diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/nixos/modules/services/databases/postgresql.nix')
-rw-r--r-- | infra/libkookie/nixpkgs/nixos/modules/services/databases/postgresql.nix | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/infra/libkookie/nixpkgs/nixos/modules/services/databases/postgresql.nix b/infra/libkookie/nixpkgs/nixos/modules/services/databases/postgresql.nix index 5056d50153f6..f582b0592774 100644 --- a/infra/libkookie/nixpkgs/nixos/modules/services/databases/postgresql.nix +++ b/infra/libkookie/nixpkgs/nixos/modules/services/databases/postgresql.nix @@ -69,11 +69,16 @@ in type = types.lines; default = ""; description = '' - Defines how users authenticate themselves to the server. By - default, "trust" access to local users will always be granted - along with any other custom options. If you do not want this, - set this option using "lib.mkForce" to override this - behaviour. + Defines how users authenticate themselves to the server. See the + <link xlink:href="https://www.postgresql.org/docs/current/auth-pg-hba-conf.html"> + PostgreSQL documentation for pg_hba.conf</link> + for details on the expected format of this option. By default, + peer based authentication will be used for users connecting + via the Unix socket, and md5 password authentication will be + used for users connecting via TCP. Any added rules will be + inserted above the default rules. If you'd like to replace the + default rules entirely, you can use <function>lib.mkForce</function> in your + module. ''; }; |