# add couchdb users for all services class site_couchdb::add_users { Class['site_couchdb::create_dbs'] -> Class['site_couchdb::add_users'] # Couchdb users ## leap_mx couchdb user ## read: identities ## write access to user-<uuid> couchdb::add_user { $site_couchdb::couchdb_leap_mx_user: roles => '["identities"]', pw => $site_couchdb::couchdb_leap_mx_pw, salt => $site_couchdb::couchdb_leap_mx_salt, require => Couchdb::Query::Setup['localhost'] } ## nickserver couchdb user ## r: identities ## r/w: keycache couchdb::add_user { $site_couchdb::couchdb_nickserver_user: roles => '["identities","keycache"]', pw => $site_couchdb::couchdb_nickserver_pw, salt => $site_couchdb::couchdb_nickserver_salt, require => Couchdb::Query::Setup['localhost'] } ## soledad couchdb user ## r/w: user-<uuid>, shared ## read: tokens couchdb::add_user { $site_couchdb::couchdb_soledad_user: roles => '["tokens"]', pw => $site_couchdb::couchdb_soledad_pw, salt => $site_couchdb::couchdb_soledad_salt, require => Couchdb::Query::Setup['localhost'], notify => Service['soledad-server']; } ## webapp couchdb user ## read/write: users, tokens, sessions, tickets, identities, customer couchdb::add_user { $site_couchdb::couchdb_webapp_user: roles => '["tokens","identities","users"]', pw => $site_couchdb::couchdb_webapp_pw, salt => $site_couchdb::couchdb_webapp_salt, require => Couchdb::Query::Setup['localhost'] } ## replication couchdb user ## read/write: all databases for replication couchdb::add_user { $site_couchdb::couchdb_replication_user: roles => '["replication"]', pw => $site_couchdb::couchdb_replication_pw, salt => $site_couchdb::couchdb_replication_salt, require => Couchdb::Query::Setup['localhost'] } }