File tree 3 files changed +27
-1
lines changed
pkg/apis/postgres-operator.crunchydata.com/v1beta1
3 files changed +27
-1
lines changed Original file line number Diff line number Diff line change 4040 description: PostgresClusterSpec defines the desired state of PostgresCluster
4141 properties:
4242 authentication:
43+ description: Authentication settings for the PostgreSQL server
4344 properties:
4445 rules:
45- description: 'More info: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html'
46+ description: |-
47+ Postgres compares every new connection to these rules in the order they are
48+ defined. The first rule that matches determines if and how the connection
49+ must then authenticate. Connections that match no rules are disconnected.
50+
51+ When this is omitted or empty, Postgres accepts encrypted connections to any
52+ database from users that have a password. To refuse all network connections,
53+ set this to one rule that matches "host" connections to the "reject" method.
54+
55+ More info: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
4656 items:
4757 properties:
4858 connection:
7989 description: |-
8090 The authentication method to use when a connection matches this rule.
8191 The special value "reject" refuses connections that match this rule.
92+
8293 More info: https://www.postgresql.org/docs/current/auth-methods.html
8394 maxLength: 20
8495 minLength: 1
93104 - type: integer
94105 - type: string
95106 x-kubernetes-int-or-string: true
107+ description: Additional settings for this rule or its authentication
108+ method.
96109 maxProperties: 20
97110 type: object
98111 x-kubernetes-map-type: atomic
@@ -4447,6 +4460,7 @@ spec:
44474460 type: object
44484461 type: object
44494462 config:
4463+ description: General configuration of the PostgreSQL server
44504464 properties:
44514465 files:
44524466 description: Files to mount under "/etc/postgres".
Original file line number Diff line number Diff line change @@ -10,6 +10,14 @@ import (
1010)
1111
1212type PostgresAuthenticationSpec struct {
13+ // Postgres compares every new connection to these rules in the order they are
14+ // defined. The first rule that matches determines if and how the connection
15+ // must then authenticate. Connections that match no rules are disconnected.
16+ //
17+ // When this is omitted or empty, Postgres accepts encrypted connections to any
18+ // database from users that have a password. To refuse all network connections,
19+ // set this to one rule that matches "host" connections to the "reject" method.
20+ //
1321 // More info: https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
1422 // ---
1523 // +kubebuilder:validation:MaxItems=10
@@ -99,6 +107,7 @@ type PostgresHBARule struct {
99107
100108 // The authentication method to use when a connection matches this rule.
101109 // The special value "reject" refuses connections that match this rule.
110+ //
102111 // More info: https://www.postgresql.org/docs/current/auth-methods.html
103112 // ---
104113 // +kubebuilder:validation:MinLength=1
@@ -108,6 +117,7 @@ type PostgresHBARule struct {
108117 // +optional
109118 Method string `json:"method,omitempty"`
110119
120+ // Additional settings for this rule or its authentication method.
111121 // ---
112122 // +kubebuilder:validation:MaxProperties=20
113123 // +mapType=atomic
Original file line number Diff line number Diff line change @@ -21,13 +21,15 @@ type PostgresClusterSpec struct {
2121 // +optional
2222 DataSource * DataSource `json:"dataSource,omitempty"`
2323
24+ // Authentication settings for the PostgreSQL server
2425 // +optional
2526 Authentication * PostgresAuthenticationSpec `json:"authentication,omitempty"`
2627
2728 // PostgreSQL backup configuration
2829 // +optional
2930 Backups Backups `json:"backups,omitempty"`
3031
32+ // General configuration of the PostgreSQL server
3133 // +optional
3234 Config * PostgresConfigSpec `json:"config,omitempty"`
3335
You can’t perform that action at this time.
0 commit comments