postgres: Set auth method to "reject"
This will reject connections from anywhere except 127.0.0.1, i.e., the pod's network namespace. This makes password authentication properly obsolete, instead of just hiding the password (but still never authenticating with it), but required a change upstream: https://github.com/docker-library/postgres/pull/859
This commit is contained in:
parent
7c24369cb9
commit
05b6738c85
|
@ -42,6 +42,7 @@
|
||||||
environment = {
|
environment = {
|
||||||
POSTGRES_DB = "gitea";
|
POSTGRES_DB = "gitea";
|
||||||
POSTGRES_USER = "gitea";
|
POSTGRES_USER = "gitea";
|
||||||
|
POSTGRES_HOST_AUTH_METHOD = "reject";
|
||||||
};
|
};
|
||||||
volumes = [ "gitea-db-data:/var/lib/postgresql/data" ];
|
volumes = [ "gitea-db-data:/var/lib/postgresql/data" ];
|
||||||
};
|
};
|
||||||
|
|
|
@ -43,6 +43,7 @@
|
||||||
environment = {
|
environment = {
|
||||||
POSTGRES_DB = "nextcloud";
|
POSTGRES_DB = "nextcloud";
|
||||||
POSTGRES_USER = "nextcloud";
|
POSTGRES_USER = "nextcloud";
|
||||||
|
POSTGRES_HOST_AUTH_METHOD = "reject";
|
||||||
};
|
};
|
||||||
volumes = [ "nextcloud-db-data:/var/lib/postgresql/data" ];
|
volumes = [ "nextcloud-db-data:/var/lib/postgresql/data" ];
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue