From e25091395d49d7e10c6266528d4bdfc48c10c886 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 27 Nov 2013 14:08:20 -0500 Subject: add identities roles Change-Id: I483509850bee448bb2ea39863c1e6a796e102c3c --- puppet/modules/site_couchdb/manifests/add_users.pp | 2 +- puppet/modules/site_couchdb/manifests/create_dbs.pp | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/puppet/modules/site_couchdb/manifests/add_users.pp b/puppet/modules/site_couchdb/manifests/add_users.pp index c83b096d..e525d01a 100644 --- a/puppet/modules/site_couchdb/manifests/add_users.pp +++ b/puppet/modules/site_couchdb/manifests/add_users.pp @@ -17,7 +17,7 @@ class site_couchdb::add_users { } couchdb::add_user { $site_couchdb::couchdb_webapp_user: - roles => '["auth"]', + roles => '["auth","identities"]', pw => $site_couchdb::couchdb_webapp_pw, salt => $site_couchdb::couchdb_webapp_salt, require => Couchdb::Query::Setup['localhost'] diff --git a/puppet/modules/site_couchdb/manifests/create_dbs.pp b/puppet/modules/site_couchdb/manifests/create_dbs.pp index b5404231..a734c870 100644 --- a/puppet/modules/site_couchdb/manifests/create_dbs.pp +++ b/puppet/modules/site_couchdb/manifests/create_dbs.pp @@ -1,10 +1,10 @@ class site_couchdb::create_dbs { - # leap_mx will want access to this. Granting access to the soledad user - # via the auth group for now. - # leap_mx could use that for a start. + # identities database + # r/w: webapp + # r: nickserver, leap_mx - need to restrict with design document couchdb::create_db { 'identities': - members => "{ \"names\": [], \"roles\": [\"auth\"] }", + members => "{ \"names\": [], \"roles\": [\"identities\"] }", require => Couchdb::Query::Setup['localhost'] } -- cgit v1.2.3