Обсуждение: [GENERAL] Tips on maintaining several pg_hba files
Hello everyone,
I have a PostgreSQL cluster with several ROLES that access the node according to his state.
On the master node, I only want the roles that need to write and the admins.
On the synchronous node i would want only roles with read access that require the most up to date data, and the admins
On the asynchronous node allow roles with read acess, and users to debug the system.
So I will probably bee templating the pg_hba.conf file since there are common roles between the systems.
Do you guys have any suggestions on this? Links?
Does pg_hba support to include files?
Regards,
Alfredo Palhares
On Thu, Jan 26, 2017 at 2:36 AM, Alfredo Palhares <alfredo@palhares.me> wrote: > I have a PostgreSQL cluster with several ROLES that access the node > according to his state. > > On the master node, I only want the roles that need to write and the admins. > On the synchronous node i would want only roles with read access that > require the most up to date data, and the admins > On the asynchronous node allow roles with read acess, and users to debug the > system. > > > So I will probably be templating the pg_hba.conf file since there are > common roles between the systems. > Do you guys have any suggestions on this? Links? > > Does pg_hba support to include files? You cannot include an entire file, but it is possible to list users and/or databases via files specified by @: https://www.postgresql.org/docs/9.6/static/auth-pg-hba-conf.html Particularly this bit: Files included by @ constructs are read as lists of names, which can be separated by either whitespace or commas. Comments are introduced by #, just as in pg_hba.conf, and nested @ constructs are allowed. Unless the file name following @ is an absolute path, it is taken to be relative to the directory containing the referencing file. So you could take advantage of that to handle your configurations on different nodes with the same pg_hba.conf, but different users and databases. -- Michael