forked from saltstack-formulas/postgres-formula
-
Notifications
You must be signed in to change notification settings - Fork 1
/
pillar.example
156 lines (138 loc) · 4.47 KB
/
pillar.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
postgres:
# Set True to configure upstream postgresql.org repository for YUM or APT
use_upstream_repo: False
# Version to install from upstream repository
version: '9.3'
# These are Debian/Ubuntu specific package names
pkg: 'postgresql-9.3'
pkg_client: 'postgresql-client-9.3'
# Additional packages to install with PostgreSQL server,
# this should be in a list format
pkgs_extra:
- postgresql-contrib
- postgresql-plpython
# Append the lines under this item to your postgresql.conf file.
# Pay attention to indent exactly with 4 spaces for all lines.
postgresconf: |
listen_addresses = '*' # listen on all interfaces
# Path to the `pg_hba.conf` file Jinja template on Salt Fileserver
pg_hba.conf: salt://postgres/templates/pg_hba.conf.j2
# This section covers ACL management in the ``pg_hba.conf`` file.
# acls list controls: which hosts are allowed to connect, how clients
# are authenticated, which PostgreSQL user names they can use, which
# databases they can access. Records take one of these forms:
#
#acls:
# - ['local', 'DATABASE', 'USER', 'METHOD']
# - ['host', 'DATABASE', 'USER', 'ADDRESS', 'METHOD']
# - ['hostssl', 'DATABASE', 'USER', 'ADDRESS', 'METHOD']
# - ['hostnossl', 'DATABASE', 'USER', 'ADDRESS', 'METHOD']
#
# The uppercase items must be replaced by actual values.
# METHOD could be omitted, 'md5' will be appended by default.
#
# If ``acls`` item value is empty ('', [], null), then the contents of
# ``pg_hba.conf`` file will not be touched at all.
acls:
- ['local', 'db1', 'localUser']
- ['host', 'db2', 'remoteUser', '192.168.33.0/24']
# Backup extension for configuration files, defaults to ``.bak``.
# Set ``False`` to stop creation of backups when config files change.
{%- if salt['status.time']|default(none) is callable %}
config_backup: ".backup@{{ salt['status.time']('%y-%m-%d_%H:%M:%S') }}"
{%- endif %}
# PostgreSQL service name
service: postgresql
{%- if grains['init'] == 'unknown' %}
# If Salt is unable to detect init system running in the scope of state run,
# probably we are trying to bake a container/VM image with PostgreSQL.
# Use ``bake_image`` setting to control how PostgreSQL will be started: if set
# to ``True`` the raw ``pg_ctl`` will be utilized instead of packaged init
# script, job or unit run with Salt ``service`` state.
bake_image: True
{%- endif %}
# Create/remove users, tablespaces, databases, schema and extensions.
# Each of these dictionaries contains PostgreSQL entities which
# mapped to the ``postgres_*`` Salt states with arguments. See the Salt
# documentation to get all supported argument for a particular state.
#
# Format is the following:
#
#<users|tablespaces|databases|schemas|extensions>:
# NAME:
# ensure: <present|absent> # 'present' is the default
# ARGUMENT: VALUE
# ...
#
# where 'NAME' is the state name, 'ARGUMENT' is the kwarg name, and
# 'VALUE' is kwarg value.
#
# For example, the Pillar:
#
#users:
# testUser:
# password: test
#
# will render such state:
#
#postgres_user-testUser:
# postgres_user.present:
# - name: testUser
# - password: test
users:
localUser:
ensure: present
password: '98ruj923h4rf'
createdb: False
createroles: False
createuser: False
inherit: True
replication: False
remoteUser:
ensure: present
password: '98ruj923h4rf'
createdb: False
createroles: False
createuser: False
inherit: True
replication: False
absentUser:
ensure: absent
# tablespaces to be created
tablespaces:
my_space:
directory: /srv/my_tablespace
owner: localUser
# databases to be created
databases:
db1:
owner: 'localUser'
template: 'template0'
lc_ctype: 'en_US.UTF-8'
lc_collate: 'en_US.UTF-8'
db2:
owner: 'remoteUser'
template: 'template0'
lc_ctype: 'en_US.UTF-8'
lc_collate: 'en_US.UTF-8'
tablespace: 'my_space'
# set custom schema
schemas:
public:
owner: 'localUser'
# enable per-db extension
extensions:
uuid-ossp:
schema: 'public'
# optional schemas to enable on database
schemas:
uuid_ossp:
dbname: db1
owner: localUser
# optional extensions to install in schema
extensions:
uuid-ossp:
schema: uuid_ossp
maintenance_db: db1
#postgis: {}
# vim: ft=yaml ts=2 sts=2 sw=2 et