From 5725d926f9ef7bc750f6b09bf67b33aa3e033a6f Mon Sep 17 00:00:00 2001 From: Mitch Riedstra Date: Thu, 3 Oct 2019 18:52:48 -0400 Subject: Write out pgpass, also document how to secure the database for production use --- readme.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'readme.md') diff --git a/readme.md b/readme.md index c33eb97..a9cb622 100644 --- a/readme.md +++ b/readme.md @@ -3,3 +3,24 @@ Ideally used in conjunction with my Alpine Linux playbook, though it shouldn't be hard to adapt it to other systems. + + +Securing your postgres installation should go as follows: + +``` +root@alpine-dev /root # psql -U postgres +psql (11.5) +Type "help" for help. + +postgres=# \password +Enter new password: +Enter it again: +postgres=# \q +root@alpine-dev /root # sv down postgres +root@alpine-dev /root # sed -i.bak -e's/trust$/md5/g' /var/postgres/pg_hba.conf +``` + +Ideally add the password to your `~/.pgpass` if you're going to do +backups from cron or similar. This can be done by defining `postgres_pgpass` +as found commented out in `defaults/main.yml` + -- cgit v1.2.3