Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F11722339
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
View Options
diff --git a/pillar/dbserver/cluster-A.sls b/pillar/dbserver/cluster-A.sls
index 3ac2008..a31bb37 100644
--- a/pillar/dbserver/cluster-A.sls
+++ b/pillar/dbserver/cluster-A.sls
@@ -1,49 +1,66 @@
dbserver_postgresql:
server:
cluster: A
# Fantoir database needs the pg_trgm extension
with_contrib: True
listen_addresses: "*"
users:
# Password paths are relative to ops/secrets/
airflow:
password: dbserver/cluster-A/users/airflow
privileges:
- database: airflow
scope: schema
privileges:
- ALL
fantoir:
password: dbserver/cluster-A/users/fantoir
privileges:
- database: fantoir
scope: schema
privileges:
- ALL
+ orbeon:
+ password: dbserver/cluster-A/users/orbeon
+ privileges:
+ - database: forms
+ scope: schema
+ privileges:
+ - ALL
+
databases:
airflow:
encoding: UTF8
owner: airflow
fantoir:
encoding: UTF8
owner: fantoir
extensions:
- pg_trgm
+ forms:
+ encoding: UTF8
+ owner: orbeon
+
# Network connections allowed in pg_hba.conf
connections:
- db: airflow
user: airflow
ips: 172.27.27.0/28
- db: fantoir
user: fantoir
ips: 172.27.27.0/28
+
+ - db: forms
+ user: orbeon
+ ips: &dwellers 172.27.27.4/32
+ method: password
diff --git a/roles/dbserver-pgsql/server/files/pg_hba.conf b/roles/dbserver-pgsql/server/files/pg_hba.conf
index 4792689..4102e49 100644
--- a/roles/dbserver-pgsql/server/files/pg_hba.conf
+++ b/roles/dbserver-pgsql/server/files/pg_hba.conf
@@ -1,34 +1,34 @@
# -------------------------------------------------------------
# PostgreSQL
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# Source file: roles/dbserver-pgsql/server/files/pg_hba.conf
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# Local connections
host all all 127.0.0.1/32 scram-sha-256
host all all ::1/128 scram-sha-256
# External connections
{%- for conn in connections %}
-host {{ "%-15s" | format(conn.db) }} {{ "%-15s" | format(conn.user) }} {{ "%-23s" | format(conn.ips) }} scram-sha-256
+host {{ "%-15s" | format(conn.db) }} {{ "%-15s" | format(conn.user) }} {{ "%-23s" | format(conn.ips) }} {{ conn.method | default("scram-sha-256") }}
{%- endfor %}
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 scram-sha-256
host replication all ::1/128 scram-sha-256
File Metadata
Details
Attached
Mime Type
text/x-diff
Expires
Thu, Sep 18, 02:07 (1 d, 21 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2986183
Default Alt Text
(3 KB)
Attached To
Mode
rOPS Nasqueron Operations
Attached
Detach File
Event Timeline
Log In to Comment