kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 29 Pull Requests 2 Projects 2 Activity

Add recipe to set up PostgreSQL replication, rewrite kosmos-postgresql cookbook #163

Manually merged
raucao merged 17 commits from feature/160-postgres_replication into master 2020-05-14 13:10:37 +00:00
Conversation 3 Commits 17 Files Changed 24 -17
1 changed files with 0 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit dd92d6cdb7 - Show all commits

17
site-cookbooks/kosmos-postgresql/README.md
View File

@ -55,20 +55,3 @@ The content of `server.crt`, `server.key` and `root.crt` an stored in the
`postgresql` encrypted data bag. The root key is stored in LastPass
("Self-signed TLS root certificate"). `server.crt` & `server.key` are used by
the PostgreSQL server.
The root certificate needs to be deployed to clients so they verify the cert
can be trusted.
For example:
```ruby
postgresql_data_bag_item = data_bag_item('credentials', 'postgresql')
root_cert_path = "/etc/ssl/certs/root.kosmos.org.crt"
file root_cert_path do
content postgresql_data_bag_item['ssl_root_cert']
mode "0644"
end
```
`/etc/ssl/certs/root.kosmos.org.crt` can be used as the CA root cert path in
the client's configuration