Page MenuHomeSoftware Heritage

netbox: use the centralized admin db
ClosedPublic

Authored by vsellier on Jan 13 2022, 4:21 PM.

Details

Summary

and remove the profiles related to postgresql

Related to T3833

Test Plan
diff origin/production/bojimans.internal.softwareheritage.org current/bojimans.internal.softwareheritage.org
*******************************************
- Anchor[apt_key B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 present]
*******************************************
- Anchor[postgresql::server::service::begin]
*******************************************
- Anchor[postgresql::server::service::end]
*******************************************
- Apt::Key[Add key: B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 from Apt::Source pgdg]
*******************************************
- Apt::Setting[list-pgdg]
*******************************************
- Apt::Setting[list-pglogical]
*******************************************
- Apt::Source[pgdg]
*******************************************
- Apt::Source[pglogical]
*******************************************
- Apt_key[Add key: B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 from Apt::Source pgdg]
*******************************************
- Concat::Fragment[pg_hba_rule_allow access to all users]
*******************************************
- Concat::Fragment[pg_hba_rule_allow access to ipv6 localhost]
*******************************************
- Concat::Fragment[pg_hba_rule_allow localhost TCP access to postgresql user]
*******************************************
- Concat::Fragment[pg_hba_rule_deny access to postgresql user]
*******************************************
- Concat::Fragment[pg_hba_rule_local access as postgres user]
*******************************************
- Concat::Fragment[pg_hba_rule_local access to database with same name]
*******************************************
- Concat[/etc/postgresql/11/main/pg_hba.conf]
*******************************************
- Concat[/etc/postgresql/11/main/pg_ident.conf]
*******************************************
- Concat_file[/etc/postgresql/11/main/pg_hba.conf]
*******************************************
- Concat_file[/etc/postgresql/11/main/pg_ident.conf]
*******************************************
- Concat_fragment[/etc/postgresql/11/main/pg_hba.conf_header]
*******************************************
- Concat_fragment[/etc/postgresql/11/main/pg_ident.conf_header]
*******************************************
- Concat_fragment[pg_hba_rule_allow access to all users]
*******************************************
- Concat_fragment[pg_hba_rule_allow access to ipv6 localhost]
*******************************************
- Concat_fragment[pg_hba_rule_allow localhost TCP access to postgresql user]
*******************************************
- Concat_fragment[pg_hba_rule_deny access to postgresql user]
*******************************************
- Concat_fragment[pg_hba_rule_local access as postgres user]
*******************************************
- Concat_fragment[pg_hba_rule_local access to database with same name]
*******************************************
- Exec[postgresql_reload]
*******************************************
- Exec[postgresql_stop_data_directory]
*******************************************
- File[/etc/apt/sources.list.d/pgdg.list]
*******************************************
- File[/etc/apt/sources.list.d/pglogical.list]
*******************************************
- File[/etc/postgresql/11/main/postgresql.conf]
*******************************************
  File[/opt/netbox-3.1.2/netbox/netbox/configuration.py] =>
   parameters =>
     content =>
      @@ -20,5 +20,5 @@
           'USER': 'netbox',               # PostgreSQL username
           'PASSWORD': 'netbox-db-password',           # PostgreSQL password
      -    'HOST': 'localhost',      # Database server
      +    'HOST': 'db1.internal.admin.swh.network',      # Database server
           'PORT': '5432',               # Database port (leave blank for default)
           'CONN_MAX_AGE': 300,      # Max database connection age
*******************************************
- File[/var/lib/postgresql/11/main]
*******************************************
- Package[postgresql-server]
*******************************************
- Postgresql::Server::Config_entry[data_directory]
*******************************************
- Postgresql::Server::Config_entry[port]
*******************************************
- Postgresql::Server::Database[netbox]
*******************************************
- Postgresql::Server::Database_grant[GRANT netbox - ALL - netbox]
*******************************************
- Postgresql::Server::Db[netbox]
*******************************************
- Postgresql::Server::Grant[database:GRANT netbox - ALL - netbox]
*******************************************
- Postgresql::Server::Pg_hba_rule[allow access to all users]
*******************************************
- Postgresql::Server::Pg_hba_rule[allow access to ipv6 localhost]
*******************************************
- Postgresql::Server::Pg_hba_rule[allow localhost TCP access to postgresql user]
*******************************************
- Postgresql::Server::Pg_hba_rule[deny access to postgresql user]
*******************************************
- Postgresql::Server::Pg_hba_rule[local access as postgres user]
*******************************************
- Postgresql::Server::Pg_hba_rule[local access to database with same name]
*******************************************
- Postgresql::Server::Role[netbox]
*******************************************
- Postgresql_conf[data_directory]
*******************************************
- Postgresql_conf[port]
*******************************************
- Postgresql_conn_validator[validate_service_is_running]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" CONNECTION LIMIT -1]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" INHERIT]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" LOGIN]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" NOCREATEDB]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" NOCREATEROLE]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" NOREPLICATION]
*******************************************
- Postgresql_psql[ALTER ROLE "netbox" NOSUPERUSER]
*******************************************
- Postgresql_psql[ALTER ROLE netbox ENCRYPTED PASSWORD ****]
*******************************************
- Postgresql_psql[CREATE DATABASE "netbox"]
*******************************************
- Postgresql_psql[CREATE ROLE netbox ENCRYPTED PASSWORD ****]
*******************************************
- Postgresql_psql[REVOKE CONNECT ON DATABASE "netbox" FROM public]
*******************************************
- Postgresql_psql[UPDATE pg_database SET datistemplate = false WHERE datname = 'netbox']
*******************************************
- Postgresql_psql[grant:database:GRANT netbox - ALL - netbox]
*******************************************
- Service[postgresqld]
*******************************************
*** End octocatalog-diff on bojimans.internal.softwareheritage.org

Diff Detail

Repository
rSPSITE puppet-swh-site
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

This revision is now accepted and ready to land.Jan 13 2022, 4:23 PM
This revision was automatically updated to reflect the committed changes.