diff --git a/debian/changelog b/debian/changelog index 58ae881..f925433 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ patroni (1.5.4-5) UNRELEASED; urgency=medium - * + [ Michael Banck ] + * debian/config.yml.in: Set postgresql.pgpass option and add a commented-out + pg_hba line for md5 connections from the local network. -- Debian PostgreSQL Maintainers Tue, 29 Jan 2019 11:22:38 +0100 diff --git a/debian/config.yml.in b/debian/config.yml.in index f73e841..6d2f6d0 100644 --- a/debian/config.yml.in +++ b/debian/config.yml.in @@ -53,11 +53,14 @@ bootstrap: # archive_command: mkdir -p ../wal_archive && test ! -f ../wal_archive/%f && cp %p ../wal_archive/%f # recovery_conf: # restore_command: cp ../wal_archive/%f %p - # Set pg_hba.conf to the following values after bootstrapping or cloning + # Set pg_hba.conf to the following values after bootstrapping or cloning. + # If you want to allow regular connections from the local network, or + # want to use pg_rewind, you need to uncomment the fourth entry. pg_hba: - local all all peer - host all all 127.0.0.1/32 md5 - host all all ::1/128 md5 +# - host all all @NETWORK@ md5 - local replication all peer - host replication all 127.0.0.1/32 md5 - host replication all ::1/128 md5 @@ -76,8 +79,7 @@ postgresql: data_dir: /var/lib/postgresql/@VERSION@/@CLUSTER@ bin_dir: /usr/lib/postgresql/@VERSION@/bin config_dir: /etc/postgresql/@VERSION@/@CLUSTER@ - # optional pgpass file that patroni uses (has to exist) - #pgpass: /etc/postgresql/11/patroni/pgpass + pgpass: /etc/postgresql/@VERSION@/@CLUSTER@/pgpass authentication: replication: username: replicator