Skip to content

Commit 003bfc5

Browse files
skressskress
committed
Change password_encryption from 'on' to 'md5' for PostgreSQL 10+.
see: ANXS#368
1 parent c93b242 commit 003bfc5

File tree

4 files changed

+4
-4
lines changed

4 files changed

+4
-4
lines changed

defaults/main.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -148,7 +148,7 @@ postgresql_ssl_cert_file: "/etc/ssl/certs/ssl-cert-snakeoil.pem" # (>= 9.2)
148148
postgresql_ssl_key_file: "/etc/ssl/private/ssl-cert-snakeoil.key" # (>= 9.2)
149149
postgresql_ssl_ca_file: "" # (>= 9.2)
150150
postgresql_ssl_crl_file: "" # (>= 9.2)
151-
postgresql_password_encryption: on
151+
postgresql_password_encryption: "{{ 'md5' if postgresql_version is version_compare('10', '>=') else 'on' }}"
152152
postgresql_db_user_namespace: off
153153
postgresql_row_security: on # (>= 9.5)
154154

templates/postgresql.conf-10.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ ssl_cert_file = '{{postgresql_ssl_cert_file}}' # (change requires restart)
8787
ssl_key_file = '{{postgresql_ssl_key_file}}' # (change requires restart)
8888
ssl_ca_file = '{{postgresql_ssl_ca_file}}' # (change requires restart)
8989
ssl_crl_file = '{{postgresql_ssl_crl_file}}' # (change requires restart)
90-
password_encryption = {{'on' if postgresql_password_encryption else 'off'}} # md5 or scram-sha-256
90+
password_encryption = {{ postgresql_password_encryption }} # md5 or scram-sha-256
9191
db_user_namespace = {{'on' if postgresql_db_user_namespace else 'off'}}
9292
row_security = {{'on' if postgresql_row_security else 'off'}}
9393

templates/postgresql.conf-11.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ tcp_keepalives_count = {{ postgresql_tcp_keepalives_count }} # TCP_KEEPCNT;
8787
# - Authentication -
8888

8989
authentication_timeout = {{ postgresql_authentication_timeout }} # 1s-600s
90-
password_encryption = {{ 'on' if postgresql_password_encryption else 'off' }} # md5 or scram-sha-256
90+
password_encryption = {{ postgresql_password_encryption }} # md5 or scram-sha-256
9191
db_user_namespace = {{ 'on' if postgresql_db_user_namespace else 'off' }}
9292

9393
# GSSAPI using Kerberos

templates/postgresql.conf-12.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ tcp_user_timeout = {{ postgresql_tcp_user_timeout }} # TCP_USE
8989
# - Authentication -
9090

9191
authentication_timeout = {{ postgresql_authentication_timeout }} # 1s-600s
92-
password_encryption = {{ 'on' if postgresql_password_encryption else 'off' }} # md5 or scram-sha-256
92+
password_encryption = {{ postgresql_password_encryption }} # md5 or scram-sha-256
9393
db_user_namespace = {{ 'on' if postgresql_db_user_namespace else 'off' }}
9494

9595
# GSSAPI using Kerberos

0 commit comments

Comments
 (0)