summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_couchdb/manifests/add_users.pp2
-rw-r--r--puppet/modules/site_couchdb/manifests/create_dbs.pp8
2 files changed, 5 insertions, 5 deletions
diff --git a/puppet/modules/site_couchdb/manifests/add_users.pp b/puppet/modules/site_couchdb/manifests/add_users.pp
index c83b096d..e525d01a 100644
--- a/puppet/modules/site_couchdb/manifests/add_users.pp
+++ b/puppet/modules/site_couchdb/manifests/add_users.pp
@@ -17,7 +17,7 @@ class site_couchdb::add_users {
}
couchdb::add_user { $site_couchdb::couchdb_webapp_user:
- roles => '["auth"]',
+ roles => '["auth","identities"]',
pw => $site_couchdb::couchdb_webapp_pw,
salt => $site_couchdb::couchdb_webapp_salt,
require => Couchdb::Query::Setup['localhost']
diff --git a/puppet/modules/site_couchdb/manifests/create_dbs.pp b/puppet/modules/site_couchdb/manifests/create_dbs.pp
index b5404231..a734c870 100644
--- a/puppet/modules/site_couchdb/manifests/create_dbs.pp
+++ b/puppet/modules/site_couchdb/manifests/create_dbs.pp
@@ -1,10 +1,10 @@
class site_couchdb::create_dbs {
- # leap_mx will want access to this. Granting access to the soledad user
- # via the auth group for now.
- # leap_mx could use that for a start.
+ # identities database
+ # r/w: webapp
+ # r: nickserver, leap_mx - need to restrict with design document
couchdb::create_db { 'identities':
- members => "{ \"names\": [], \"roles\": [\"auth\"] }",
+ members => "{ \"names\": [], \"roles\": [\"identities\"] }",
require => Couchdb::Query::Setup['localhost']
}