1. 07 Jul, 2020 1 commit
  2. 06 Jul, 2020 1 commit
  3. 29 Jun, 2020 1 commit
  4. 26 Jun, 2020 1 commit
  5. 03 Jun, 2020 2 commits
  6. 19 May, 2020 1 commit
  7. 15 May, 2020 2 commits
  8. 12 May, 2020 1 commit
  9. 24 Apr, 2020 1 commit
  10. 01 Apr, 2020 2 commits
  11. 26 Mar, 2020 1 commit
    • Tomas's avatar
      allow rootless user (#414) · 01a3a99d
      Tomas authored
      When not run under root (UID=0):
      - "$RW_DIR" and "$PGHOME" are owned by GID 0
      - "/etc/passwd" is updated to reflect assigned UID for user postgres
      - "write_certificates" function in 'configure_spilo.py' obtains postgres UID and sets key ownership
      - SSL CERT/KEY moves to "$RW_DIR/certs"
      01a3a99d
  12. 23 Mar, 2020 1 commit
  13. 20 Mar, 2020 1 commit
  14. 18 Mar, 2020 2 commits
  15. 13 Mar, 2020 2 commits
    • Andras Vaczi's avatar
      Install pglogical package for version 12 (#415) · 3c7e36ed
      Andras Vaczi authored
      * Install pglogical package for version 12
      * Add pg-checksums
      3c7e36ed
    • Alexander Kukushkin's avatar
      Renice without root (#418) · bf51618e
      Alexander Kukushkin authored
      1. Setup the renice cron job as a postgres user if the container is running with CAP_SYS_NICE. In order to be able to set negative and rt priorities without root, we set cap_sys_nice on chrt and renice tools.
      
      2. The SUID bit on cron daemon makes it possible to start it from non-root user, what will help to simplify #414
      
      3. Unrelated change: added tablefunc to the extwlist.extensions
      bf51618e
  16. 28 Feb, 2020 1 commit
  17. 13 Feb, 2020 1 commit
  18. 09 Dec, 2019 1 commit
  19. 06 Dec, 2019 1 commit
  20. 05 Dec, 2019 2 commits
  21. 03 Dec, 2019 3 commits
    • zimbatm's avatar
      handle TLS certificate rotation (#373) · d9592d9a
      zimbatm authored
      When the SSL_PRIVATE_KEY_FILE is not a self-generated certificate, the file can change over time. But right now postgresql doesn't know about it and won't load the new certificate automatically.
      
      This PR introduces a bit of a polling approach to solve that problem. Every 5 minutes it will have a look if the certificate has changed within that interval and trigger a `pg_ctl reload` if yes. There are possibly smarter approaches like listen on inotify events but this has the advantage that no additional process needs to be running and running a bash script every 5 minutes is quite lite-weight.
      d9592d9a
    • sulphur's avatar
      add possibility to configure ETCD via url or proxy url (#382) · 59cac055
      sulphur authored
      This adds a possibility to configure ETCD via URL or proxy as well as permits specifying SSL certificates for ETCD connection. 
      
      Fixes #381 
      59cac055
    • Sergey Dudoladov's avatar
      grant execute on pg_stat_statements_reset() to admin (#386) · ad139c9c
      Sergey Dudoladov authored
      enables `admin` to reset statistics at their own discretion
      ad139c9c
  22. 12 Nov, 2019 2 commits
  23. 06 Nov, 2019 1 commit
  24. 01 Nov, 2019 3 commits
  25. 31 Oct, 2019 2 commits
  26. 21 Oct, 2019 1 commit
  27. 23 Sep, 2019 2 commits