Skip to content

postgresql/server: Allow remote postgres access to db (via pgbouncer as well)

This allows 'postgres' user connection to postgresql db (direct access or via pgbouncer). Ultimately, allowing to run swh db init-admin cli for staging/production nodes.

Related to T2736

Test Plan

  • vagrant
$ vagrant provision staging-db1
... <- ok
$ psql -U postgres -h 10.168.130.11 -p 5432 swh-scheduler  # <- or any other db, 5433 works as well
Password for user postgres:
psql (12.2, server 12.4 (Debian 12.4-1.pgdg100+1))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.
>
  • bin/octocatalog

  • [2]

bin/octocatalog-diff --octocatalog-diff-args --no-truncate-details --to staging db1.internal.staging.swh.network
Found host db1.internal.staging.swh.network
WARN     -> Environment "open-template1" contained non-word characters, correcting name to open_template1
WARN     -> Environment "wip-pg-hba-rules-in-yaml" contained non-word characters, correcting name to wip_pg_hba_rules_in_yaml
Cloning into '/tmp/swh-ocd.EnwPLnXh/environments/production/data/private'...
done.
Cloning into '/tmp/swh-ocd.EnwPLnXh/environments/staging/data/private'...
done.
*** Running octocatalog-diff on host db1.internal.staging.swh.network
I, [2020-10-30T13:12:02.760548 #23147]  INFO -- : Catalogs compiled for db1.internal.staging.swh.network
I, [2020-10-30T13:12:04.304854 #23147]  INFO -- : Diffs computed for db1.internal.staging.swh.network
diff origin/production/db1.internal.staging.swh.network current/db1.internal.staging.swh.network
*******************************************
- Concat::Fragment[pg_hba_rule_deny access to postgresql user]
*******************************************
- Concat_fragment[pg_hba_rule_deny access to postgresql user]
*******************************************
- Postgresql::Server::Pg_hba_rule[deny access to postgresql user]
*******************************************
*** End octocatalog-diff on db1.internal.staging.swh.network

Migrated from D4375 (view on Phabricator)

Merge request reports

Loading