From 7712fa4680600b86da0fc34a1c333fcdc612a180 Mon Sep 17 00:00:00 2001 From: Charlie Orford Date: Wed, 20 Feb 2019 23:48:18 +0000 Subject: [PATCH] Fixed console & stats user; added non-sensitive auth related vars to role defaults (and updated README accordingly) --- README.md | 8 ++------ defaults/main.yml | 14 +++++++++----- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 05c88de..552b72c 100644 --- a/README.md +++ b/README.md @@ -2,14 +2,10 @@ Ansible role to compile and install pgbouncer (a reverse proxy for postgresql). -The following vars should be set in a separate var file and encrypted with Ansible vault (or similar): +The password for `$pgbouncer_auth_user` should be set in a separate var file and encrypted with Ansible vault (or similar): ``` -pgbouncer_auth_user: "pgbouncer" -pgbouncer_auth_password: "md5 hash of password prefixed with the string: md5" -pgbouncer_auth_type: "md5" -pgbouncer_auth_file: "/etc/pgbouncer/auth.conf" -pgbouncer_auth_query: "SELECT uname, phash from user_lookup($1)" +pgbouncer_auth_password: "md5 hash of password, prefixed with the string: md5" ``` Databases for pgbouncer to connect to are specified as a list using the pgbouncer_databases var. Example: diff --git a/defaults/main.yml b/defaults/main.yml index e775de5..54c77c3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,16 +6,20 @@ pgbouncer_workspace: "/usr/local/src" pgbouncer_reinstall: no pgbouncer_conf_file: "/etc/pgbouncer/pgbouncer.ini" pgbouncer_pid_file: "/run/pgbouncer/pgbouncer.pid" -pgbouncer_log_file: "" # By default, logs go to syslog +pgbouncer_log_file: "" # By default logs go to syslog pgbouncer_install_path: "/usr/local" pgbouncer_socket_path: "/run/pgbouncer" pgbouncer_libevent_path: "/usr/lib" # Leave blank if you want the ./configure script try and find it itself -pgbouncer_run_as_user: "pgbouncer" -pgbouncer_run_as_group: "pgbouncer" pgbouncer_port: 6432 pgbouncer_listen_address: "*" -pgbouncer_admin_users: ["postgres"] -pgbouncer_stats_users: ["postgres"] +pgbouncer_run_as_user: "pgbouncer" +pgbouncer_run_as_group: "pgbouncer" +pgbouncer_admin_users: ["pgbouncer"] +pgbouncer_stats_users: ["pgbouncer"] +pgbouncer_auth_user: "pgbouncer" +pgbouncer_auth_type: "md5" # Note: at the moment only the md5 auth type is supported +pgbouncer_auth_file: "/etc/pgbouncer/auth.conf" +pgbouncer_auth_query: "SELECT uname, phash from user_lookup($1)" # See README for more info pgbouncer_pool_mode: "transaction" pgbouncer_default_client_encoding: "UNICODE" pgbouncer_max_client_conn: 800