#2287 doc: rewrite PostgreSQL authorization instructions
Merged 3 years ago by tkopecek. Opened 3 years ago by ktdreyer.
ktdreyer/koji doc-postgres  into  master

No commits found

Rewrite the PostgreSQL authorization instructions in the Server HowTo guide.

Provide two complete examples: the "all-in-one localhost" option, and the "separate postgres over the network" option. This reduces the decision trees and makes it easier to copy and paste the entire pg_hba.conf file. Explain what each mystery setting does and link to the PostgreSQL documentation.

Only set listen_addresses to "*" if we need it, and turn it off if we don't.

Simplify the instructions so that the user only restarts the postgresql daemon once.

Clarify that koji-web does not need DB access, and the hub is the only service that requires direct DB access.

Remove the example of authorizing the apache system user, because that implies that the admin must run a series of complicated GRANT instructions to allow both koji and apache to write to the DB. Just grant the koji user full trust access for simplicity.

rebased onto dd6e8fe

3 years ago

Commit b93cff4 fixes this pull-request

Pull-Request has been merged by tkopecek

3 years ago