kopia lustrzana https://github.com/OpenDroneMap/WebODM
Add option to set trusted hostname for db connections
For improved security, it's useful to be able to limit which host can connect to the database (by setting POSTGRES_ALLOW_HOST to ip or name instead of 'all')pull/1197/head
rodzic
015efb38b7
commit
92b1b683c8
|
@ -3,6 +3,7 @@ MAINTAINER Piero Toffanin <pt@masseranolabs.com>
|
||||||
|
|
||||||
ENV POSTGRES_PASSWORD postgres
|
ENV POSTGRES_PASSWORD postgres
|
||||||
ENV POSTGRES_HOST_AUTH_METHOD trust
|
ENV POSTGRES_HOST_AUTH_METHOD trust
|
||||||
|
ENV POSTGRES_ALLOW_HOST all
|
||||||
ENV GOSU_VERSION 1.12
|
ENV GOSU_VERSION 1.12
|
||||||
ENV PG_MAJOR 9.5
|
ENV PG_MAJOR 9.5
|
||||||
ENV PG_VERSION 9.5.25
|
ENV PG_VERSION 9.5.25
|
||||||
|
|
|
@ -222,6 +222,7 @@ docker_setup_env() {
|
||||||
}
|
}
|
||||||
|
|
||||||
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
|
# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections
|
||||||
|
# set POSTGRES_ALLOW_HOST to limit trusted hosts, can be ip or domain, default is "all"
|
||||||
pg_setup_hba_conf() {
|
pg_setup_hba_conf() {
|
||||||
{
|
{
|
||||||
echo
|
echo
|
||||||
|
@ -229,7 +230,7 @@ pg_setup_hba_conf() {
|
||||||
echo '# warning trust is enabled for all connections'
|
echo '# warning trust is enabled for all connections'
|
||||||
echo '# see https://www.postgresql.org/docs/12/auth-trust.html'
|
echo '# see https://www.postgresql.org/docs/12/auth-trust.html'
|
||||||
fi
|
fi
|
||||||
echo "host all all all $POSTGRES_HOST_AUTH_METHOD"
|
echo "host all all $POSTGRES_ALLOW_HOST $POSTGRES_HOST_AUTH_METHOD"
|
||||||
} >> "$PGDATA/pg_hba.conf"
|
} >> "$PGDATA/pg_hba.conf"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Ładowanie…
Reference in New Issue