| From: | kamal deen <kamaldeendba(at)gmail(dot)com> |
|---|---|
| To: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com> |
| Cc: | pgsql-admin <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: Super user password explicit in patroni yml |
| Date: | 2025-02-26 20:00:55 |
| Message-ID: | CAAGAcEdPLiRqHwjT04iKyUy_1+qsF+0xEZi8rWuY9Qc4_vf_eA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Thank you John,
Without .pgpass file patroni can connect to postgres ?
How patroni service works in this sinario?
Any insight on that postgres patroni configuration?
***//Authentication Config Sample from Patrnoi yml file // ***
=================
pgpass: /tmp/pgpass
authentication:
replication:
username: replicator
password: **********
superuser:
username: postgres
password: **********
===================
Regards,
SK
On Thu, Feb 27, 2025, 12:58 AM Ron Johnson <ronljohnsonjr(at)gmail(dot)com> wrote:
> On Wed, Feb 26, 2025 at 2:07 PM kamal deen <kamaldeendba(at)gmail(dot)com> wrote:
>
>> Hi All,
>>
> [snip]
>
>> And also pls share the best way to rotate the DB user password in
>> postgres.
>>
>
> I wrote a shell script to generate(*) a password, run the ALTER ROLE
> command, push the VALID UNTIL out by 3 months, and either(**) "sed edit
> .pgpass" or send the user an email with the new password.
>
> *Via picking two random words from /usr/share/dict/words, a random 2 digit
> number, concatenated with a period. "openssl rand -base64 48" works, too.
> Got the basics from a StackExchange post.
>
> **Depending on the user
>
> --
> Death to <Redacted>, and butter sauce.
> Don't boil me, I'm still alive.
> <Redacted> lobster!
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mike L | 2025-02-26 20:16:20 | Create Publication v12 |
| Previous Message | Ron Johnson | 2025-02-26 19:27:52 | Re: Super user password explicit in patroni yml |