kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Clarify the firewall and client authentication rules

Browse Source
This commit is contained in:
Greg Karékinian 2020-05-12 16:04:58 +02:00
parent 0180da1aa6
commit eb98aa1bac
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
site-cookbooks/kosmos-postgresql/README.md
View File

@ -36,6 +36,14 @@ to set up replication.
#### Caveat #### Caveat
[`firewall_rules`](https://github.com/chef-cookbooks/firewall/issues/134) and [`firewall_rules`](https://github.com/chef-cookbooks/firewall/issues/134) and
[`postgresql_access`](https://github.com/sous-chefs/postgresql/issues/648) need [`postgresql_access`](https://github.com/sous-chefs/postgresql/issues/648) are
to be declared in recipes, not resources because of the way custom resources declared in recipes, not resources because of the way custom resources
work currently in Chef work currently in Chef. See the `default.rb` and `replica.rb` recipes.
The primary gives access to the `replication` db to the `replication` user
connecting from a replica, and replicas to the primary. For more information
about PostgreSQL client authentication, see the
[official docs](https://www.postgresql.org/docs/12/auth-pg-hba-conf.html)
The primary opens up the PostgreSQL port (5432 TCP) to replicas, and replicas
to the primary.