Patroni: (bootstrap from backup) - generate pg_hba.conf before start …

…patroni And allow trust local addresses 127.0.0.1/32 and :: 1/128 for replication. This is not required, but it avoids unnecessary errors in the Patroni log when deploying a cluster from a backup. Fixed: Patroni log: Sep 21 17:23:04 pgnode01 patroni[17630]: psycopg2.OperationalError: could not connect to server: Connection refused Sep 21 17:23:04 pgnode01 patroni[17630]: Is the server running on host "localhost" (::1) and accepting Sep 21 17:23:04 pgnode01 patroni[17630]: TCP/IP connections on port 5432? Sep 21 17:23:04 pgnode01 patroni[17630]: FATAL: password authentication failed for user "replicator" PostgreSQL log: 2020-09-21 17:23:04 MSK [11512-2] 127.0.0.1(64134) replicator@[unknown] DETAIL: Password does not match for user "replicator". Connection matched pg_hba.conf line 98: "host replication all 127.0.0.1/32 md5" #60
vitabaks · Sep 21, 2020 · 0c4a4e7 · 0c4a4e7
1 parent fc3c5f6
commit 0c4a4e7
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/roles/patroni/tasks/main.yml b/roles/patroni/tasks/main.yml
@@ -701,6 +701,18 @@
   become_user: postgres
   tags: patroni, point_in_time_recovery
 
+- block:  # PITR (custom bootstrap) - generate pg_hba.conf
+    - name: Generate pg_hba.conf (before start patroni)
+      template:
+        src: templates/pg_hba.conf.j2
+        dest: "{{ postgresql_conf_dir }}/pg_hba.conf"
+        owner: postgres
+        group: postgres
+        mode: 0640
+  when: patroni_cluster_bootstrap_method != "initdb" and
+        (existing_pgcluster is not defined or not existing_pgcluster|bool)
+  tags: patroni, point_in_time_recovery
+
 - block:  # start patroni on master
     - name: Start patroni service on the Master server
       systemd:

diff --git a/roles/patroni/templates/pg_hba.conf.j2 b/roles/patroni/templates/pg_hba.conf.j2
@@ -92,7 +92,7 @@
 {% endfor %}
 # Allow replication connections from localhost, by a user with the
 # replication privilege.
-  host      replication              {{ patroni_replication_username }}               127.0.0.1/32             md5
+  host      replication              {{ patroni_replication_username }}               localhost                trust
 {% for host in groups['postgres_cluster'] %}
   host      replication              {{ patroni_replication_username }}               {{ hostvars[host]['inventory_hostname'] }}/32         md5
 {% endfor %}