From e2b1f8eae5a76dda0f4b26fdd253362c96886a31 Mon Sep 17 00:00:00 2001 From: Jeltz Date: Sun, 11 Apr 2021 22:08:11 +0200 Subject: [PATCH] Allow root to connect using peer authentication --- .../templates/postgresql/pg_hba.conf.j2 | 14 +------------- .../templates/postgresql/pg_ident.conf.j2 | 3 ++- 2 files changed, 3 insertions(+), 14 deletions(-) diff --git a/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2 b/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2 index a43b1c1..ec527b3 100644 --- a/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2 +++ b/roles/postgresql_server/templates/postgresql/pg_hba.conf.j2 @@ -1,19 +1,7 @@ {{ ansible_managed | comment }} # TYPE DATABASE USER ADDRESS METHOD - -# DO NOT DISABLE! -# If you change this first entry you will need to make sure that the -# database superuser can access the database using some other method. -# Noninteractive access to all databases is required during automatic -# maintenance (custom daily cronjobs, replication, and similar tasks). -# -# Database administrative login by Unix domain socket -local all postgres peer map=map_root - -# "local" is for Unix domain socket connections only -local all all peer - +local all postgres peer map=map_local {% for host in postgresql_hosts %} host "{{ host.database }}" "{{ host.user }}" {{ host.net }} {{ host.method }} {% endfor %} diff --git a/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2 b/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2 index dd8efa8..5361cda 100644 --- a/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2 +++ b/roles/postgresql_server/templates/postgresql/pg_ident.conf.j2 @@ -1,4 +1,5 @@ {{ ansible_managed | comment }} # MAPNAME SYSTEM-USERNAME PG-USERNAME -map_root root postgress +map_local root postgres +map_local postgres postgres