diff --git a/bundles/postgresql/files/pg_hba.conf b/bundles/postgresql/files/pg_hba.conf index 801cef7..950dd28 100644 --- a/bundles/postgresql/files/pg_hba.conf +++ b/bundles/postgresql/files/pg_hba.conf @@ -12,11 +12,11 @@ local all postgres peer # "local" is for Unix domain socket connections only local all all peer # IPv4 local connections: -host all all 127.0.0.1/32 md5 +host all all 127.0.0.1/32 ${node.metadata.get('postgresql/password_algorithm', 'md5')} # IPv6 local connections: -host all all ::1/128 md5 +host all all ::1/128 ${node.metadata.get('postgresql/password_algorithm', 'md5')} # Allow replication connections from localhost, by a user with the # replication privilege. local replication all peer -host replication all 127.0.0.1/32 md5 -host replication all ::1/128 md5 +host replication all 127.0.0.1/32 ${node.metadata.get('postgresql/password_algorithm', 'md5')} +host replication all ::1/128 ${node.metadata.get('postgresql/password_algorithm', 'md5')} diff --git a/bundles/postgresql/items.py b/bundles/postgresql/items.py index 21ae0cc..db72238 100644 --- a/bundles/postgresql/items.py +++ b/bundles/postgresql/items.py @@ -19,6 +19,7 @@ directories = { files = { f"/etc/postgresql/{version}/main/pg_hba.conf": { + 'content_type': 'mako', 'mode': '0640', 'owner': 'postgres', 'group': 'postgres', diff --git a/nodes/mseibert.freescout.py b/nodes/mseibert.freescout.py index c186b08..57407fb 100644 --- a/nodes/mseibert.freescout.py +++ b/nodes/mseibert.freescout.py @@ -30,6 +30,9 @@ 'gateway6': 'fe80::1', }, }, + 'postgresql': { + 'password_algorithm': 'scram-sha-256', + }, 'freescout': { 'domain': 'foerderkreis.oranienschule-wiesbaden-wiki.de', }, diff --git a/nodes/mseibert.mailman.py b/nodes/mseibert.mailman.py index b2a9b7d..06c53ab 100644 --- a/nodes/mseibert.mailman.py +++ b/nodes/mseibert.mailman.py @@ -6,9 +6,9 @@ { 'hostname': '91.99.123.176', 'groups': [ - #'backup', + 'backup', 'debian-12', - #'monitored', + 'monitored', 'webserver', ], 'bundles': [