diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:23:43 -0500 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:52:13 -0500 |
commit | 0261e875679f1bf63c8d689da7fc7e014597885d (patch) | |
tree | 3f19cd74a0c1070944f75437f30b098d6ef2ffcb /roles/postgresql_server/templates/var/lib | |
download | selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.tar.gz selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.zip |
initial commit
Diffstat (limited to 'roles/postgresql_server/templates/var/lib')
-rw-r--r-- | roles/postgresql_server/templates/var/lib/pgsql/data/pg_hba.conf.j2 | 7 | ||||
-rw-r--r-- | roles/postgresql_server/templates/var/lib/pgsql/data/postgresql.conf.j2 | 34 |
2 files changed, 41 insertions, 0 deletions
diff --git a/roles/postgresql_server/templates/var/lib/pgsql/data/pg_hba.conf.j2 b/roles/postgresql_server/templates/var/lib/pgsql/data/pg_hba.conf.j2 new file mode 100644 index 0000000..7768ad8 --- /dev/null +++ b/roles/postgresql_server/templates/var/lib/pgsql/data/pg_hba.conf.j2 @@ -0,0 +1,7 @@ +# TYPE DATABASE USER ADDRESS METHOD +local all all peer +{% for user in postgresql_password_users %} +hostssl all {{ user }} all scram-sha-256 +{% endfor %} +hostssl all all all gss include_realm=0 krb_realm={{ freeipa_realm }} +hostgssenc all all all gss include_realm=0 krb_realm={{ freeipa_realm }} diff --git a/roles/postgresql_server/templates/var/lib/pgsql/data/postgresql.conf.j2 b/roles/postgresql_server/templates/var/lib/pgsql/data/postgresql.conf.j2 new file mode 100644 index 0000000..07d198e --- /dev/null +++ b/roles/postgresql_server/templates/var/lib/pgsql/data/postgresql.conf.j2 @@ -0,0 +1,34 @@ +listen_addresses = '*' +max_connections = {{ postgresql_max_connections }} + +ssl = on +ssl_cert_file = '{{ postgresql_certificate_path }}' +ssl_key_file = '{{ postgresql_certificate_key_path }}' +ssl_dh_params_file = '{{ postgresql_dhparams_path }}' +ssl_ciphers = '{{ postgresql_ssl_ciphers }}' + +password_encryption = scram-sha-256 + +krb_caseins_users = on + +shared_buffers = {{ postgresql_shared_buffers_mb }}MB +dynamic_shared_memory_type = posix # the default is the first option + +log_destination = 'stderr' +logging_collector = off +log_min_messages = info +log_min_error_statement = warning +log_connections = off +log_disconnections = off +log_line_prefix = '%q%u@%d ' +log_timezone = '{{ postgresql_timezone }}' + +datestyle = 'iso, mdy' +timezone = '{{ postgresql_timezone }}' + +lc_messages = 'en_US.UTF-8' +lc_monetary = 'en_US.UTF-8' +lc_numeric = 'en_US.UTF-8' +lc_time = 'en_US.UTF-8' + +default_text_search_config = 'pg_catalog.english' |