server::db: Make port/user/group configureable

bastelfreak · bastelfreak · commit ed906e298aa8 · 2023-08-31T18:14:24.000+02:00
diff --git a/REFERENCE.md b/REFERENCE.md
@@ -44,9 +44,10 @@
 * [`postgresql::server::config_entry`](#postgresql--server--config_entry): Manage a postgresql.conf entry.
 * [`postgresql::server::database`](#postgresql--server--database): Define for creating a database.
 * [`postgresql::server::database_grant`](#postgresql--server--database_grant): Manage a database grant.
-* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correctpermissions.
+* [`postgresql::server::db`](#postgresql--server--db): Define for conveniently creating a role, database and assigning the correct permissions.
 * [`postgresql::server::default_privileges`](#postgresql--server--default_privileges): Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above.
 * [`postgresql::server::extension`](#postgresql--server--extension): Activate an extension on a postgresql database.
+* [`postgresql::server::grant`](#postgresql--server--grant): Define for granting permissions to roles.
 * [`postgresql::server::grant_role`](#postgresql--server--grant_role): Define for granting membership to a role.
 * [`postgresql::server::instance::config`](#postgresql--server--instance--config): Manages the config for a postgresql::server instance
 * [`postgresql::server::instance::initdb`](#postgresql--server--instance--initdb): Manages initdb feature for a postgresql::server instance
@@ -1565,6 +1566,11 @@ The following parameters are available in the `postgresql::server::database` def
 * [`locale`](#-postgresql--server--database--locale)
 * [`istemplate`](#-postgresql--server--database--istemplate)
 * [`connect_settings`](#-postgresql--server--database--connect_settings)
+* [`psql_path`](#-postgresql--server--database--psql_path)
+* [`default_db`](#-postgresql--server--database--default_db)
+* [`user`](#-postgresql--server--database--user)
+* [`group`](#-postgresql--server--database--group)
+* [`port`](#-postgresql--server--database--port)
 
 ##### <a name="-postgresql--server--database--comment"></a>`comment`
 
@@ -1638,6 +1644,46 @@ Specifies a hash of environment variables used when connecting to a remote serve
 
 Default value: `$postgresql::server::default_connect_settings`
 
+##### <a name="-postgresql--server--database--psql_path"></a>`psql_path`
+
+Data type: `Stdlib::Absolutepath`
+
+Specifies the path to the psql command.
+
+Default value: `$postgresql::server::psql_path`
+
+##### <a name="-postgresql--server--database--default_db"></a>`default_db`
+
+Data type: `String[1]`
+
+Specifies the name of the default database to connect with. On most systems this is 'postgres'.
+
+Default value: `$postgresql::server::default_database`
+
+##### <a name="-postgresql--server--database--user"></a>`user`
+
+Data type: `String[1]`
+
+Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
+
+Default value: `$postgresql::server::user`
+
+##### <a name="-postgresql--server--database--group"></a>`group`
+
+Data type: `String[1]`
+
+Overrides the default postgres user group to be used for related files in the file system.
+
+Default value: `$postgresql::server::group`
+
+##### <a name="-postgresql--server--database--port"></a>`port`
+
+Data type: `Stdlib::Port`
+
+Specifies the port for the PostgreSQL server to listen on.
+
+Default value: `$postgresql::server::port`
+
 ### <a name="postgresql--server--database_grant"></a>`postgresql::server::database_grant`
 
 Manage a database grant.
@@ -1706,7 +1752,7 @@ Default value: `undef`
 
 ### <a name="postgresql--server--db"></a>`postgresql::server::db`
 
-Define for conveniently creating a role, database and assigning the correctpermissions.
+Define for conveniently creating a role, database and assigning the correct permissions.
 
 #### Parameters
 
@@ -1723,6 +1769,9 @@ The following parameters are available in the `postgresql::server::db` defined t
 * [`template`](#-postgresql--server--db--template)
 * [`istemplate`](#-postgresql--server--db--istemplate)
 * [`owner`](#-postgresql--server--db--owner)
+* [`port`](#-postgresql--server--db--port)
+* [`psql_user`](#-postgresql--server--db--psql_user)
+* [`psql_group`](#-postgresql--server--db--psql_group)
 
 ##### <a name="-postgresql--server--db--user"></a>`user`
 
@@ -1810,6 +1859,30 @@ Sets a user as the owner of the database.
 
 Default value: `undef`
 
+##### <a name="-postgresql--server--db--port"></a>`port`
+
+Data type: `Optional[Stdlib::Port]`
+
+Specifies the port where the PostgreSQL server is listening on.
+
+Default value: `undef`
+
+##### <a name="-postgresql--server--db--psql_user"></a>`psql_user`
+
+Data type: `String[1]`
+
+Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
+
+Default value: `$postgresql::server::user`
+
+##### <a name="-postgresql--server--db--psql_group"></a>`psql_group`
+
+Data type: `String[1]`
+
+Overrides the default PostgreSQL user group to be used for related files in the file system.
+
+Default value: `$postgresql::server::group`
+
 ### <a name="postgresql--server--default_privileges"></a>`postgresql::server::default_privileges`
 
 Manage a database defaults privileges. Only works with PostgreSQL version 9.6 and above.
@@ -1957,6 +2030,9 @@ The following parameters are available in the `postgresql::server::extension` de
 * [`port`](#-postgresql--server--extension--port)
 * [`connect_settings`](#-postgresql--server--extension--connect_settings)
 * [`database_resource_name`](#-postgresql--server--extension--database_resource_name)
+* [`psql_path`](#-postgresql--server--extension--psql_path)
+* [`user`](#-postgresql--server--extension--user)
+* [`group`](#-postgresql--server--extension--group)
 
 ##### <a name="-postgresql--server--extension--database"></a>`database`
 
@@ -2044,6 +2120,181 @@ Specifies the resource name of the DB being managed. Defaults to the parameter $
 
 Default value: `$database`
 
+##### <a name="-postgresql--server--extension--psql_path"></a>`psql_path`
+
+Data type: `Stdlib::Absolutepath`
+
+Specifies the path to the psql command.
+
+Default value: `postgresql::default('psql_path')`
+
+##### <a name="-postgresql--server--extension--user"></a>`user`
+
+Data type: `String[1]`
+
+Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
+
+Default value: `postgresql::default('user')`
+
+##### <a name="-postgresql--server--extension--group"></a>`group`
+
+Data type: `String[1]`
+
+Overrides the default postgres user group to be used for related files in the file system.
+
+Default value: `postgresql::default('group')`
+
+### <a name="postgresql--server--grant"></a>`postgresql::server::grant`
+
+Define for granting permissions to roles.
+
+#### Parameters
+
+The following parameters are available in the `postgresql::server::grant` defined type:
+
+* [`role`](#-postgresql--server--grant--role)
+* [`db`](#-postgresql--server--grant--db)
+* [`privilege`](#-postgresql--server--grant--privilege)
+* [`object_type`](#-postgresql--server--grant--object_type)
+* [`object_name`](#-postgresql--server--grant--object_name)
+* [`object_arguments`](#-postgresql--server--grant--object_arguments)
+* [`psql_db`](#-postgresql--server--grant--psql_db)
+* [`psql_user`](#-postgresql--server--grant--psql_user)
+* [`port`](#-postgresql--server--grant--port)
+* [`onlyif_exists`](#-postgresql--server--grant--onlyif_exists)
+* [`connect_settings`](#-postgresql--server--grant--connect_settings)
+* [`ensure`](#-postgresql--server--grant--ensure)
+* [`group`](#-postgresql--server--grant--group)
+* [`psql_path`](#-postgresql--server--grant--psql_path)
+
+##### <a name="-postgresql--server--grant--role"></a>`role`
+
+Data type: `String`
+
+Specifies the role or user whom you are granting access to.
+
+##### <a name="-postgresql--server--grant--db"></a>`db`
+
+Data type: `String`
+
+Specifies the database to which you are granting access.
+
+##### <a name="-postgresql--server--grant--privilege"></a>`privilege`
+
+Data type: `String`
+
+Specifies the privilege to grant. Valid options: 'ALL', 'ALL PRIVILEGES' or 'object_type' dependent string.
+
+Default value: `''`
+
+##### <a name="-postgresql--server--grant--object_type"></a>`object_type`
+
+Data type:
+
+```puppet
+Pattern[#/(?i:^COLUMN$)/,
+    /(?i:^ALL SEQUENCES IN SCHEMA$)/,
+    /(?i:^ALL TABLES IN SCHEMA$)/,
+    /(?i:^DATABASE$)/,
+    #/(?i:^FOREIGN DATA WRAPPER$)/,
+    #/(?i:^FOREIGN SERVER$)/,
+    /(?i:^FUNCTION$)/,
+    /(?i:^LANGUAGE$)/,
+    #/(?i:^PROCEDURAL LANGUAGE$)/,
+    /(?i:^TABLE$)/,
+    #/(?i:^TABLESPACE$)/,
+    /(?i:^SCHEMA$)/,
+    /(?i:^SEQUENCE$)/
+    #/(?i:^VIEW$)/
+  ]
+```
+
+Specifies the type of object to which you are granting privileges.
+Valid options: 'DATABASE', 'SCHEMA', 'SEQUENCE', 'ALL SEQUENCES IN SCHEMA', 'TABLE' or 'ALL TABLES IN SCHEMA'.
+
+Default value: `'database'`
+
+##### <a name="-postgresql--server--grant--object_name"></a>`object_name`
+
+Data type: `Optional[Variant[Array[String,2,2],String[1]]]`
+
+Specifies name of object_type to which to grant access, can be either a string or a two element array.
+String: 'object_name' Array: ['schema_name', 'object_name']
+
+Default value: `undef`
+
+##### <a name="-postgresql--server--grant--object_arguments"></a>`object_arguments`
+
+Data type: `Array[String[1],0]`
+
+Specifies any arguments to be passed alongisde the access grant.
+
+Default value: `[]`
+
+##### <a name="-postgresql--server--grant--psql_db"></a>`psql_db`
+
+Data type: `String`
+
+Specifies the database to execute the grant against. This should not ordinarily be changed from the default
+
+Default value: `$postgresql::server::default_database`
+
+##### <a name="-postgresql--server--grant--psql_user"></a>`psql_user`
+
+Data type: `String`
+
+Sets the OS user to run psql.
+
+Default value: `$postgresql::server::user`
+
+##### <a name="-postgresql--server--grant--port"></a>`port`
+
+Data type: `Optional[Stdlib::Port]`
+
+Port to use when connecting.
+
+Default value: `undef`
+
+##### <a name="-postgresql--server--grant--onlyif_exists"></a>`onlyif_exists`
+
+Data type: `Boolean`
+
+Create grant only if doesn't exist
+
+Default value: `false`
+
+##### <a name="-postgresql--server--grant--connect_settings"></a>`connect_settings`
+
+Data type: `Hash`
+
+Specifies a hash of environment variables used when connecting to a remote server.
+
+Default value: `$postgresql::server::default_connect_settings`
+
+##### <a name="-postgresql--server--grant--ensure"></a>`ensure`
+
+Data type: `Enum['present', 'absent']`
+
+Specifies whether to grant or revoke the privilege. Default is to grant the privilege. Valid values: 'present', 'absent'.
+
+Default value: `'present'`
+
+##### <a name="-postgresql--server--grant--group"></a>`group`
+
+Data type: `String`
+
+Sets the OS group to run psql
+
+Default value: `$postgresql::server::group`
+
+##### <a name="-postgresql--server--grant--psql_path"></a>`psql_path`
+
+Data type: `Stdlib::Absolutepath`
+
+Sets the path to psql command
+
+Default value: `$postgresql::server::psql_path`
+
 ### <a name="postgresql--server--grant_role"></a>`postgresql::server::grant_role`
 
 Define for granting membership to a role.
diff --git a/manifests/server/db.pp b/manifests/server/db.pp
@@ -1,4 +1,4 @@
-# @summary Define for conveniently creating a role, database and assigning the correctpermissions.
+# @summary Define for conveniently creating a role, database and assigning the correct permissions.
 #
 # @param user User to assign access to the database upon creation (will be created if not defined elsewhere). Mandatory.
 # @param password Sets the password for the created user (if a user is created).
@@ -11,6 +11,9 @@
 # @param template Specifies the name of the template database from which to build this database. Defaults value: template0.
 # @param istemplate Specifies that the database is a template, if set to true.
 # @param owner Sets a user as the owner of the database.
+# @param port Specifies the port where the PostgreSQL server is listening on.
+# @param psql_user Overrides the default PostgreSQL super user and owner of PostgreSQL related files in the file system.
+# @param psql_group Overrides the default PostgreSQL user group to be used for related files in the file system.
 define postgresql::server::db (
   String[1]                                    $user,
   Optional[Variant[String, Sensitive[String]]] $password   = undef,
@@ -22,7 +25,10 @@
   Optional[String[1]]                          $tablespace = undef,
   String[1]                                    $template   = 'template0',
   Boolean                                      $istemplate = false,
-  Optional[String[1]]                          $owner      = undef
+  Optional[String[1]]                          $owner      = undef,
+  Optional[Stdlib::Port] $port = undef,
+  String[1] $psql_user = $postgresql::server::user,
+  String[1] $psql_group = $postgresql::server::group,
 ) {
   if ! defined(Postgresql::Server::Database[$dbname]) {
     postgresql::server::database { $dbname:
@@ -33,21 +39,30 @@
       locale     => $locale,
       istemplate => $istemplate,
       owner      => $owner,
+      port       => $port,
+      user       => $psql_user,
+      group      => $psql_group,
     }
   }
 
   if ! defined(Postgresql::Server::Role[$user]) {
     postgresql::server::role { $user:
       password_hash => $password,
+      port          => $port,
+      psql_user     => $psql_user,
+      psql_group    => $psql_group,
       before        => Postgresql::Server::Database[$dbname],
     }
   }
 
   if ! defined(Postgresql::Server::Database_grant["GRANT ${user} - ${grant} - ${dbname}"]) {
     postgresql::server::database_grant { "GRANT ${user} - ${grant} - ${dbname}":
-      privilege => $grant,
-      db        => $dbname,
-      role      => $user,
+      privilege  => $grant,
+      db         => $dbname,
+      role       => $user,
+      port       => $port,
+      psql_user  => $psql_user,
+      psql_group => $psql_group,
     } -> Postgresql_conn_validator<| db_name == $dbname |>
   }
 
diff --git a/spec/defines/server/db_spec.rb b/spec/defines/server/db_spec.rb
