From 20288319af677a8058aa5d258fd294d71ca0f295 Mon Sep 17 00:00:00 2001 From: Phil Sphicas Date: Fri, 23 Oct 2020 17:37:28 +0000 Subject: [PATCH] postgresql: Revert "Add default reject rule ..." This reverts commit 982e3754a5755cc227552b6f1fcc195e8793589c. "Add default reject rule end in Postgres pg_hba.conf to ensure all connections must be explicitly allowed." The original commit introduced a breaking change when installing with the chart defaults - before, all remote connections with md5 auth were allowed, and after the change, only explicit users are allowed. This is fully overridable, but the original defaults are more conservative. Change-Id: Ib297e480bccd3ac7c0cf15985b3def2c8b3e889e --- postgresql/Chart.yaml | 2 +- postgresql/values.yaml | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/postgresql/Chart.yaml b/postgresql/Chart.yaml index 9ba8533d7..7ebe66d8a 100644 --- a/postgresql/Chart.yaml +++ b/postgresql/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v9.6 description: OpenStack-Helm PostgreSQL name: postgresql -version: 0.1.5 +version: 0.1.6 home: https://www.postgresql.org sources: - https://github.com/postgres/postgres diff --git a/postgresql/values.yaml b/postgresql/values.yaml index 9e3ae0913..ee50bb734 100644 --- a/postgresql/values.yaml +++ b/postgresql/values.yaml @@ -277,11 +277,8 @@ conf: debug: false pg_hba: | host all all 127.0.0.1/32 trust - host all postgresql-admin 0.0.0.0/0 md5 - host all postgres 0.0.0.0/0 md5 - host all psql_exporter 0.0.0.0/0 md5 + host all all 0.0.0.0/0 md5 local all all trust - host all all 0.0.0.0/0 reject postgresql: archive_mode: 'on'