kickstack/manifests/db.pp

define kickstack::db {

  include pwgen

  $fact_prefix = $::kickstack::fact_prefix
  $database = $::kickstack::database

  $servicename = $name
  $username = $name

  # Retrieve the currently set password for the service from its
  # kickstack_*_sql_connection fact.
  # If it's unset, generate one and subsequently export it.
  $sql_connection = getvar("${fact_prefix}${servicename}_sql_connection")
  $sql_password = $sql_connection ? {
                  undef => pwgen(),
                  default => pick(regsubst(getvar("${fact_prefix}${servicename}_sql_connection"),
                                           ".*://${username}:(.*)@.*/${servicename}",
                                           '\1'),
                                  pwgen())
                  }

  # Export facts about the database only after configuring the database
  Class["${servicename}::db::${database}"] -> Exportfact::Export<| tag == "$database" |>

  # Configure the service database (classes look like nova::db::mysql or
  # glance::db:postgresql, for example).
  # If running on mysql, set the "allowed_hosts" parameter to % so we
  # can connect to the database from anywhere.
  case "${database}" {
    "mysql": {
      class { "${servicename}::db::mysql":
            user => "$username",
            password => "$sql_password",
            charset => "utf8",
            allowed_hosts => '%',
            notify => Kickstack::Exportfact::Export["${name}_sql_connection"]
      }
    }
    default: {
      class { "${name}::db::${database}":
            password => "$sql_password"
      }
    }
  }

  # Export the MySQL connection string for the service
  kickstack::exportfact::export { "${name}_sql_connection":
    value => "${database}://${name}:${sql_password}@${hostname}/${name}",
    tag => "$database"
  }

}