Legacy connection string for Postgres <=9.4, fix for later versions #215
Description
Use Case
We use Postgresql 16 for PuppetDB, and the class puppet_operational_dashboards::profile::foss_postgres_access only has compatible configuration for legacy Postgres 9.4 and earlier.
Describe the Solution You Would Like
We have changed this config to a parameter as follows, and can now pass in the correct parameter using Hiera.
Hiera entry:
puppet_operational_dashboards::profile::foss_postgres_access::auth_option: 'map=puppetdb-telegraf-map clientcert=verify-full'
Revised code snippet:
class puppet_operational_dashboards::profile::foss_postgres_access (
String $auth_option = 'map=puppetdb-telegraf-map clientcert=1',
...
) {
...
postgresql::server::pg_hba_rule { "Allow certificate mapped connections to puppetdb as ${telegraf_user} (ipv4)":
type => 'hostssl',
database => 'puppetdb',
user => $telegraf_user,
address => '0.0.0.0/0',
auth_method => 'cert',
order => 0,
auth_option => $auth_option,
}
postgresql::server::pg_hba_rule { "Allow certificate mapped connections to puppetdb as ${telegraf_user} (ipv6)":
type => 'hostssl',
database => 'puppetdb',
user => $telegraf_user,
address => '::0/0',
auth_method => 'cert',
order => 0,
auth_option => $auth_option,
}
...
}
}
`