From 4ab67d12f7bc4858028b5f55342d3623ecd381d7 Mon Sep 17 00:00:00 2001 From: ace Date: Tue, 9 Apr 2024 16:19:46 +0300 Subject: [PATCH] make TLS optional --- defaults/main.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/defaults/main.yaml b/defaults/main.yaml index df44f27..34b9b41 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -14,19 +14,19 @@ pgbouncer_max_db_connections: 1000 pgbouncer_default_pool_size: 20 pgbouncer_reserve_pool_size: 5 pgbouncer_default_pool_mode: "session" -pgbouncer_ignore_startup_parameters: "extra_float_digits,geqo" +pgbouncer_ignore_startup_parameters: "extra_float_digits,geqo,search_path" pgbouncer_auth_type: "hba" pgbouncer_auth_user: "{{ pgbouncer_postgresql_superuser_username }}" pgbouncer_auth_hba_file: "{{ pgbouncer_postgresql_config_cluster_dir }}/pg_hba.conf" pgbouncer_auth_file_name: "userlist.txt" pgbouncer_auth_file: "{{ pgbouncer_conf_dir }}/{{ pgbouncer_auth_file_name }}" pgbouncer_admin_users: "postgres" -pgbouncer_client_tls_sslmode: "require" +pgbouncer_client_tls_sslmode: "prefer" pgbouncer_client_tls_key_file: "/etc/pki/tls/private/cert.key" pgbouncer_client_tls_cert_file: "/etc/pki/tls/cert/cert.crt" pgbouncer_client_tls_protocols: "tlsv1.3" pgbouncer_client_tls_ciphers: "secure" -pgbouncer_server_tls_sslmode: "require" +pgbouncer_server_tls_sslmode: "prefer" pgbouncer_server_tls_key_file: "/etc/pki/tls/private/cert.key" pgbouncer_server_tls_cert_file: "/etc/pki/tls/cert/cert.crt" pgbouncer_server_tls_protocols: "tlsv1.3"