about summary refs log tree commit diff stats
path: root/tools/conf/srv/pgsql/data/pg_hba.conf
diff options
context:
space:
mode:
Diffstat (limited to 'tools/conf/srv/pgsql/data/pg_hba.conf')
-rw-r--r--tools/conf/srv/pgsql/data/pg_hba.conf36
1 files changed, 20 insertions, 16 deletions
diff --git a/tools/conf/srv/pgsql/data/pg_hba.conf b/tools/conf/srv/pgsql/data/pg_hba.conf
index 55ce3f3..af37ab4 100644
--- a/tools/conf/srv/pgsql/data/pg_hba.conf
+++ b/tools/conf/srv/pgsql/data/pg_hba.conf
@@ -42,10 +42,10 @@
 # or "samenet" to match any address in any subnet that the server is
 # directly connected to.
 #
-# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
-# "ident", "peer", "pam", "ldap", "radius" or "cert".  Note that
-# "password" sends passwords in clear text; "md5" is preferred since
-# it sends encrypted passwords.
+# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256",
+# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert".
+# Note that "password" sends passwords in clear text; "md5" or
+# "scram-sha-256" are preferred since they send encrypted passwords.
 #
 # OPTIONS are a set of options for the authentication in the format
 # NAME=VALUE.  The available options depend on the different
@@ -59,11 +59,11 @@
 # its special character, and just match a database or username with
 # that name.
 #
-# This file is read on server startup and when the postmaster receives
-# a SIGHUP signal.  If you edit the file on a running system, you have
-# to SIGHUP the postmaster for the changes to take effect.  You can
-# use "pg_ctl reload" to do that.
-
+# This file is read on server startup and when the server receives a
+# SIGHUP signal.  If you edit the file on a running system, you have to
+# SIGHUP the server for the changes to take effect, run "pg_ctl reload",
+# or execute "SELECT pg_reload_conf()".
+#
 # Put your actual configuration here
 # ----------------------------------
 #
@@ -82,15 +82,19 @@
 
 # "local" is for Unix domain socket connections only
 #local   all             all                                     trust
-local   all             postgres                                ident
 # IPv4 local connections:
-host    all             all             127.0.0.1/32            trust
-#hostssl    all             all             192.168.0.0/32          md5
-
+#host    all             all             127.0.0.1/32            trust
 # IPv6 local connections:
 #host    all             all             ::1/128                 trust
 # Allow replication connections from localhost, by a user with the
 # replication privilege.
-#local   replication     postgres                                trust
-#host    replication     postgres        127.0.0.1/32            trust
-#host    replication     postgres        ::1/128                 trust
+#local   replication     all                                     trust
+#host    replication     all             127.0.0.1/32            trust
+#host    replication     all             ::1/128                 trust
+
+# TYPE  DATABASE    USER     ADDRESS       METHOD
+local   postgres    postgres               trust
+host    postgres    postgres 127.0.0.1/32  trust
+host    db_flyspray flyspray 127.0.0.1/32  md5
+host    all         all      127.0.0.1/32  scram-sha-256
+host    all         all      0.0.0.0/0     reject
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-11-20 02:38:16 +0000