Define access rules in the PostgreSQL primary recipe

Access is done for the IP of a server for all users and all databases for ejabberd and gitea
2020-06-11 18:20:04 +02:00
parent 26097a7584
commit 6f696d7634
3 changed files with 23 additions and 41 deletions
--- a/site-cookbooks/kosmos_gitea/recipes/pg_db.rb
+++ b/site-cookbooks/kosmos_gitea/recipes/pg_db.rb
@@ -6,12 +6,6 @@

 gitea_data_bag_item = data_bag_item("credentials", "gitea")

-postgresql_service = "service[#{postgresql_service_name}]"
-
-service postgresql_service do
-  supports restart: true, status: true, reload: true
-end
-
 postgresql_user "gitea" do
  action :create
  password gitea_data_bag_item["postgresql_password"]
@@ -21,17 +15,3 @@ postgresql_database "gitea" do
  owner "gitea"
  action :create
 end
-
-search(:node, "role:gitea AND chef_environment:#{node.chef_environment}").each do |gitea_server|
-  ip = ip_for(gitea_server)
-  hostname = gitea_server[:hostname]
-
-  postgresql_access "gitea #{hostname}" do
-    access_type "host"
-    access_db "gitea"
-    access_user "gitea"
-    access_addr "#{ip}/32"
-    access_method "md5"
-    notifies :reload, postgresql_service, :delayed
-  end
-end