Merged changes.

coroutine · Jan 22, 2013 · ad1ea21 · ad1ea21
2 parents 86b3c81 + f4e07d2
commit ad1ea21
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -66,6 +66,7 @@ The following attributes are generated in
   password by the `openssl` cookbook's library.
 * `node['postgresql']['ssl']` - whether to enable SSL (off for version
   8.3, true for 8.4 and later).
+* For SSL keys to be automatically generated for you, you need to override `node[:postgresql][:ssl_password]` (only tested on Ubuntu). This password is the passphrase used for signing the certificates.
 
 The following attributes are used by the `setup` recipe:
 * `node['postgresql']['databag']` - the data bag in which the `setup` recipe

diff --git a/attributes/default.rb b/attributes/default.rb
@@ -44,9 +44,17 @@
     default[:postgresql][:version] = "9.1"
   end
 
+  case
+  when platform_version.to_f <= 10.04 && default[:postgresql][:version].to_f >= 8.4
+    postgresql_package_name = "postgresql-#{default[:postgresql][:version]}"
+  else
+    postgresql_package_name = 'postgresql'
+  end
+
   set[:postgresql][:dir] = "/etc/postgresql/#{node[:postgresql][:version]}/main"
+  default[:postgresql][:data_dir] = "/var/lib/postgresql/#{node[:postgresql][:version]}/main/"
   default['postgresql']['client']['packages'] = %w{postgresql-client libpq-dev}
-  default['postgresql']['server']['packages'] = %w{postgresql}
+  default[:postgresql][:server][:packages] = [postgresql_package_name]
 
 when "fedora"
 
@@ -141,4 +149,4 @@
 # list of item names. See README for format of a data bag item
 default[:postgresql][:setup_items] = []
 default[:postgresql][:databag] = "postgresql" # name of the data bag containing
-                                              # setup items.
+                                              # setup items.
diff --git a/recipes/server_debian.rb b/recipes/server_debian.rb
@@ -28,12 +28,41 @@
   node.default[:postgresql][:ssl] = "true"
 end
 
-node['postgresql']['server']['packages'].each do |pg_pack|
-  package pg_pack do
-    action :install
+package "postgresql" do
+  case node[:platform]
+  when "ubuntu"
+    case
+    when node[:platform_version].to_f <= 10.04 && node[:postgresql][:version].to_f < 9.0
+      package_name "postgresql"
+    else
+      package_name "postgresql-#{node[:postgresql][:version]}"
+    end
+  else
+    package_name "postgresql"
   end
 end
 
+if node.default[:postgresql][:ssl] == 'true' &&
+  node[:postgresql].has_key?(:ssl_password)
+
+  data_dir = node[:postgresql][:data_dir]
+  server_key = File.join(data_dir, 'server.key')
+  bash 'generate-ssl-keys' do
+    user 'postgres'
+    group 'postgres'
+    cwd data_dir
+    # Steps from http://www.howtoforge.com/postgresql-ssl-certificates
+    code <<-EOF
+      openssl genrsa -des3 -passout pass:#{node[:postgresql][:ssl_password]} -out server.key 1024;
+      openssl rsa -passin pass:#{node[:postgresql][:ssl_password]} -in server.key -out server.key;
+      chmod 400 server.key;
+      openssl req -new -key server.key -days 3650 -out server.crt -x509 -subj '/C=PH/ST=Metro Manila/L=NA/O=Stiltify/CN=stiltify.com/emailAddress=hello@stiltify.com';
+    EOF
+    not_if { File.exists?(server_key) }
+  end
+end
+
+
 service "postgresql" do
   case node['platform']
   when "ubuntu"

diff --git a/recipes/server_redhat.rb b/recipes/server_redhat.rb
@@ -53,6 +53,14 @@
   action [:enable, :start]
 end
 
+postgresql_conf_source = begin
+  if node[:postgresql][:version] == "9.1"
+    "redhat.postgresql_91.conf.erb"
+  else
+    "redhat.postgresql.conf.erb"
+  end
+end
+
 template "#{node[:postgresql][:dir]}/postgresql.conf" do
   source "redhat.postgresql.conf.erb"
   owner "postgres"