log_line_prefix
pg_hba_conf_defaults
Data type: Boolean
If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example.
Default value: $postgresql::params::pg_hba_conf_defaults
user
Data type: String[1]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: $postgresql::params::user
group
Data type: String[1]
Overrides the default postgres user group to be used for related files in the file system.
Default value: $postgresql::params::group
needs_initdb
Data type: Boolean
Explicitly calls the initdb operation after server package is installed, and before the PostgreSQL service is started.
Default value: $postgresql::params::needs_initdb
encoding
Data type: Optional[String[1]]
Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well.
Default value: $postgresql::params::encoding
locale
Data type: Optional[String[1]]
Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module.
Default value: $postgresql::params::locale
data_checksums
Data type: Optional[Boolean]
Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent. Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases.
Default value: $postgresql::params::data_checksums
timezone
Data type: Optional[String[1]]
Set timezone for the PostgreSQL instance
Default value: $postgresql::params::timezone
manage_pg_hba_conf
Data type: Boolean
Boolean. Whether to manage the pg_hba.conf.
Default value: $postgresql::params::manage_pg_hba_conf
manage_pg_ident_conf
Data type: Boolean
Boolean. Overwrites the pg_ident.conf file.
Default value: $postgresql::params::manage_pg_ident_conf
manage_recovery_conf
Data type: Boolean
Boolean. Specifies whether or not manage the recovery.conf.
Default value: $postgresql::params::manage_recovery_conf
manage_postgresql_conf_perms
Data type: Boolean
Whether to manage the postgresql conf file permissions. This means owner, group and mode. Contents are not managed but should be managed through postgresql::server::config_entry.
Default value: $postgresql::params::manage_postgresql_conf_perms
manage_selinux
Data type: Boolean
Specifies whether or not manage the conf file for selinux.
Default value: $postgresql::params::manage_selinux
module_workdir
Data type: Stdlib::Absolutepath
Working directory for the PostgreSQL module
Default value: $postgresql::params::module_workdir
manage_datadir
Data type: Boolean
Set to false if you have file{ $datadir: } already defined
Default value: $postgresql::params::manage_datadir
manage_logdir
Data type: Boolean
Set to false if you have file{ $logdir: } already defined
Default value: $postgresql::params::manage_logdir
manage_xlogdir
Data type: Boolean
Set to false if you have file{ $xlogdir: } already defined
Default value: $postgresql::params::manage_xlogdir
password_encryption
Data type: Postgresql::Pg_password_encryption
Specify the type of encryption set for the password.
Default value: $postgresql::params::password_encryption
pg_hba_auth_password_encryption
Data type: Optional[Postgresql::Pg_password_encryption]
Specify the type of encryption set for the password in pg_hba_conf, this value is usefull if you want to start enforcing scram-sha-256, but give users transition time.
Default value: undef
roles
Data type: Hash[String, Hash]
Specifies a hash from which to generate postgresql::server::role resources.
Default value: {}
config_entries
Data type: Hash[String, Any]
Specifies a hash from which to generate postgresql::server::config_entry resources.
Default value: {}
pg_hba_rules
Data type: Postgresql::Pg_hba_rules
Specifies a hash from which to generate postgresql::server::pg_hba_rule resources.
Default value: {}
backup_enable
Data type: Boolean
Whether a backup job should be enabled.
Default value: $postgresql::params::backup_enable
backup_options
Data type: Hash
A hash of options that should be passed through to the backup provider.
Default value: {}
backup_provider
Data type: Enum['pg_dump']
Specifies the backup provider to use.
Default value: $postgresql::params::backup_provider
extra_systemd_config
Data type: Optional[String]
Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string
Default value: $postgresql::params::extra_systemd_config
auth_host
Data type: Optional[String[1]]
auth method used by default for host authorization
Default value: undef
auth_local
Data type: Optional[String[1]]
auth method used by default for local authorization
Default value: undef
lc_messages
Data type: Optional[String[1]]
locale used for logging and system messages
Default value: undef
username
Data type: Optional[String[1]]
username of user running the postgres instance
Default value: $user
postgresql::server::contrib
Install the contrib postgresql packaging.
Parameters
The following parameters are available in the postgresql::server::contrib class:
package_name
Data type: Optional[String[1]]
The name of the PostgreSQL contrib package.
Default value: $postgresql::params::contrib_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Ensure the contrib package is installed.
Default value: 'present'
postgresql::server::plperl
This class installs the PL/Perl procedural language for postgresql.
Parameters
The following parameters are available in the postgresql::server::plperl class:
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
The ensure parameter passed on to PostgreSQL PL/Perl package resource.
Default value: 'present'
package_name
Data type: Optional[String[1]]
The name of the PostgreSQL PL/Perl package.
Default value: $postgresql::server::plperl_package_name
postgresql::server::plpython
This class installs the PL/Python procedural language for postgresql.
Parameters
The following parameters are available in the postgresql::server::plpython class:
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Specifies whether the package is present.
Default value: 'present'
package_name
Data type: Optional[String[1]]
Specifies the name of the postgresql PL/Python package.
Default value: $postgresql::server::plpython_package_name
postgresql::server::postgis
Install the postgis postgresql packaging.
Parameters
The following parameters are available in the postgresql::server::postgis class:
package_name
Data type: String
Sets the package name.
Default value: $postgresql::params::postgis_package_name
package_ensure
Data type: Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]
Specifies if the package is present or not.
Default value: 'present'
Defined types
postgresql::server::config_entry
Manage a postgresql.conf entry.
Parameters
The following parameters are available in the postgresql::server::config_entry defined type:
ensure
Data type: Enum['present', 'absent']
Removes an entry if set to 'absent'.
Default value: 'present'
key
Data type: String[1]
Defines the key/name for the setting. Defaults to $name
Default value: $name
value
Data type: Optional[Variant[String[1], Numeric, Array[String[1]]]]
Defines the value for the setting.
Default value: undef
path
Data type: Stdlib::Absolutepath
Path for postgresql.conf
Default value: $postgresql::server::postgresql_conf_path
comment
Data type: Optional[String[1]]
Defines the comment for the setting. The # is added by default.
Default value: undef
instance_name
Data type: String[1]
The name of the instance.
Default value: 'main'
postgresql::server::database
Define for creating a database.
Parameters
The following parameters are available in the postgresql::server::database defined type:
commentdbnameownertablespacetemplateencodinglocaleistemplateinstanceconnect_settingspsql_pathdefault_dbusergroupport
comment
Data type: Optional[String[1]]
Sets a comment on the database.
Default value: undef
dbname
Data type: String[1]
Sets the name of the database.
Default value: $title
owner
Data type: Optional[String[1]]
Sets name of the database owner.
Default value: undef
tablespace
Data type: Optional[String[1]]
Sets tablespace for where to create this database.
Default value: undef
template
Data type: String[1]
Specifies the name of the template database from which to build this database. Default value: 'template0'.
Default value: 'template0'
encoding
Data type: Optional[String[1]]
Overrides the character set during creation of the database.
Default value: $postgresql::server::encoding
locale
Data type: Optional[String[1]]
Overrides the locale during creation of the database.
Default value: $postgresql::server::locale
istemplate
Data type: Boolean
Defines the database as a template if set to true.
Default value: false
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server.
Default value: $postgresql::server::default_connect_settings
psql_path
Data type: Stdlib::Absolutepath
Specifies the path to the psql command.
Default value: $postgresql::server::psql_path
default_db
Data type: String[1]
Specifies the name of the default database to connect with. On most systems this is 'postgres'.
Default value: $postgresql::server::default_database
user
Data type: String[1]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: $postgresql::server::user
group
Data type: String[1]
Overrides the default postgres user group to be used for related files in the file system.
Default value: $postgresql::server::group
port
Data type: Stdlib::Port
Specifies the port for the PostgreSQL server to listen on.
Default value: $postgresql::server::port
postgresql::server::database_grant
Manage a database grant.
Parameters
The following parameters are available in the postgresql::server::database_grant defined type:
privilege
Data type: Enum['ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP', 'all', 'create', 'connect', 'temporary', 'temp']
Specifies comma-separated list of privileges to grant. Valid options: 'ALL', 'CREATE', 'CONNECT', 'TEMPORARY', 'TEMP'.
db
Data type: String[1]
Specifies the database to which you are granting access.
role
Data type: String[1]
Specifies the role or user whom you are granting access to.
ensure
Data type: Optional[Enum['present', 'absent']]
Specifies whether to grant or revoke the privilege. Revoke or 'absent' works only in PostgreSQL version 9.1.24 or later.
Default value: undef
psql_db
Data type: Optional[String[1]]
Defines the database to execute the grant against. This should not ordinarily be changed from the default
Default value: undef
psql_user
Data type: String[1]
Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'.
Default value: $postgresql::server::user
psql_group
Data type: String[1]
Overrides the default postgres user group to be used for related files in the file system.
Default value: $postgresql::server::group
connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server.
Default value: $postgresql::server::default_connect_settings
port
Data type: Stdlib::Port
Port to use when connecting.
Default value: $postgresql::server::port
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
postgresql::server::db
Define for conveniently creating a role, database and assigning the correct permissions.
Parameters
The following parameters are available in the postgresql::server::db defined type:
userpasswordcommentdbnameencodinglocalegranttablespacetemplateistemplateownerportpsql_userpsql_groupinstance
user
Data type: String[1]
User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory.
password
Data type: Optional[Variant[String, Sensitive[String]]]
Sets the password for the created user (if a user is created).
Default value: undef
comment
Data type: Optional[String[1]]
Defines a comment to be stored about the database using the PostgreSQL COMMENT command.
Default value: undef
dbname
Data type: String[1]
Sets the name of the database to be created.
Default value: $title
encoding
Data type: Optional[String[1]]
Overrides the character set during creation of the database.
Default value: $postgresql::server::encoding
locale
Data type: Optional[String[1]]
Overrides the locale during creation of the database.
Default value: $postgresql::server::locale
grant
Data type: Variant[String[1], Array[String[1]]]
Specifies the permissions to grant during creation. Default value: 'ALL'.
Default value: 'ALL'
tablespace
Data type: Optional[String[1]]
Defines the name of the tablespace to allocate the created database to.
Default value: undef
template
Data type: String[1]
Specifies the name of the template database from which to build this database. Defaults value: template0.
Default value: 'template0'
istemplate
Data type: Boolean
Specifies that the database is a template, if set to true.
Default value: false
owner
Data type: Optional[String[1]]
Sets a user as the owner of the database.
Default value: undef
port
Data type: Optional[Stdlib::Port]
Specifies the port where the PostgreSQL server is listening on.
Default value: undef
psql_user
Data type: String[1]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: $postgresql::server::user
psql_group
Data type: String[1]
Overrides the default PostgreSQL user group to be used for related files in the file system.
Default value: $postgresql::server::group
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
postgresql::server::default_privileges
Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above.
Parameters
The following parameters are available in the postgresql::server::default_privileges defined type:
target_roleensureroledbobject_typeprivilegeschemapsql_dbpsql_userpsql_pathportconnect_settingsinstancegroup
target_role
Data type: Optional[String]
Target role whose created objects will receive the default privileges. Defaults to the current user.
Default value: undef
ensure
Data type: Enum['present', 'absent']
Specifies whether to grant or revoke the privilege.
Default value: 'present'
role
Data type: String
Specifies the role or user whom you are granting access to.
db
Data type: String
Specifies the database to which you are granting access.
object_type
Data type:
Pattern[
/(?i:^FUNCTIONS$)/,
/(?i:^ROUTINES$)/,
/(?i:^SEQUENCES$)/,
/(?i:^TABLES$)/,
/(?i:^TYPES$)/,
/(?i:^SCHEMAS$)/
]
Specify target object type: 'FUNCTIONS', 'ROUTINES', 'SEQUENCES', 'TABLES', 'TYPES'.
privilege
Data type: String
Specifies comma-separated list of privileges to grant. Valid options: depends on object type.
schema
Data type: String
Target schema. Defaults to 'public'. Can be set to '' to apply to all schemas.
Default value: 'public'
psql_db
Data type: String
Defines the database to execute the grant against. This should not ordinarily be changed from the default.
Default value: $postgresql::server::default_database
psql_user
Data type: String
Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'.
Default value: $postgresql::server::user
psql_path
Data type: Stdlib::Absolutepath
Specifies the OS user for running psql. Default value: The default user for the module, usually 'postgres'.
Default value: $postgresql::server::psql_path
port
Data type: Stdlib::Port
Specifies the port to access the server. Default value: The default user for the module, usually '5432'.
Default value: $postgresql::server::port
connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server.
Default value: $postgresql::server::default_connect_settings
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
group
Data type: String
Specifies the user group to which the privileges will be granted.
Default value: $postgresql::server::group
postgresql::server::extension
Activate an extension on a postgresql database.
Parameters
The following parameters are available in the postgresql::server::extension defined type:
databaseextensionschemaversionensurepackage_namepackage_ensureportconnect_settingsdatabase_resource_nameinstancepsql_pathusergroup
database
Data type: String[1]
Specifies the database on which to activate the extension.
extension
Data type: String[1]
Specifies the extension to activate. If left blank, uses the name of the resource.
Default value: $name
schema
Data type: Optional[String[1]]
Specifies the schema on which to activate the extension.
Default value: undef
version
Data type: Optional[String[1]]
Specifies the version of the extension which the database uses. When an extension package is updated, this does not automatically change the effective version in each database. This needs be updated using the PostgreSQL-specific SQL ALTER EXTENSION... version may be set to latest, in which case the SQL ALTER EXTENSION "extension" UPDATE is applied to this database (only). version may be set to a specific version, in which case the extension is updated using ALTER EXTENSION "extension" UPDATE TO 'version' eg. If extension is set to postgis and version is set to 2.3.3, this will apply the SQL ALTER EXTENSION "postgis" UPDATE TO '2.3.3' to this database only. version may be omitted, in which case no ALTER EXTENSION... SQL is applied, and the version will be left unchanged.
Default value: undef
ensure
Data type: Enum['present', 'absent']
Specifies whether to activate or deactivate the extension. Valid options: 'present' or 'absent'.
Default value: 'present'
package_name
Data type: Optional[String[1]]
Specifies a package to install prior to activating the extension.
Default value: undef
package_ensure
Data type: Optional[Variant[Enum['present', 'absent', 'purged', 'disabled', 'installed', 'latest'], String[1]]]
Overrides default package deletion behavior. By default, the package specified with package_name is installed when the extension is activated and removed when the extension is deactivated. To override this behavior, set the ensure value for the package.
Default value: undef
port
Data type: Stdlib::Port
Port to use when connecting.
Default value: postgresql::default('port')
connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server.
Default value: postgresql::default('default_connect_settings')
database_resource_name
Data type: String[1]
Specifies the resource name of the DB being managed. Defaults to the parameter $database, if left blank.
Default value: $database
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
psql_path
Data type: Stdlib::Absolutepath
Specifies the path to the psql command.
Default value: postgresql::default('psql_path')
user
Data type: String[1]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: postgresql::default('user')
group
Data type: String[1]
Overrides the default postgres user group to be used for related files in the file system.
Default value: postgresql::default('group')
postgresql::server::grant
Define for granting permissions to roles.
Parameters
The following parameters are available in the postgresql::server::grant defined type:
roledbprivilegeobject_typeobject_nameobject_argumentspsql_dbpsql_userportonlyif_existsconnect_settingsensuregrouppsql_pathinstance
role
Data type: String
Specifies the role or user whom you are granting access to.
db
Data type: String
Specifies the database to which you are granting access.
privilege
Data type: String
Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string.
Default value: ''
object_type
Data type:
Pattern[#/(?i:^COLUMN$)/,
/(?i:^ALL SEQUENCES IN SCHEMA$)/,
/(?i:^ALL TABLES IN SCHEMA$)/,
/(?i:^DATABASE$)/,
#/(?i:^FOREIGN DATA WRAPPER$)/,
#/(?i:^FOREIGN SERVER$)/,
/(?i:^FUNCTION$)/,
/(?i:^LANGUAGE$)/,
#/(?i:^PROCEDURAL LANGUAGE$)/,
/(?i:^TABLE$)/,
#/(?i:^TABLESPACE$)/,
/(?i:^SCHEMA$)/,
/(?i:^SEQUENCE$)/
#/(?i:^VIEW$)/
]
Specifies the type of object to which you are granting privileges. Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'.
Default value: 'database'
object_name
Data type: Optional[Variant[Array[String,2,2],String[1]]]
Specifies name of object_type to which to grant access, can be either a string or a two element array. String: 'object_name' Array: ['schema_name', 'object_name']
Default value: undef
object_arguments
Data type: Array[String[1],0]
Specifies any arguments to be passed alongisde the access grant.
Default value: []
psql_db
Data type: String
Specifies the database to execute the grant against. This should not ordinarily be changed from the default
Default value: $postgresql::server::default_database
psql_user
Data type: String
Sets the OS user to run psql.
Default value: $postgresql::server::user
port
Data type: Stdlib::Port
Port to use when connecting.
Default value: $postgresql::server::port
onlyif_exists
Data type: Boolean
Create grant only if doesn't exist
Default value: false
connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server.
Default value: $postgresql::server::default_connect_settings
ensure
Data type: Enum['present', 'absent']
Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'.
Default value: 'present'
group
Data type: String
Sets the OS group to run psql
Default value: $postgresql::server::group
psql_path
Data type: Stdlib::Absolutepath
Sets the path to psql command
Default value: $postgresql::server::psql_path
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
postgresql::server::grant_role
Define for granting membership to a role.
Parameters
The following parameters are available in the postgresql::server::grant_role defined type:
group
Data type: String[1]
Specifies the group role to which you are assigning a role.
role
Data type: String[1]
Specifies the role you want to assign to a group. If left blank, uses the name of the resource.
Default value: $name
ensure
Data type: Enum['present', 'absent']
Specifies whether to grant or revoke the membership. Valid options: 'present' or 'absent'.
Default value: 'present'
psql_db
Data type: String[1]
Specifies the database to execute the grant against. This should not ordinarily be changed from the default
Default value: $postgresql::server::default_database
psql_user
Data type: String[1]
Sets the OS user to run psql.
Default value: $postgresql::server::user
port
Data type: Stdlib::Port
Port to use when connecting.
Default value: $postgresql::server::port
connect_settings
Data type: Hash
Specifies a hash of environment variables used when connecting to a remote server.
Default value: $postgresql::server::default_connect_settings
instance
Data type: String[1]
The name of the Postgresql database instance.
Default value: 'main'
postgresql::server::instance::config
Manages the config for a postgresql::server instance
Parameters
The following parameters are available in the postgresql::server::instance::config defined type:
ip_mask_deny_postgres_userip_mask_allow_all_userslisten_addressesportipv4aclsipv6aclspg_hba_conf_pathpg_ident_conf_pathpostgresql_conf_pathpostgresql_conf_moderecovery_conf_pathpg_hba_conf_defaultsusergroupversionmanage_pg_hba_confmanage_pg_ident_confmanage_recovery_confmanage_postgresql_conf_permsdatadirlogdirservice_nameservice_enablelog_line_prefixtimezonepassword_encryptionpg_hba_auth_password_encryptionextra_systemd_configmanage_selinux
ip_mask_deny_postgres_user
Data type: String[1]
Specifies the IP mask from which remote connections should be denied for the postgres superuser. Default value: '0.0.0.0/0', which denies any remote connection.
Default value: $postgresql::server::ip_mask_deny_postgres_user
ip_mask_allow_all_users
Data type: String[1]
Overrides PostgreSQL defaults for remote connections. By default, PostgreSQL does not allow database user accounts to connect via TCP from remote machines. If you'd like to allow this, you can override this setting. Set to '0.0.0.0/0' to allow database users to connect from any remote machine, or '192.168.0.0/1' to allow connections from any machine on your local '192.168' subnet. Default value: '127.0.0.1/32'.
Default value: $postgresql::server::ip_mask_allow_all_users
listen_addresses
Data type: Optional[Variant[String[1], Array[String[1]]]]
Address list on which the PostgreSQL service will listen
Default value: $postgresql::server::listen_addresses
port
Data type: Stdlib::Port
Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change. Default value: 5432. Meaning the Postgres server listens on TCP port 5432.
Default value: $postgresql::server::port
ipv4acls
Data type: Array[String[1]]
Lists strings for access control for connection method, users, databases, IPv4 addresses.
Default value: $postgresql::server::ipv4acls
ipv6acls
Data type: Array[String[1]]
Lists strings for access control for connection method, users, databases, IPv6 addresses.
Default value: $postgresql::server::ipv6acls
pg_hba_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your pg_hba.conf file.
Default value: $postgresql::server::pg_hba_conf_path
pg_ident_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your pg_ident.conf file.
Default value: $postgresql::server::pg_ident_conf_path
postgresql_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your postgresql.conf file.
Default value: $postgresql::server::postgresql_conf_path
postgresql_conf_mode
Data type: Optional[Stdlib::Filemode]
Sets the mode of your postgresql.conf file. Only relevant if manage_postgresql_conf_perms is true.
Default value: $postgresql::server::postgresql_conf_mode
recovery_conf_path
Data type: Stdlib::Absolutepath
Specifies the path to your recovery.conf file.
Default value: $postgresql::server::recovery_conf_path
pg_hba_conf_defaults
Data type: Boolean
If false, disables the defaults supplied with the module for pg_hba.conf. This is useful if you disagree with the defaults and wish to override them yourself. Be sure that your changes of course align with the rest of the module, as some access is required to perform basic psql operations for example.
Default value: $postgresql::server::pg_hba_conf_defaults
user
Data type: String[1]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: $postgresql::server::user
group
Data type: String[1]
Overrides the default postgres user group to be used for related files in the file system.
Default value: $postgresql::server::group
version
Data type: Optional[String[1]]
Sets PostgreSQL version
Default value: $postgresql::server::_version
manage_pg_hba_conf
Data type: Boolean
Boolean. Whether to manage the pg_hba.conf.
Default value: $postgresql::server::manage_pg_hba_conf
manage_pg_ident_conf
Data type: Boolean
Boolean. Overwrites the pg_ident.conf file.
Default value: $postgresql::server::manage_pg_ident_conf
manage_recovery_conf
Data type: Boolean
Boolean. Specifies whether or not manage the recovery.conf.
Default value: $postgresql::server::manage_recovery_conf
manage_postgresql_conf_perms
Data type: Boolean
Whether to manage the postgresql conf file permissions. This means owner, group and mode. Contents are not managed but should be managed through postgresql::server::config_entry.
Default value: $postgresql::server::manage_postgresql_conf_perms
datadir
Data type: Stdlib::Absolutepath
PostgreSQL data directory
Default value: $postgresql::server::datadir
logdir
Data type: Optional[Stdlib::Absolutepath]
PostgreSQL log directory
Default value: $postgresql::server::logdir
service_name
Data type: String[1]
Overrides the default PostgreSQL service name.
Default value: $postgresql::server::service_name
service_enable
Data type: Boolean
Enable the PostgreSQL service
Default value: $postgresql::server::service_enable
log_line_prefix
Data type: Optional[String[1]]
PostgreSQL log line prefix
Default value: $postgresql::server::log_line_prefix
timezone
Data type: Optional[String[1]]
Set timezone for the PostgreSQL instance
Default value: $postgresql::server::timezone
password_encryption
Data type: Postgresql::Pg_password_encryption
Specify the type of encryption set for the password.
Default value: $postgresql::server::password_encryption
pg_hba_auth_password_encryption
Data type: Optional[Postgresql::Pg_password_encryption]
Specify the type of encryption set for the password in pg_hba_conf, this value is usefull if you want to start enforcing scram-sha-256, but give users transition time.
Default value: $postgresql::server::pg_hba_auth_password_encryption
extra_systemd_config
Data type: Optional[String]
Adds extra config to systemd config file, can for instance be used to add extra openfiles. This can be a multi line string
Default value: $postgresql::server::extra_systemd_config
manage_selinux
Data type: Boolean
Specifies whether or not manage the conf file for selinux.
Default value: $postgresql::server::manage_selinux
postgresql::server::instance::initdb
Manages initdb feature for a postgresql::server instance
Parameters
The following parameters are available in the postgresql::server::instance::initdb defined type:
auth_hostauth_localdata_checksumsdatadirencodinggroupinitdb_pathlc_messageslocalelogdirmanage_datadirmanage_logdirmanage_xlogdirmodule_workdirneeds_initdbuserusernamexlogdirportpsql_path
auth_host
Data type: Optional[String[1]]
auth method used by default for host authorization
Default value: $postgresql::server::auth_host
auth_local
Data type: Optional[String[1]]
auth method used by default for local authorization
Default value: $postgresql::server::auth_local
data_checksums
Data type: Optional[Boolean]
Boolean. Use checksums on data pages to help detect corruption by the I/O system that would otherwise be silent.
Default value: $postgresql::server::data_checksums
datadir
Data type: Stdlib::Absolutepath
PostgreSQL data directory
Default value: $postgresql::server::datadir
encoding
Data type: Optional[String[1]]
Sets the default encoding for all databases created with this module. On certain operating systems this is also used during the template1 initialization, so it becomes a default outside of the module as well.
Default value: $postgresql::server::encoding
group
Data type: String[1]
Overrides the default postgres user group to be used for related files in the file system.
Default value: $postgresql::server::group
initdb_path
Data type: Stdlib::Absolutepath
Specifies the path to the initdb command.
Default value: $postgresql::server::initdb_path
lc_messages
Data type: Optional[String[1]]
locale used for logging and system messages
Default value: $postgresql::server::lc_messages
locale
Data type: Optional[String[1]]
Sets the default database locale for all databases created with this module. On certain operating systems this is used during the template1 initialization as well, so it becomes a default outside of the module. Warning: This option is used during initialization by initdb, and cannot be changed later. If set, checksums are calculated for all objects, in all databases.
Default value: $postgresql::server::locale
logdir
Data type: Optional[Stdlib::Absolutepath]
PostgreSQL log directory
Default value: $postgresql::server::logdir
manage_datadir
Data type: Boolean
Set to false if you have file{ $datadir: } already defined
Default value: $postgresql::server::manage_datadir
manage_logdir
Data type: Boolean
Set to false if you have file{ $logdir: } already defined
Default value: $postgresql::server::manage_logdir
manage_xlogdir
Data type: Boolean
Set to false if you have file{ $xlogdir: } already defined
Default value: $postgresql::server::manage_xlogdir
module_workdir
Data type: Stdlib::Absolutepath
Working directory for the PostgreSQL module
Default value: $postgresql::server::module_workdir
needs_initdb
Data type: Boolean
Explicitly calls the initdb operation after server package is installed and before the PostgreSQL service is started.
Default value: $postgresql::server::needs_initdb
user
Data type: String[1]
Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
Default value: $postgresql::server::user
username
Data type: Optional[String[1]]
username of user running the postgres instance
Default value: $postgresql::server::username
xlogdir
Data type: Optional[Stdlib::Absolutepath]
PostgreSQL xlog/WAL directory
Default value: $postgresql::server::xlogdir
port
Data type: Stdlib::Port
Specifies the port for the PostgreSQL server to listen on. Note: The same port number is used for all IP addresses the server listens on. Also, for Red Hat systems and early Debian systems, changing the port causes the server to come to a full stop before being able to make the change.
Default value: $postgresql::server::port
What are tasks?
Modules can contain tasks that take action outside of a desired state managed by Puppet. It’s perfect for troubleshooting or deploying one-off changes, distributing scripts to run across your infrastructure, or automating changes that need to happen in a particular order as part of an application deployment.
Tasks in this module release
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v10.3.0 - 2024-05-08
Added
Fixed
- Fix instance reload #1588 (SimonHoenscheid)
v10.2.0 - 2024-04-11
Added
- Use modern APT keyrings on Debian family; require puppetlabs/apt 9.2 #1563 (kenyon)
- List Debian 12 as supported system #1488 (deric)
Fixed
- acceptance tests: ensure code is idempotent #1589 (bastelfreak)
v10.1.0 - 2024-03-26
Added
- Add a global password_encryption parameter #1584 (ekohl)
- Use RequiresMountsFor on datadir #1582 (ekohl)
- Support Ubuntu 24.04 and postgis for postgresql 16 #1581 (bmiklautz)
- Add Fedora 39 support #1580 (lweller)
Other
- Fix typo in postgresql_conf provider docs #1579 (bastelfreak)
v10.0.3 - 2024-01-09
Fixed
- support for a custom apt source release #1561 (h0tw1r3)
- (#1556) Fix Python package name for Ubuntu >= 22.04 #1557 (antaflos)
- Unconfine postgresql_conf #1551 (smortex)
v10.0.2 - 2023-11-08
Fixed
- postgresql_conf: Fix regex for value param and add tests #1544 (SimonHoenscheid)
v10.0.1 - 2023-10-12
Fixed
- Fix
postgresql::default()return value for unknown parameters #1530 (smortex) - Fix the
postgresql::postgresql_password()function #1529 (smortex)
v10.0.0 - 2023-10-11
Changed
- postgis: Drop EL5 leftovers and fix package name for Fedora #1521 (bastelfreak)
- Drop EoL SLES 11.4 code #1520 (bastelfreak)
- Drop code for Debian without systemd #1514 (bastelfreak)
- puppet/systemd: Allow 6.x #1505 (SimonHoenscheid)
- set datatype for directories to Stdlib::Absolutepath #1499 (SimonHoenscheid)
- Drop postgresql 8.4/RHEL6 specific code #1489 (bastelfreak)
- Drop postgresql 8.1/RHEL5 specific code #1486 (bastelfreak)
- Delete deprecated validate_db_connection() defined resource #1484 (bastelfreak)
- postgresql::server: Remove deprecated createdb_path parameter #1483 (bastelfreak)
- postgresql::server: Remove deprecated version parameter #1482 (bastelfreak)
- puppetlabs/stdlib: Require 9.x #1481 (bastelfreak)
- port: Enforce Stdlib::Port datatype #1473 (bastelfreak)
- Add Server Instance Feature #1450 (SimonHoenscheid)
Added
- Drop EoL FreeBSD 9.4/9.5 specific code #1519 (bastelfreak)
- Drop code compatibility for non-systemd Red Hat #1518 (ekohl)
- add $manage_selinux as a parameter, keep default, simpler condition #1516 (SimonHoenscheid)
- add port and psql_path parameter to initdb define #1510 (SimonHoenscheid)
- PDK update 2.7.0->3.0.0 #1508 (SimonHoenscheid)
- variables to parameters for tablespace/schema/reassign_owned_by #1507 (SimonHoenscheid)
- server::schema: Drop unused $version variable #1506 (bastelfreak)
- Prefer $connect_settings over explicit parameters #1498 (bastelfreak)
- server::extension: make user/group/psql_path configureable #1497 (SimonHoenscheid)
- server::db: Make port/user/group configureable #1494 (bastelfreak)
- server::database_grant: Always set default user/group and expose port as parameter #1493 (bastelfreak)
- server::database: make user/group/psql_path/default_db configureable #1492 (SimonHoenscheid)
- Provide a default for config_entry's path and enforce absolute path #1490 (SimonHoenscheid)
Fixed
- Fix password_encryption for DBVERSION in server::role #1515 (cruelsmith)
- Flexible password encryption in pg hba conf #1512 (cruelsmith)
- service name should be unique to allow instances #1504 (SimonHoenscheid)
- server::grant: make port optional/restore connect_settings feature #1496 (bastelfreak)
v9.2.0 - 2023-08-30
Added
- port parameter: Cleanup datatype #1471 (bastelfreak)
- puppet/systemd: Allow 5.x & puppetlabs/concat: Allow 9.x #1448 (bastelfreak)
- Add default version for Fedora 37, 38 #1421 (lweller)
- Defaulting password encryption for version above 14 #1406 (cruelsmith)
Fixed
- port parameter: log warning when its a string #1474 (bastelfreak)
- pg_hba.conf: Introduce a newline after each rule #1472 (bastelfreak)
- (CAT-1262)-updated legacy repo for SUSE #1462 (praj1001)
- Fix log directory config entry name #1457 (chillinger)
- Make anchors in defined resources unique #1455 (SimonHoenscheid)
- implement key parameter for config_entry defined resource #1454 (SimonHoenscheid)
- add missing parameters to initdb #1451 (SimonHoenscheid)
- Fix default value for $service_status on ArchLinux #1410 (smortex)
- Fix wrong Sensitive handling for updating role passwords #1404 (cruelsmith)
v9.1.0 - 2023-06-12
Added
v9.0.3 - 2023-05-09
Fixed
- (GH-1426) - Update value to accept array #1434 (jordanbreen28)
- (#1432) - Fix
Unable to mark 'unless' as sensitive#1433 (kBite)
v9.0.2 - 2023-05-02
Fixed
- (CONT-950) - Fix mismatched data types #1430 (jordanbreen28)
- (CONT-904) - Removal of tech debt #1429 (jordanbreen28)
- (CONT-949) - Bump stdlib dependency #1428 (jordanbreen28)
v9.0.1 - 2023-04-24
Fixed
v9.0.0 - 2023-04-21
Changed
- (CONT-792) - Add Puppet 8/Drop Puppet 6 #1414 (jordanbreen28)
v8.3.0 - 2023-04-21
Added
- convert ERB templates to EPP #1399 (SimonHoenscheid)
- (CONT-361) Syntax update #1397 (LukasAud)
- Add multi instance support, refactoring reload.pp (6/x) #1392 (SimonHoenscheid)
- Add multi instance support, refactoring password.pp (5/x) #1391 (SimonHoenscheid)
- Add multi instance support, refactoring late_initdb.pp (3/x) #1384 (SimonHoenscheid)
- Add multi instance support, refactoring initdb.pp (2/x) #1383 (SimonHoenscheid)
- Add multi instance support, refactoring config.pp (1/x) #1382 (SimonHoenscheid)
- pg_hba_rule: Validate userinput in postgresql::server #1376 (bastelfreak)
- pg_hba_rule: Move
typedatatype to own type #1375 (bastelfreak) - pg_hba_rule does not properly verify address parameter #1372 (tuxmea)
Fixed
- Ubuntu 14/16/17: Drop code leftovers #1388 (bastelfreak)
- remove debian 8 and 9 corpses #1387 (SimonHoenscheid)
- Archlinux client and server package names were swapped around #1381 (tobixen)
- apt::source: configure repo only for current architecture #1380 (bastelfreak)
- pdksync - (CONT-189) Remove support for RedHat6 / OracleLinux6 / Scientific6 #1371 (david22swan)
- pdksync - (CONT-130) - Dropping Support for Debian 9 #1368 (jordanbreen28)
- (maint) Codebase Hardening #1366 (david22swan)
- Fix table grant with schema #1315 (vaol)
v8.2.1 - 2022-08-24
Fixed
- Fix puppet-strings documentation #1363 (ekohl)
- (GH-1360) Reverting REFERENCE.md changes #1361 (pmcmaw)
- Only require password when used #1356 (arjenz)
v8.2.0 - 2022-08-23
Added
- pdksync - (GH-cat-11) Certify Support for Ubuntu 22.04 #1355 (david22swan)
- (MODULES-11251) Add support for backup provider "pg_dump" #1319 (fraenki)
Fixed
v8.1.0 - 2022-07-21
Added
- Fix service status detection on Debian-based OSes #1349 (arjenz)
- (FM-8971) allow deferred function for role pwd #1347 (tvpartytonight)
- Set version for Fedora 36 #1345 (lweller)
- Add Red Hat Enterprise Linux 9 support #1303 (ekohl)
Fixed
- (GH-1352) - Updating postgresql service version on SLES #1353 (pmcmaw)
- Respect $service_status on Red Hat-based distros #1351 (ekohl)
- Add version for Ubuntu 22.04 #1350 (arjenz)
- README.md: correct postgresql_conn_validator example #1332 (bastelfreak)
- pdksync - (GH-iac-334) Remove Support for Ubuntu 14.04/16.04 #1331 (david22swan)
- Remove unused variable in reload.pp #1327 (ekohl)
- Use systemctl reload on EL 7 and higher #1326 (ekohl)
v8.0.0 - 2022-03-03
Changed
Added
- add default version for Fedora 35 #1317 (jflorian)
- add scram-sha-256 support #1313 (fe80)
- add support for Ubuntu Hirsute and Impish #1312 (nicholascioli)
- Allow systemd to mask postgresql service file #1310 (kimsondrup)
- Make ::contrib a noop on OSes without a contrib package #1309 (carlosduelo)
- pdksync - (IAC-1753) - Add Support for AlmaLinux 8 #1308 (david22swan)
- MODULES-11201: add service_name for Ubuntu 18.04 and later #1306 (moritz-makandra)
- pdksync - (IAC-1751) - Add Support for Rocky 8 #1305 (david22swan)
- Default privileges support schemas #1300 (fish-face)
- Support target_role in default_privileges #1297 (fish-face)
Fixed
- pdksync - (IAC-1787) Remove Support for CentOS 6 #1324 (david22swan)
- Fix python package name in RHEL/CentOS 8 #1316 (kajinamit)
- Drop further code for Debian 6 and Ubuntu 10 #1307 (ekohl)
v7.5.0 - 2021-09-28
Added
Fixed
- (IAC-1598) - Remove Support for Debian 8 #1302 (david22swan)
- Inline file contents in the catalog #1299 (ekohl)
- Fix changing default encoding #1296 (smortex)
v7.4.1 - 2021-08-25
Fixed
v7.4.0 - 2021-08-24
Added
- pdksync - (IAC-1709) - Add Support for Debian 11 #1288 (david22swan)
Fixed
v7.3.0 - 2021-08-03
Added
- MODULES-11049 - Implement default privileges changes #1267 (mtancoigne)
Fixed
- Do not add version component to repo definition #1282 (weastur)
- (MODULES-8700) Autorequire the service in postgresql_psql #1276 (ekohl)
v7.2.0 - 2021-05-24
Added
- (MODULES-11069) add default version for fedora 34 #1272 (lweller)
- MODULES-11047 - Allow managing rights for PUBLIC role #1266 (mtancoigne)
v7.1.0 - 2021-04-12
Added
v7.0.3 - 2021-04-12
v7.0.2 - 2021-03-15
Fixed
- (MODULES-10957) Override the set_sensitive_parameters method #1258 (sheenaajay)
v7.0.1 - 2021-03-08
Fixed
v7.0.0 - 2021-03-04
Changed
- pdksync - (MAINT) Remove SLES 11 support #1247 (sanfrancrisko)
- pdksync - (MAINT) Remove RHEL 5 family support #1246 (sanfrancrisko)
- pdksync - Remove Puppet 5 from testing and bump minimal version to 6.0.0 #1238 (carabasdaniel)
Added
v6.10.2 - 2021-02-22
Fixed
v6.10.1 - 2021-02-09
v6.10.0 - 2021-02-08
Added
- Set default PostgreSQL version for FreeBSD #1227 (olevole)
- Clean up globals logic to support CentOS 8 stream #1225 (ekohl)
Fixed
- Also perform systemd daemon-reload on Puppet 6.1+ #1233 (ekohl)
- (bug) fix systemd daemon-reload order when updating service files #1230 (sheenaajay)
- Fix postgresql::sql task when password is not set #1226 (smortex)
v6.9.0 - 2021-01-18
Added
- pdksync - (feat) - Add support for puppet 7 #1215 (daianamezdrea)
- Manage postgresql_conf_path file permissions #1199 (ekohl)
Fixed
- (maint) updated defaults for rhel7 policycoreutils #1212 (sheenaajay)
- (IAC-1189) - Fix for SLES 15 SP 1 and later #1209 (david22swan)
- Change - Use systemd drop-in directory for unit overrides #1201 (blackknight36)
v6.8.0 - 2020-09-29
Added
- add hostgssenc type to pg_hba rules #1195 (osijan)
- Allow removal of config_entries via main class #1187 (ekohl)
Fixed
v6.7.0 - 2020-08-28
Added
- pdksync - (IAC-973) - Update travis/appveyor to run on new default branch
main#1182 (david22swan)
v6.6.0 - 2020-06-22
Added
- (IAC-746) - Add ubuntu 20.04 support #1172 (david22swan)
Fixed
- Invert psql/package dependency logic #1179 (raphink)
- Fix custom port in extension #1165 (Vampouille)
v6.5.0 - 2020-05-13
Added
- service_ensure => true is now an allowed value (aliased to running) #1167 (binford2k)
- Finish conversion of
postgresql_acls_to_resources_hashfunction #1163 (alexjfisher) - Finish conversion of
postgresql_escapefunction #1162 (alexjfisher) - Finish conversion of
postgresql_passwordfunction #1161 (alexjfisher) - Allow usage of grant and role when not managing postgresql::server #1159 (tuxmea)
- Add version configs for SLES 12 SP 3 to 5 #1158 (XnS)
- Add extra parameter "extra_systemd_config" #1156 (veninga)
Fixed
- (MODULES-10610) Use correct lower bound for concat version #1160 (ghoneycutt)
v6.4.0 - 2020-03-17
Added
- Add Fedora 31 compatibility #1141 (blackknight36)
- feat: enable different database resource name in extension #1136 (jfroche)
- pdksync - (FM-8581) - Debian 10 added to travis and provision file refactored #1130 (david22swan)
- Puppet 4 functions #1129 (binford2k)
Fixed
- Fix incorrectly quoted GRANT cmd on functions #1150 (olifre)
- Correct versioncmp logic in config.pp #1137 (boydtom)
- Treat $version as an integer for comparison, defaults to string #1135 (boydtom)
- Allow usage of PUBLIC role #1134 (Vampouille)
- fix missing systemd override config for EL8 (CentOS and RHEL) #1131 (david-barbion)
v6.3.0 - 2019-12-18
Added
- Add support for granting privileges on functions #1118 (crispygoth)
- (FM-8679) - Support added for CentOS 8 #1117 (david22swan)
- MODULES-10041 - allow define password_encryption for version above 10 #1111 (k2patel)
Fixed
- Remove duplicate REFERENCE.md file with strange unicode character at end of filename #1108 (nudgegoonies)
v6.2.0 - 2019-09-13
Added
- FM-8408 - add support on Debian10 #1103 (lionce)
- Fix/directory defined twice #1089 (arcenik)
- Adding SLES 15 #1087 (msurato)
- (FM-7500) conversion to use litmus #1081 (tphoney)
Fixed
- (MODULES-9658) - custom ports are not labeled correctly #1099 (blackknight36)
- Fix: When assigning a tablespace to a database, no equal sign is needed in the query #1098 (biertie)
- Grant all tables in schema fixup #1096 (georgehansper)
- (MODULES-9219) - puppetlabs-postgresql : catalog compilation fails when the service command is not installed #1093 (blackknight36)
v6.1.0 - 2019-06-04
Added
v6.0.0 - 2019-05-14
Changed
- pdksync - (MODULES-8444) - Raise lower Puppet bound #1070 (david22swan)
- (maint) remove inconsistent extra variable #1044 (binford2k)
Added
- Add Fedora 30 compatibility #1067 (blackknight36)
- Include EL8 version for config checks #1060 (ehelms)
Fixed
- Support current version of puppetlabs/apt. #1073 (pillarsdotnet)
- change username/group/datadir defaults for FreeBSD #1063 (olevole)
5.12.1 - 2019-02-14
Fixed
- (FM-7811) - Use postgresql 9.4 for SLES 11 sp4 #1057 (david22swan)
- (MODULES-8553) Further cleanup for package tag issues #1055 (HelenCampbell)
5.12.0 - 2019-02-01
Added
Fixed
- (MODULES-8553) Fix dependency on apt by explicitly using 'puppetlabs-postgresql' as tag #1052 (HelenCampbell)
- (MODULES-8352) Don't use empty encoding string on initdb #1043 (binford2k)
- pdksync - (FM-7655) Fix rubygems-update for ruby < 2.3 #1042 (tphoney)
5.11.0 - 2018-11-21
Added
Fixed
- Strip quotes from role names #1034 (jstuart)
- Ignore .psqlrc so output is clean and doesn't break Puppet #1021 (flaviogurgel)
- Change initdb option '--xlogdir' to '-X' for PG10 compatibility #976 (fcanovai)
5.10.0 - 2018-09-27
Added
5.9.0 - 2018-09-07
Added
5.8.0 - 2018-08-07
Added
- metadata.json: bump allowed version of puppetlabs-apt to 6.0.0 #1012 (mateusz-gozdek-sociomantic)
5.7.0 - 2018-07-20
Added
- (MODULES-7479) Update postgresql to support Ubuntu 18.04 #1005 (david22swan)
- (MODULES-6542) - Adding SLES 11 & 12 to metadata #1001 (pmcmaw)
Fixed
- (MODULES-7479) Ensure net-tools is installed when testing on Ubuntu 18.04 #1006 (david22swan)
- (MODULES-7460) - Updating grant table to include INSERT privileges #1004 (pmcmaw)
- Fix packages choice for ubuntu 17.10 #1000 (fflorens)
5.6.0 - 2018-06-21
5.5.0 - 2018-06-19
Changed
Added
- Add compatibility for Fedora 28 #994 (jflorian)
- (MODULES-5994) Add debian 9 #992 (hunner)
- Adding default Postgresql version for Ubuntu 18.04 #981 (lutaylor)
Fixed
5.4.0 - 2018-03-27
Added
- (MODULES-6330) PDK convert 1.4.1 #961 (pmcmaw)
- Parameter
ensureonpostgresql::server::grantandpostgresql::server::database_grant#891 (georgehansper)
Fixed
- Documentation error,
reassign_owned_byuses*_rolenot*_owner. #958 (computermouth)
5.3.0 - 2018-02-26
Added
- Support extension schemas #948 (hasegeli)
- Inherit 9.6 settings for later PgSQL version on FreeBSD #945 (olevole)
- MODULES-6194 - Add scram-sha-256 as a valid pg_hba_rule auth method #941 (f3nry)
- FM-6445 add a task #930 (tphoney)
- add ensure=>absent to postgresql::server::role #897 (georgehansper)
Fixed
- (maint) - Skip run_puppet_access_login on LTS #956 (pmcmaw)
- (MODULES-6608) - Adding puppet requirement for tasks versioncmp in beaker-task_helper #952 (pmcmaw)
- defaulted psql_path to postgresql::server::psql_path #947 (crayfishx)
- According to the puppet doc, Pattern should be a list of regex. #942 (PierreR)
- This pull request fixes an augeas warning #935 (iakovgan)
5.2.1 - 2017-11-14
Fixed
- (MODULES-5956) fixes for postgresql release #934 (jbondpdx)
- add parameter "version" to postgresql::server::extension - fix dependency on database #932 (georgehansper)
5.2.0 - 2017-10-09
Added
- add parameter "version" to postgresql::server::extension to update the extension version #896 (georgehansper)
Fixed
- (PUP-8008) monkey patch spec_helper_acceptance #925 (eputnam)
- (PUP-8008) monkey patch spec_helper_acceptance #924 (eputnam)
- enhance --data-checksums on initdb #915 (mmoll)
- MODULES-5378 fix the change in error message #909 (tphoney)
- MODULES-5378 fix error message checking in test #908 (tphoney)
- Default contcat order #900 (matonb)
5.1.0 - 2017-07-17
Added
- add defined type postgresql::server::reassign_owned_by #894 (georgehansper)
- add data_checksums option to initdb #878 (tjikkun)
5.0.0 - 2017-06-21
Changed
- Unset default log_line_prefix #870 (hasegeli)
- Let listen_addresses be defined independently #865 (hasegeli)
Added
- (MODULES-1394) replace validate_db_connection type with custom type #879 (eputnam)
- [msync] 786266 Implement puppet-module-gems, a45803 Remove metadata.json from locales config #860 (wilson208)
- (FM-6116) - Adding POT file for metadata.json #857 (pmcmaw)
- Allowo to disable managing passwords for users #846 (bjoernhaeuser)
Fixed
- (maint) fix for connection validator #882 (eputnam)
- (MODULES-5050) Fix for grant_schema_spec #881 (eputnam)
- [MODULES-4598] Revert "Revert "fix default params for SUSE family OSes"" #863 (mmoll)
- [MODULES-4598] Revert "fix default params for SUSE family OSes" #858 (wilson208)
4.9.0 - 2017-03-09
Added
- (MODULES-1508) add support for unix_socket_directories #845 (eputnam)
- (MODULES-1127) allow LANGUAGE as valid object_type #838 (eputnam)
- Support granting SELECT and UPDATE permission on sequences (MODULES-4158) #823 (chris-reeves)
Fixed
- (MODULES-1707) add logic to params.pp for jdbc driver package on Debian #847 (eputnam)
- (maint) Schemas for a db should come after db #840 (hunner)
- Fix typo: hostnosssl #837 (df7cb)
- Fix SQL style on role.pp #794 (hasegeli)
- (#3858) Fix unless check in grant_role to work with roles as well as users #788 (thunderkeys)
4.8.0 - 2016-07-26
4.7.1 - 2016-02-18
Fixed
- Add missing onlyif_function to sequence grant code #738 (cfrantsen)
- Correctly set $service_provider #735 (antaflos)
4.7.0 - 2016-02-02
Added
4.6.1 - 2015-12-04
4.6.0 - 2015-09-01
Fixed
4.5.0 - 2015-07-28
4.4.2 - 2015-07-08
Added
Fixed
4.4.1 - 2015-07-01
Fixed
4.4.0 - 2015-06-30
Added
Fixed
- (FM-2931) fixes logic problem with onlyif type param validation. #654 (bmjen)
- Fixed systemd override for manage_repo package versions #639 (cdenneen)
- Apt fix #618 (tphoney)
- Fix URLs in metadata.json #599 (raphink)
4.3.0 - 2015-03-25
4.2.0 - 2015-03-10
Fixed
4.1.0 - 2014-11-04
Fixed
4.0.0 - 2014-09-10
Fixed
3.4.2 - 2014-08-06
3.4.1 - 2014-07-21
3.4.0 - 2014-07-09
Added
Fixed
- This corrects the location of the pg_hba config file on debian oses in tests #440 (justinstoller)
- Fix trailing }. #436 (apenney)
- Fix postgresql_conf quote logic #297 (reidmv)
3.3.3 - 2014-03-06
3.3.2 - 2014-03-03
3.3.1 - 2014-02-12
3.3.0 - 2014-01-28
Added
Fixed
- Fix typo, clearly from a copy/paste mistake #347 (mhagander)
- fix for concat error #343 (flypenguin)
- Fix NOREPLICATION option for Postgres 9.1 #333 (brandonwamboldt)
- Wrong parameter name: manage_pg_conf -> manage_pg_hba_conf #324 (aadamovich)
- Fix table_grant_spec to show a bug #310 (mcanevet)
3.2.0 - 2013-11-05
3.1.0 - 2013-10-25
Fixed
3.0.0 - 2013-10-16
3.0.0-rc3 - 2013-10-16
3.0.0-rc2 - 2013-10-09
3.0.0-rc1 - 2013-10-02
Fixed
- Fixing small typos #248 (ggeldenhuis)
2.5.0 - 2013-09-09
2.4.1 - 2013-08-01
Fixed
2.4.0 - 2013-08-01
2.3.0 - 2013-06-06
2.2.1 - 2013-04-29
2.2.0 - 2013-04-26
2.1.1 - 2013-02-22
2.1.0 - 2013-02-20
2.0.1 - 2013-01-30
2.0.0 - 2013-01-15
Added
Fixed
- Syntax Error #55 (Spenser309)
1.0.0 - 2012-10-24
release-0.3.0 - 2012-09-17
release-0.2.0 - 2012-08-16
release-0.0.1 - 2012-05-02
Dependencies
- puppetlabs/stdlib (>= 9.0.0 < 10.0.0)
- puppetlabs/apt (>= 9.2.0 < 10.0.0)
- puppet/systemd (>= 4.0.1 < 8.0.0)
- puppetlabs/concat (>= 4.1.0 < 10.0.0)
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Quality checks
We run a couple of automated scans to help you assess a module’s quality. Each module is given a score based on how well the author has formatted their code and documentation and select modules are also checked for malware using VirusTotal.
Please note, the information below is for guidance only and neither of these methods should be considered an endorsement by Puppet.
Malware scan results
The malware detection service on Puppet Forge is an automated process that identifies known malware in module releases before they’re published. It is not intended to replace your own virus scanning solution.
Learn more about malware scans- Module name:
- puppetlabs-postgresql
- Module version:
- 10.3.0
- Scan initiated:
- May 7th 2024, 19:31:13
- Detections:
- 0 / 63
- Scan stats:
- 63 undetected
- 0 harmless
- 0 failures
- 0 timeouts
- 0 malicious
- 0 suspicious
- 13 unsupported
- Scan report:
- View the detailed scan report