From ea6fa77944f8b87cb47a46d2e31dfad8c815446e Mon Sep 17 00:00:00 2001 From: Paul Lecuq Date: Fri, 10 Mar 2023 00:06:07 +0100 Subject: [PATCH] updated postgresql state --- states/postgresql/defaults.yaml | 1 - states/postgresql/templates/pg_hba.conf.j2 | 41 ++++++++-------------- 2 files changed, 15 insertions(+), 27 deletions(-) diff --git a/states/postgresql/defaults.yaml b/states/postgresql/defaults.yaml index 23c1b14..46c0af8 100644 --- a/states/postgresql/defaults.yaml +++ b/states/postgresql/defaults.yaml @@ -4,7 +4,6 @@ postgresql: - pgpool2 - postgresql-13 - postgresql-13-cron - - postgresql-13-pgpool2 - postgresql-13-repmgr - postgresql-client-13 - repmgr diff --git a/states/postgresql/templates/pg_hba.conf.j2 b/states/postgresql/templates/pg_hba.conf.j2 index 9749d4c..6912cad 100644 --- a/states/postgresql/templates/pg_hba.conf.j2 +++ b/states/postgresql/templates/pg_hba.conf.j2 @@ -1,36 +1,25 @@ ## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }} {%- from "postgresql/map.jinja" import net with context %} -### Replication via repmgr -local replication repmgr trust -{%- for key, value in net.ipv4_networks.items() %} -host replication repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }} +{% for user in ['repmgr','replication'] %} +local {{ user }} repmgr trust +{%- for network in net.ip_networks %} +host {{ user }} repmgr {{ network }} trust {%- endfor %} -{%- for key, value in net.ipv6_networks.items() %} -host replication repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }} -{%- endfor %} - -local repmgr repmgr trust -{%- for key, value in net.ipv4_networks.items() %} -host repmgr repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }} -{%- endfor %} -{%- for key, value in net.ipv6_networks.items() %} -host repmgr repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }} {%- endfor %} ### Basic auth for users -{%- for key, value in net.ipv4_networks.items() %} -host all all {{ value.ip }}/{{ value.mask }} md5 # {{ key }} -{%- endfor %} -{%- for key, value in net.ipv6_networks.items() %} -host all all {{ value.ip }}/{{ value.mask }} md5 # {{ key }} +{%- for network in net.ip_networks %} +host all all {{ network }} md5 {%- endfor %} -local all postgres peer -local all all peer -host all all 127.0.0.1/32 md5 -host all all ::1/128 md5 -local replication all peer -host replication all 127.0.0.1/32 md5 -host replication all ::1/128 md5 +local all postgres peer + +local all all peer +host all all 127.0.0.1/32 md5 +host all all ::1/128 md5 + +local replication all peer +host replication all 127.0.0.1/32 md5 +host replication all ::1/128 md5