pyrox.dev / nixpkgs
lol
fork atom

nixos/postgresql: fix inaccurate docs for authentication (#97622)

* nixos/postgresql: fix inaccurate docs for authentication

We actually use peer authentication, then md5 based authentication.
trust is not used.

* Use a link for mkForce docs

Co-authored-by: aszlig <aszlig@redmoonstudios.org>

Co-authored-by: lf- <lf-@users.noreply.github.com>
Co-authored-by: aszlig <aszlig@redmoonstudios.org>

Jade 2df221ec 0544a7f6

options
unified split
Changed files
+10 -5
nixos
modules
services
databases
postgresql.nix
+10 -5
nixos/modules/services/databases/postgresql.nix 
···

       
69

       
69

       
 

       
        type = types.lines;


     

       
70

       
70

       
 

       
        default = "";


     

       
71

       
71

       
 

       
        description = ''


     

       
72

       

       
-

       
          Defines how users authenticate themselves to the server. By


     

       
73

       

       
-

       
          default, "trust" access to local users will always be granted


     

       
74

       

       
-

       
          along with any other custom options. If you do not want this,


     

       
75

       

       
-

       
          set this option using "lib.mkForce" to override this


     

       
76

       

       
-

       
          behaviour.


     

       

       
72

       
+

       
          Defines how users authenticate themselves to the server. See the


     

       

       
73

       
+

       
          <link xlink:href="https://www.postgresql.org/docs/current/auth-pg-hba-conf.html">


     

       

       
74

       
+

       
          PostgreSQL documentation for pg_hba.conf</link>


     

       

       
75

       
+

       
          for details on the expected format of this option. By default,


     

       

       
76

       
+

       
          peer based authentication will be used for users connecting


     

       

       
77

       
+

       
          via the Unix socket, and md5 password authentication will be


     

       

       
78

       
+

       
          used for users connecting via TCP. Any added rules will be


     

       

       
79

       
+

       
          inserted above the default rules. If you'd like to replace the


     

       

       
80

       
+

       
          default rules entirely, you can use <function>lib.mkForce</function> in your


     

       

       
81

       
+

       
          module.


     

       
77

       
82

       
 

       
        '';


     

       
78

       
83

       
 

       
      };


     

       
79

       
84