Greg Karékinian
e6b7794e20
Extract firewall definitions to their own recipe
...
This allows us to use them for KVM hosts as well. Until now we had set
up ufw rules manually on the two KVM hosts (draco and centaurus)
Refs #244
2020-12-04 16:27:42 +01:00
Greg Karékinian
e3e726097f
Do not enable the postgresql@12-main service
...
We want it to run only once the encrypted data directory has been
mounted
2020-06-10 14:41:07 +02:00
Greg Karékinian
dba6629869
Use the attribute from the encfs recipe for the data directory
2020-06-10 14:41:03 +02:00
Greg Karékinian
d79cdf087b
Move the PGPASS environment variable to the execute resource
...
That way it does not appear in the list of running processes while the
command is running
2020-05-15 18:45:12 +02:00
Greg Karékinian
31dc14e88c
Fix the firewall rules for PostgreSQL
...
I got the source and destination mixed up.
2020-05-15 18:44:42 +02:00
Greg Karékinian
18973fe4f6
Remove the deleted tls property from the resources
2020-05-14 15:09:15 +02:00
Greg Karékinian
069090bf44
Remove TODOs
...
Access rules will not be part of this cookbook, they need to be added to
the cookbooks that use a PostgreSQL database
2020-05-14 13:15:47 +02:00
Greg Karékinian
84cb3de4a0
Remove outdated comment
...
This was the case when the code lived inside of the custom resource
2020-05-13 19:04:12 +02:00
Greg Karékinian
254f9020ae
Enable firewall rules to allow primary/replica to connect
2020-05-12 12:10:10 +02:00
Greg Karékinian
21119fff08
Add a custom resource to set up PostgreSQL 12
...
Supports both primary and replica. The access rules and firewall have to
be set up outside of the custom resource, so they are part of the
recipes instead
Refs #160
2020-05-11 18:23:11 +02:00
