infra/ansible-role-postgresql
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix hba generation

Browse source
This commit is contained in:
nd 2023-01-19 15:09:19 +01:00
parent 213fe496cc
commit 69fbca96ab
No known key found for this signature in database
GPG key ID: DC6070031E5A88A6
2 changed files with 16 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

7
defaults/main.yml
View file

@ -8,3 +8,10 @@ postgresql:
allowed_hosts: {} allowed_hosts: {}
dbs: {} dbs: {}
users: {} users: {}
default_allowed_hosts:
type: 'host'
database: 'all'
user: 'all'
source_net: 'all'
auth: 'md5'

17
templates/pg_hba.conf.j2
View file

@ -1,13 +1,14 @@
{% for group in postgresql.allowed_hosts %} # {{ ansible_managed }}
# {{ group }}
{% for item in postgresql.allowed_hosts[group] %}
{{ item.type | default('host') }} {{ item.database | default('all') }} {{ item.user | default('all') }} {{ item.source_net | default('all') }} {{ item.auth | default('md5') }}
{% endfor %}
{% endfor %}
# admin and local access
local all postgres peer local all postgres peer
local all all peer local all all peer
host all all 127.0.0.1/32 md5 host all all 127.0.0.1/32 md5
host all all ::1/128 md5 host all all ::1/128 md5
{% for rulename in postgresql.allowed_hosts %}
{% set item = default_allowed_hosts|combine(postgresql.allowed_hosts[rulename]) %}
# Rule "{{ rulename }}"
{{ item.type }} {{ item.database }} {{ item.user }} {{ item.source_net }} {{ item.auth }}
{% endfor %}