xoxys.postgres/defaults/main.yml

53 lines
1.7 KiB
YAML

---
postgres_repository_enabled: False
postgres_version: 10
postgres_repository_filename: "Postgresql-{{ postgres_version | regex_replace('\\.') }}"
postgres_user: postgres
postgres_group: postgres
# Available postgresql.conf options
postgres_log_destination:
- stderr
postgres_log_directory: log
postgres_log_filename: postgresql.log
postgres_log_rotation_age: 1d
postgres_log_rotation_size: 0
postgres_iptables_enabled: False
postgres_connection_port: 5432
postgres_connection_addresses:
- localhost
postgres_socket_directories:
- /var/run/postgresql
postgres_password_encryption: md5
# Enable and setup ssl transport security
postgres_tls_enabled: False
postgres_tls_cert_filename: "mycert.pem"
postgres_tls_key_filename: "mykey.pem"
postgres_tls_source_use_content: False
postgres_tls_source_use_files: True
postgres_tls_cert_source: mycert.pem
postgres_tls_key_source: mykey.pem
postgres_users: []
# - name: jdoe #required; the rest are optional
# password: # defaults to not set
# encrypted: # defaults to 'yes'
# priv: # defaults to not set
# role_attr_flags: # defaults to not set
# db: # defaults to not set
# login_host: # defaults to 'localhost'
# login_password: # defaults to not set
# login_user: # defaults to '{{ postgres_user }}'
# login_unix_socket: # defaults to 1st of postgres_socket_directories
# port: # defaults to not set
# state: # defaults to 'present'
# pam_user: # defaults to not set
postgres_hba_entries:
- {type: local, database: all, user: all, auth_method: peer}
- {type: host, database: all, user: all, address: '127.0.0.1/32', auth_method: md5}
- {type: host, database: all, user: all, address: '::1/128', auth_method: md5}