Clarify the firewall and client authentication rules

Fix a typo in the README
2020-05-12 16:04:58 +02:00 · 2020-05-12 15:59:55 +02:00
1 changed files with 12 additions and 4 deletions
--- a/site-cookbooks/kosmos-postgresql/README.md
+++ b/site-cookbooks/kosmos-postgresql/README.md
@@ -24,7 +24,7 @@ end

 ```ruby
 postgresql_custom_server "12" do
-  role "primary"
+  role "replica"
  tls true
 end
 ```
@@ -36,6 +36,14 @@ to set up replication.
 #### Caveat

 [`firewall_rules`](https://github.com/chef-cookbooks/firewall/issues/134) and
-[`postgresql_access`](https://github.com/sous-chefs/postgresql/issues/648) need
-to be declared in recipes, not resources because of the way custom resources
-work currently in Chef
+[`postgresql_access`](https://github.com/sous-chefs/postgresql/issues/648) are
+declared in recipes, not resources because of the way custom resources
+work currently in Chef. See the `default.rb` and `replica.rb` recipes.
+
+The primary gives access to the `replication` db to the `replication` user
+connecting from a replica, and replicas to the primary. For more information
+about PostgreSQL client authentication, see the
+[official docs](https://www.postgresql.org/docs/12/auth-pg-hba-conf.html)
+
+The primary opens up the PostgreSQL port (5432 TCP) to replicas, and replicas
+to the primary.
Author	SHA1	Message	Date
Greg Karékinian	eb98aa1bac	Clarify the firewall and client authentication rules	2020-05-12 16:04:58 +02:00
Greg Karékinian	0180da1aa6	Fix a typo in the README	2020-05-12 15:59:55 +02:00