diff options
author | Jade <software@lfcode.ca> | 2020-10-31 00:35:19 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-31 03:35:19 -0400 |
commit | 2df221ec8a95566ba771f102fd421c12b41d875c (patch) | |
tree | 8b3fd19a672844913758aceec2b45971c83e1276 /nixos/modules/services | |
parent | 0544a7f672749c88b7569f49b33ed5f2437a2e15 (diff) | |
download | nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.tar nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.tar.gz nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.tar.bz2 nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.tar.lz nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.tar.xz nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.tar.zst nixpkgs-2df221ec8a95566ba771f102fd421c12b41d875c.zip |
nixos/postgresql: fix inaccurate docs for authentication (#97622)
* nixos/postgresql: fix inaccurate docs for authentication We actually use peer authentication, then md5 based authentication. trust is not used. * Use a link for mkForce docs Co-authored-by: aszlig <aszlig@redmoonstudios.org> Co-authored-by: lf- <lf-@users.noreply.github.com> Co-authored-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/databases/postgresql.nix | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 5056d50153f..f582b059277 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -69,11 +69,16 @@ in type = types.lines; default = ""; description = '' - Defines how users authenticate themselves to the server. By - default, "trust" access to local users will always be granted - along with any other custom options. If you do not want this, - set this option using "lib.mkForce" to override this - behaviour. + Defines how users authenticate themselves to the server. See the + <link xlink:href="https://www.postgresql.org/docs/current/auth-pg-hba-conf.html"> + PostgreSQL documentation for pg_hba.conf</link> + for details on the expected format of this option. By default, + peer based authentication will be used for users connecting + via the Unix socket, and md5 password authentication will be + used for users connecting via TCP. Any added rules will be + inserted above the default rules. If you'd like to replace the + default rules entirely, you can use <function>lib.mkForce</function> in your + module. ''; }; |