Skip to content

enable scram-sha-256 password encryption #713

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

enable scram-sha-256 password encryption #713

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
eb3eeb4
enable scram-sha-256 password encryption
birkb Apr 15, 2020
3c71329
missing whitespace added
birkb Apr 16, 2020
d5e208d
Merge 'upstream/master' into branch
birkb Apr 16, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions docker-entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,15 @@ pg_setup_hba_conf() {
} >> "$PGDATA/pg_hba.conf"
}

# enable scram-sha-256 password encryption based on POSTGRES_HOST_AUTH_METHOD env var
scram-sha-256_postgresql_conf() {
{
if [ "$POSTGRES_HOST_AUTH_METHOD" = 'scram-sha-256' ]; then
sed --in-place 's/#password_encryption = md5/password_encryption = scram-sha-256/' $PGDATA/postgresql.conf
fi
}
}

# start socket-only postgresql server for setting up or running scripts
# all arguments will be passed along as arguments to `postgres` (via pg_ctl)
docker_temp_server_start() {
Expand Down Expand Up @@ -289,6 +298,7 @@ _main() {
ls /docker-entrypoint-initdb.d/ > /dev/null

docker_init_database_dir
scram-sha-256_postgresql_conf
pg_setup_hba_conf

# PGPASSWORD is required for psql when authentication is required for 'local' connections via pg_hba.conf and is otherwise harmless
Expand Down