From d0b3ed08271e28cd12de06ac4cd0998d0cb752dc Mon Sep 17 00:00:00 2001 From: Miguel Ruiz Date: Tue, 23 Mar 2021 17:18:46 +0100 Subject: [PATCH] [bitnami/postgresql-ha] Add Repmgr passfile settings (#5879) * [bitnami/postgresql-ha] Add Repmgr passfile settings * Update README.md with passfile settings --- bitnami/postgresql-ha/Chart.yaml | 2 +- bitnami/postgresql-ha/README.md | 2 ++ .../postgresql-ha/templates/postgresql/statefulset.yaml | 6 ++++++ bitnami/postgresql-ha/values.yaml | 8 ++++++++ 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/bitnami/postgresql-ha/Chart.yaml b/bitnami/postgresql-ha/Chart.yaml index 5fb1506d61..5adc712432 100644 --- a/bitnami/postgresql-ha/Chart.yaml +++ b/bitnami/postgresql-ha/Chart.yaml @@ -27,4 +27,4 @@ name: postgresql-ha sources: - https://github.com/bitnami/bitnami-docker-postgresql - https://www.postgresql.org/ -version: 6.7.0 +version: 6.8.0 diff --git a/bitnami/postgresql-ha/README.md b/bitnami/postgresql-ha/README.md index 3392165b9f..58cdb65879 100644 --- a/bitnami/postgresql-ha/README.md +++ b/bitnami/postgresql-ha/README.md @@ -123,6 +123,8 @@ The following table lists the configurable parameters of the PostgreSQL HA chart | `postgresql.postgresPassword` | PostgreSQL password for the `postgres` user when `username` is not `postgres` | `nil` | | `postgresql.database` | PostgreSQL database | `postgres` | | `postgresql.usePasswordFile` | Have the secrets mounted as a file instead of env vars | `false` | +| `postgresql.repmgrUsePassfile` | Configure repmgrl to use `passfile` instead of `password` vars | `false` | +| `postgresql.repmgrPassfilePath` | Custom path where `passfile` will be stored | `nil` | | `postgresql.upgradeRepmgrExtension` | Upgrade repmgr extension in the database | `false` | | `postgresql.pgHbaTrustAll` | Configures PostgreSQL HBA to trust every user | `false` | | `postgresql.syncReplication` | Make the replication synchronous. This will wait until the data is synchronized in all the replicas before other query can be run. This ensures the data availability at the expenses of speed. | `false` | diff --git a/bitnami/postgresql-ha/templates/postgresql/statefulset.yaml b/bitnami/postgresql-ha/templates/postgresql/statefulset.yaml index b5d7428aed..ff47083b2d 100644 --- a/bitnami/postgresql-ha/templates/postgresql/statefulset.yaml +++ b/bitnami/postgresql-ha/templates/postgresql/statefulset.yaml @@ -255,6 +255,12 @@ spec: name: {{ include "postgresql-ha.postgresqlSecretName" . }} key: repmgr-password {{- end }} + {{- if .Values.postgresql.repmgrUsePassfile }} + - name: REPMGR_USE_PASSFILE + value: {{ ternary "true" "false" .Values.postgresql.repmgrUsePassfile | quote }} + - name: REPMGR_PASSFILE_PATH + value: {{ default "/opt/bitnami/repmgr/conf/.pgpass" .Values.postgresql.repmgrPassfilePath }} + {{- end }} {{- if (include "postgresql-ha.repmgrDatabase" .) }} - name: REPMGR_DATABASE value: {{ (include "postgresql-ha.repmgrDatabase" .) | quote }} diff --git a/bitnami/postgresql-ha/values.yaml b/bitnami/postgresql-ha/values.yaml index a0b139aebb..a66f4bd2f5 100644 --- a/bitnami/postgresql-ha/values.yaml +++ b/bitnami/postgresql-ha/values.yaml @@ -350,6 +350,14 @@ postgresql: ## Mount PostgreSQL secret as a file instead of passing environment variable # usePasswordFile: false + ## Store Repmgr username and password into a passfile with format "*:*:*:username:password" and use it to configure Repmgr instead of using password (Requires Postgresql 10+, otherwise ignored) + # ref: https://repmgr.org/docs/current/configuration-password-management.html + # https://www.postgresql.org/docs/current/libpq-pgpass.html + # repmgrUsePassfile: false + + ## Store Repmgr in a custom path + # repmgrPassfilePath: + ## Upgrade repmgr extension in the database ## upgradeRepmgrExtension: false