X-Git-Url: https://git.donarmstrong.com/?p=dsa-puppet.git;a=blobdiff_plain;f=3rdparty%2Fmodules%2Fopenstacklib%2Fmanifests%2Fdb%2Fmysql%2Fhost_access.pp;fp=3rdparty%2Fmodules%2Fopenstacklib%2Fmanifests%2Fdb%2Fmysql%2Fhost_access.pp;h=4909f631a778beefadb06d14677625ab2c5483b7;hp=0000000000000000000000000000000000000000;hb=4631045ebb77ee8622f6fa09277a50c372bcc02e;hpb=3d4dc4fd9e59bd0e07646c99f6b356c7d9d859aa

diff --git a/3rdparty/modules/openstacklib/manifests/db/mysql/host_access.pp b/3rdparty/modules/openstacklib/manifests/db/mysql/host_access.pp
new file mode 100644
index 00000000..4909f631
--- /dev/null
+++ b/3rdparty/modules/openstacklib/manifests/db/mysql/host_access.pp
@@ -0,0 +1,41 @@
+# Allow a user to access the database for the service
+#
+# == Namevar
+#  String with the form dbname_host. The host part of the string is the host
+#  to allow
+#
+# == Parameters
+#  [*user*]
+#    username to allow
+#
+#  [*password_hash*]
+#    user password hash
+#
+#  [*database*]
+#    the database name
+#
+#  [*privileges*]
+#    the privileges to grant to this user
+#
+define openstacklib::db::mysql::host_access (
+  $user,
+  $password_hash,
+  $database,
+  $privileges,
+) {
+  validate_re($title, '_', 'Title must be $dbname_$host')
+
+  $host = inline_template('<%= @title.split("_").last %>')
+
+  mysql_user { "${user}@${host}":
+    password_hash => $password_hash,
+    require       => Mysql_database[$database],
+  }
+
+  mysql_grant { "${user}@${host}/${database}.*":
+    privileges => $privileges,
+    table      => "${database}.*",
+    require    => Mysql_user["${user}@${host}"],
+    user       => "${user}@${host}",
+  }
+}