brianbroderick
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎chef_postgres/README.md‎
Lines changed: 8 additions & 3 deletions b/‎chef_postgres/README.md‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎chef_postgres/attributes/default.rb‎
Lines changed: 2 additions & 1 deletion b/‎chef_postgres/attributes/default.rb‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎chef_postgres/files/pg_hba.conf‎
Lines changed: 20 additions & 27 deletions b/‎chef_postgres/files/pg_hba.conf‎
Lines changed: 20 additions & 27 deletions
@@ -5,6 +5,7 @@
 \#*#
 .*.sw[a-z]
 *.un~
+*.note
 
 # Bundler
 Gemfile.lock
 
@@ -2,7 +2,10 @@ This cookbook is designed to make it easy to install Postgres 9.1+ on an EC2 Ubu
 
 The root recipes are chef_postgres::master and chef_postgres::standby. Set up the master first. This will create a pg_basebackup dump that is uploaded to S3 (partially using the server_name in the S3 path) along with the settings required for the recovery.conf file on the standby.
 
-Once the master is set up, run chef_postgres::standby. This grabs the backup from S3 and uses this to deploy the standby. 
+Once the master is set up, run chef_postgres::standby. This grabs the backup from S3 and uses this to deploy the standby.
+
+The data_device is for the data drive added to the machine. When you add this in Aws match the last letter from the device name.  i.e.
+Aws drop down option "/dev/sdk" Translates to "/dev/xvdk". It will always be xvd you just have to change the last letter to match. The default is listed below.   
 
 To change the default settings, pass in custom JSON.  These are the defaults:
 
@@ -13,11 +16,13 @@ To change the default settings, pass in custom JSON.  These are the defaults:
     "release_apt_codename": "codename_reported_by_ec2",
     "version": "9.6",
     "workload": "oltp",
+    "data_device": "/dev/xvdl",
+    "rootdrive": "/dev/xvda1"
     "s3":  {
       "region": "",
       "bucket": "",
       "access_key_id": "",
-      "secret_access_key": "" 
+      "secret_access_key": ""
     }
   }  
 }
@@ -33,7 +38,7 @@ For workload, the options are:
 
 "oltp" - Online Transaction Processing
   * Generally CPU or I/O intensive
-  * DB can be slightly larger than RAM 
+  * DB can be slightly larger than RAM
   * Writes are usually small
   * Some long transactions and complex read queries
 
 
@@ -5,10 +5,11 @@
 default["chef_postgres"]["version"] = "9.6"
 default["chef_postgres"]["rh_version"] = node["chef_postgres"]["version"].gsub(/[^0-9]/, "")
 default["chef_postgres"]["workload"] = "oltp"
+default["chef_postgres"]["data_device"] = "/dev/xvdl"
+default["chef_postgres"]["rootdrive"] = "/dev/nvme0n1p1"
 
 version = node["chef_postgres"]["version"]
 
-default["chef_postgres"]["pg_config"]["mount_drive"] = "/dev/xvda1"
 default["chef_postgres"]["pg_config"]["config_directory"] = "/etc/postgresql/#{version}/main"
 default["chef_postgres"]["pg_config"]["original_data_directory"] = "/var/lib/postgresql/#{version}/main"
 default["chef_postgres"]["pg_config"]["data_directory_on_separate_drive"] = true
 
@@ -42,10 +42,10 @@
 # or "samenet" to match any address in any subnet that the server is
 # directly connected to.
 #
-# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
-# "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert".  Note that
-# "password" sends passwords in clear text; "md5" is preferred since
-# it sends encrypted passwords.
+# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256",
+# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert".
+# Note that "password" sends passwords in clear text; "md5" or
+# "scram-sha-256" are preferred since they send encrypted passwords.
 #
 # OPTIONS are a set of options for the authentication in the format
 # NAME=VALUE.  The available options depend on the different
@@ -59,11 +59,11 @@
 # its special character, and just match a database or username with
 # that name.
 #
-# This file is read on server startup and when the postmaster receives
-# a SIGHUP signal.  If you edit the file on a running system, you have
-# to SIGHUP the postmaster for the changes to take effect.  You can
-# use "pg_ctl reload" to do that.
-
+# This file is read on server startup and when the server receives a
+# SIGHUP signal.  If you edit the file on a running system, you have to
+# SIGHUP the server for the changes to take effect, run "pg_ctl reload",
+# or execute "SELECT pg_reload_conf()".
+#
 # Put your actual configuration here
 # ----------------------------------
 #
@@ -72,30 +72,23 @@
 # listen on a non-local interface via the listen_addresses
 # configuration parameter, or via the -i or -h command line switches.
 
+# CAUTION: Configuring the system for local "trust" authentication
+# allows any local user to connect as any PostgreSQL user, including
+# the database superuser.  If you do not trust all your local users,
+# use another authentication method.
 
 
-
-# DO NOT DISABLE!
-# If you change this first entry you will need to make sure that the
-# database superuser can access the database using some other method.
-# Noninteractive access to all databases is required during automatic
-# maintenance (custom daily cronjobs, replication, and similar tasks).
-#
-# Database administrative login by Unix domain socket
-local   all             postgres                                trust
-
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 
 # "local" is for Unix domain socket connections only
-local   all             all                                     md5
+local   all             all                                     trust
+host    all             all             0.0.0.0/0               md5
 # IPv4 local connections:
-host    all             all             127.0.0.1/32            md5
-# IPv4 remote connections - change this line if you want to limit access to specific IP ranges.
-host    all             all             0.0.0.0/0               md5 
+host    all             all             127.0.0.1/32            trust
 # IPv6 local connections:
-host    all             all             ::1/128                 md5
+host    all             all             ::1/128                 trust
 # Allow replication connections from localhost, by a user with the
 # replication privilege.
-#local   replication     postgres                                peer
-#host    replication     postgres        127.0.0.1/32            md5
-#host    replication     postgres        ::1/128                 md5
+local   replication     all                                     trust
+host    replication     all             127.0.0.1/32            trust
+host    replication     all             ::1/128                 trust