wip

2025-06-06 17:01:30 +00:00 · 2022-10-25 16:54:18 +11:00 · 2022-10-25 16:54:18 +11:00 · 28c03022d7
commit 28c03022d7
parent 9ed2ff934e
3 changed files with 79 additions and 0 deletions
--- a/storage/databases/postgres/1-introduction/README.md
+++ b/storage/databases/postgres/1-introduction/README.md
@ -15,6 +15,8 @@ PostgreSQL [Docker Image](https://hub.docker.com/_/postgres)
 ## Run a simple PostgreSQL database (compose)

 ```
+cd storage/databases/postgres/1-introduction
+
 docker compose up
 ```

--- a/storage/databases/postgres/2-configuration/README.md
+++ b/storage/databases/postgres/2-configuration/README.md
@ -11,6 +11,7 @@ Let's start where we left off, and review our simple PostgreSQL database:
 ## Run a simple PostgreSQL database (docker)

 ```
+cd storage/databases/postgres/2-configuration
 docker run -it --rm --name postgres `
  -e POSTGRES_PASSWORD=admin123 `
  -v ${PWD}/pgdata:/var/lib/postgresql/data `
@ -44,6 +45,67 @@ Let's set a few things here:
 | PGDATA               |  Path where data is stored       |


+## Configuration files
+
+If we take a look at our `docker` mount that we defined in our `docker run` command: </br>
+
+`-v ${PWD}/pgdata:/var/lib/postgresql/data ` </br>
+
+The `{PWD}/pgdata` folder that we have mounted contains not only data, but some defaut configuration files that we can explore. </br>
+
+Three files are important here:
+
+ 
+
+|Configuration file | Meaning |  Documentation
+|----------------------|---------|-------|
+| pg_hba.conf        |  Host Based Authentication file       | [Official Documentation](https://www.postgresql.org/docs/current/auth-pg-hba-conf.html) |
+| pg_ident.conf    |  User Mappings file       |  [Official Documentation](https://www.postgresql.org/docs/current/auth-username-maps.html)
+| postgresql.conf          |  PostgreSQL main configuraiton       |
+
+## The pg_hba.conf File
+
+We'll start this guide with the host based authentication file. </br>
+This file is automatically created in the data directory as we see. </br>
+We should create a copy of this file and configure it ourselves. </br>
+
+It controls who can access our PostgreSQL server. </br>
+Let's refer to the official documentation as well as walk through the config. </br>
+The config file itself has a great description of the contents. </br>
+
+As mentioned in the previous chapter, it's always good not to rely on default configurations. So let's create our own `pg_hba.conf` file. </br>
+
+We can grab the content from the default configuration and we may edit it as we go.
+
+```
+# TYPE  DATABASE        USER            ADDRESS                 METHOD
+
+# "local" is for Unix domain socket connections only
+local   all             all                                     trust
+# IPv4 local connections:
+host    all             all             127.0.0.1/32            trust
+# IPv6 local connections:
+host    all             all             ::1/128                 trust
+# Allow replication connections from localhost, by a user with the
+# replication privilege.
+local   replication     all                                     trust
+host    replication     all             127.0.0.1/32            trust
+host    replication     all             ::1/128                 trust
+
+host all all all scram-sha-256
+```
+
+## The pg_ident.conf File
+
+This config file is a mapping file between system users and database users. </br>
+Let's refer to the official documentation and walk through the config. </br>
+This is not a feature that we will need in this series, so we will skip this config for the time being. </br>
+
+## The postgresql.conf File
+
+This configuration file is the main one for PostgreSQL. </br>
+As you can see this is a large file with in-depth tuning and customization capability. </br>
+
 ```
 docker run -d --rm --name postgres-1 `
  --net postgres `
--- a/storage/databases/postgres/2-configuration/pg_hba.conf
+++ b/storage/databases/postgres/2-configuration/pg_hba.conf
@ -0,0 +1,15 @@
+# TYPE  DATABASE        USER            ADDRESS                 METHOD
+
+# "local" is for Unix domain socket connections only
+local   all             all                                     trust
+# IPv4 local connections:
+host    all             all             127.0.0.1/32            trust
+# IPv6 local connections:
+host    all             all             ::1/128                 trust
+# Allow replication connections from localhost, by a user with the
+# replication privilege.
+local   replication     all                                     trust
+host    replication     all             127.0.0.1/32            trust
+host    replication     all             ::1/128                 trust
+
+host all all all scram-sha-256