diff --git a/manifests/server/initdb.pp b/manifests/server/initdb.pp index 04d5aa8..2252a19 100644 --- a/manifests/server/initdb.pp +++ b/manifests/server/initdb.pp @@ -1,129 +1,142 @@ # PRIVATE CLASS: do not call directly class postgresql::server::initdb { $needs_initdb = $postgresql::server::needs_initdb $initdb_path = $postgresql::server::initdb_path $datadir = $postgresql::server::datadir $xlogdir = $postgresql::server::xlogdir $logdir = $postgresql::server::logdir $encoding = $postgresql::server::encoding $locale = $postgresql::server::locale $group = $postgresql::server::group $user = $postgresql::server::user $psql_path = $postgresql::server::psql_path $port = $postgresql::server::port $module_workdir = $postgresql::server::module_workdir # Set the defaults for the postgresql_psql resource Postgresql_psql { psql_user => $user, psql_group => $group, psql_path => $psql_path, port => $port, cwd => $module_workdir, } + if $::osfamily == 'RedHat' and $::selinux == true { + $seltype = 'postgresql_db_t' + $logdir_type = 'postgresql_log_t' + } + + else { + $seltype = undef + $logdir_type = undef + } + # Make sure the data directory exists, and has the correct permissions. file { $datadir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, } if($xlogdir) { # Make sure the xlog directory exists, and has the correct permissions. file { $xlogdir: - ensure => directory, - owner => $user, - group => $group, - mode => '0700', + ensure => directory, + owner => $user, + group => $group, + mode => '0700', + seltype => $seltype, } } if($logdir) { # Make sure the log directory exists, and has the correct permissions. file { $logdir: - ensure => directory, - owner => $user, - group => $group, + ensure => directory, + owner => $user, + group => $group, + seltype => $logdir_type, } } if($needs_initdb) { # Build up the initdb command. # # We optionally add the locale switch if specified. Older versions of the # initdb command don't accept this switch. So if the user didn't pass the # parameter, lets not pass the switch at all. $ic_base = "${initdb_path} --encoding '${encoding}' --pgdata '${datadir}'" $ic_xlog = $xlogdir ? { undef => $ic_base, default => "${ic_base} --xlogdir '${xlogdir}'" } # The xlogdir need to be present before initdb runs. # If xlogdir is default it's created by package installer if($xlogdir) { $require_before_initdb = [$datadir, $xlogdir] } else { $require_before_initdb = [$datadir] } $initdb_command = $locale ? { undef => $ic_xlog, default => "${ic_xlog} --locale '${locale}'" } # This runs the initdb command, we use the existance of the PG_VERSION # file to ensure we don't keep running this command. exec { 'postgresql_initdb': command => $initdb_command, creates => "${datadir}/PG_VERSION", user => $user, group => $group, logoutput => on_failure, require => File[$require_before_initdb], cwd => $module_workdir, } # The package will take care of this for us the first time, but if we # ever need to init a new db we need to copy these files explicitly if $::operatingsystem == 'Debian' or $::operatingsystem == 'Ubuntu' { if $::operatingsystemrelease =~ /^6/ or $::operatingsystemrelease =~ /^7/ or $::operatingsystemrelease =~ /^10\.04/ or $::operatingsystemrelease =~ /^12\.04/ { file { 'server.crt': ensure => file, path => "${datadir}/server.crt", source => 'file:///etc/ssl/certs/ssl-cert-snakeoil.pem', owner => $::postgresql::server::user, group => $::postgresql::server::group, mode => '0644', require => Exec['postgresql_initdb'], } file { 'server.key': ensure => file, path => "${datadir}/server.key", source => 'file:///etc/ssl/private/ssl-cert-snakeoil.key', owner => $::postgresql::server::user, group => $::postgresql::server::group, mode => '0600', require => Exec['postgresql_initdb'], } } } } elsif $encoding != undef { # [workaround] # by default pg_createcluster encoding derived from locale # but it do does not work by installing postgresql via puppet because puppet # always override LANG to 'C' postgresql_psql { "Set template1 encoding to ${encoding}": command => "UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1' ; UPDATE pg_database SET encoding = pg_char_to_encoding('${encoding}'), datistemplate = TRUE WHERE datname = 'template1'", unless => "SELECT datname FROM pg_database WHERE datname = 'template1' AND encoding = pg_char_to_encoding('${encoding}')", } } } diff --git a/spec/unit/classes/server/config_spec.rb b/spec/unit/classes/server/config_spec.rb index 56b7e9c..16e1aef 100644 --- a/spec/unit/classes/server/config_spec.rb +++ b/spec/unit/classes/server/config_spec.rb @@ -1,133 +1,136 @@ require 'spec_helper' describe 'postgresql::server::config', :type => :class do let (:pre_condition) do "include postgresql::server" end describe 'on RedHat 7' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '7.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/.include \/usr\/lib\/systemd\/system\/postgresql.service/) end describe 'with manage_package_repo => true and a version' do let (:pre_condition) do <<-EOS class { 'postgresql::globals': manage_package_repo => true, version => '9.4', }-> class { 'postgresql::server': } EOS end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql-9.4.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/.include \/usr\/lib\/systemd\/system\/postgresql-9.4.service/) end end end describe 'on Fedora 21' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '21', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/.include \/lib\/systemd\/system\/postgresql.service/) end describe 'with manage_package_repo => true and a version' do let (:pre_condition) do <<-EOS class { 'postgresql::globals': manage_package_repo => true, version => '9.4', }-> class { 'postgresql::server': } EOS end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql-9.4.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/.include \/lib\/systemd\/system\/postgresql-9.4.service/) end end end describe 'on Gentoo' do let (:pre_condition) do <<-EOS class { 'postgresql::globals': version => '9.5', }-> class { 'postgresql::server': } EOS end let :facts do { :osfamily => 'Gentoo', :operatingsystem => 'Gentoo', :operatingsystemrelease => 'unused', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => false, } end it 'should have the correct systemd-override file' do is_expected.to contain_file('systemd-override').with ({ :ensure => 'present', :path => '/etc/systemd/system/postgresql-9.5.service', :owner => 'root', :group => 'root', }) is_expected.to contain_file('systemd-override') \ .with_content(/.include \/usr\/lib64\/systemd\/system\/postgresql-9.5.service/) end end end diff --git a/spec/unit/classes/server/initdb_spec.rb b/spec/unit/classes/server/initdb_spec.rb index 54044fb..3482970 100644 --- a/spec/unit/classes/server/initdb_spec.rb +++ b/spec/unit/classes/server/initdb_spec.rb @@ -1,122 +1,127 @@ require 'spec_helper' describe 'postgresql::server::initdb', :type => :class do let (:pre_condition) do "include postgresql::server" end describe 'on RedHat' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it { is_expected.to contain_file('/var/lib/pgsql/data').with_ensure('directory') } end describe 'on Amazon' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'Amazon', :operatingsystemrelease => '1.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end it { is_expected.to contain_file('/var/lib/pgsql92/data').with_ensure('directory') } end describe 'exec with module_workdir => /var/tmp' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let (:pre_condition) do <<-EOS class { 'postgresql::globals': module_workdir => '/var/tmp', }-> class { 'postgresql::server': } EOS end it 'should contain exec with specified working directory' do is_expected.to contain_exec('postgresql_initdb').with ({ :cwd => '/var/tmp', }) end end describe 'exec with module_workdir => undef' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let (:pre_condition) do <<-EOS class { 'postgresql::globals': }-> class { 'postgresql::server': } EOS end it 'should contain exec with default working directory' do is_expected.to contain_exec('postgresql_initdb').with ({ :cwd => '/tmp', }) end end describe 'postgresql_psql with module_workdir => /var/tmp' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('server'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let (:pre_condition) do <<-EOS class { 'postgresql::globals': module_workdir => '/var/tmp', encoding => 'test', needs_initdb => false, }-> class { 'postgresql::server': } EOS end it 'should contain postgresql_psql with specified working directory' do is_expected.to contain_postgresql_psql('Set template1 encoding to test').with({ :cwd => '/var/tmp', }) end end end diff --git a/spec/unit/classes/server/plpython_spec.rb b/spec/unit/classes/server/plpython_spec.rb index f2e1654..29a1440 100644 --- a/spec/unit/classes/server/plpython_spec.rb +++ b/spec/unit/classes/server/plpython_spec.rb @@ -1,47 +1,48 @@ require 'spec_helper' describe 'postgresql::server::plpython', :type => :class do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'CentOS', :operatingsystemrelease => '6.0', :concat_basedir => tmpfilename('plpython'), :kernel => 'Linux', :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let :pre_condition do "class { 'postgresql::server': }" end describe 'on RedHat with no parameters' do it { is_expected.to contain_class("postgresql::server::plpython") } it 'should create package' do is_expected.to contain_package('postgresql-plpython').with({ :ensure => 'present', :tag => 'postgresql', }) end end describe 'with parameters' do let :params do { :package_ensure => 'absent', :package_name => 'mypackage', } end it { is_expected.to contain_class("postgresql::server::plpython") } it 'should create package with correct params' do is_expected.to contain_package('postgresql-plpython').with({ :ensure => 'absent', :name => 'mypackage', :tag => 'postgresql', }) end end end diff --git a/spec/unit/defines/server/config_entry_spec.rb b/spec/unit/defines/server/config_entry_spec.rb index 34963b8..b05fad0 100644 --- a/spec/unit/defines/server/config_entry_spec.rb +++ b/spec/unit/defines/server/config_entry_spec.rb @@ -1,109 +1,113 @@ require 'spec_helper' describe 'postgresql::server::config_entry', :type => :define do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:title) { 'config_entry'} let :target do tmpfilename('postgresql_conf') end let :pre_condition do "class {'postgresql::server':}" end context "syntax check" do let(:params) { { :ensure => 'present'} } it { is_expected.to contain_postgresql__server__config_entry('config_entry') } end context 'ports' do context 'redhat 6' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '6.4', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} it 'stops postgresql and changes the port' do is_expected.to contain_exec('postgresql_stop_port') is_expected.to contain_augeas('override PGPORT in /etc/sysconfig/pgsql/postgresql') end end context 'redhat 7' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'RedHat', :operatingsystemrelease => '7.0', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} it 'stops postgresql and changes the port' do is_expected.to contain_file('systemd-override') is_expected.to contain_exec('restart-systemd') end end context 'fedora 19' do let :facts do { :osfamily => 'RedHat', :operatingsystem => 'Fedora', :operatingsystemrelease => '19', :kernel => 'Linux', :concat_basedir => tmpfilename('contrib'), :id => 'root', :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', + :selinux => true, } end let(:params) {{ :ensure => 'present', :name => 'port_spec', :value => '5432' }} it 'stops postgresql and changes the port' do is_expected.to contain_file('systemd-override') is_expected.to contain_exec('restart-systemd') end end end context "data_directory" do let(:params) {{ :ensure => 'present', :name => 'data_directory_spec', :value => '/var/pgsql' }} it 'stops postgresql and changes the data directory' do is_expected.to contain_exec('postgresql_data_directory') is_expected.to contain_augeas('override PGDATA in /etc/sysconfig/pgsql/postgresql') end end context "passes values through appropriately" do let(:params) {{ :ensure => 'present', :name => 'check_function_bodies', :value => 'off' }} it 'with no quotes' do is_expected.to contain_postgresql_conf('check_function_bodies').with({ :name => 'check_function_bodies', :value => 'off' }) end end end