CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-09 06:11:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
868cd1187431b0f99a74e0f35fd6526f6c70eeee
securityonion/salt/postgres/defaults.yaml
Mike Reeves 868cd11874 Add so-postgres Salt states and integration wiring 
Phase 1 of the PostgreSQL central data platform:
- Salt states: init, enabled, disabled, config, ssl, auth, sostatus
- TLS via SO CA-signed certs with postgresql.conf template
- Two-tier auth: postgres superuser + so_postgres application user
- Firewall restricts port 5432 to manager-only (HA-ready)
- Wired into top.sls, pillar/top.sls, allowed_states, firewall
  containers map, docker defaults, CA signing policies, and setup
  scripts for all manager-type roles
2026-04-08 10:58:52 -04:00

15 lines
345 B
YAML
Raw Blame History

postgres:
enabled: False
config:
listen_addresses: '*'
port: 5432
max_connections: 100
shared_buffers: 256MB
ssl: 'on'
ssl_cert_file: '/conf/postgres.crt'
ssl_key_file: '/conf/postgres.key'
ssl_ca_file: '/conf/ca.crt'
log_destination: 'stderr'
logging_collector: 'off'
log_min_messages: 'warning'
Reference in New Issue View Git Blame Copy Permalink