Re: pg_hba.conf directory?

On 11/09/2012 04:49 AM, Matt Zagrabelny wrote:
> Hello,
>
> I've searched the mailing list archives and google regarding using a
> directory to contain pg_hba.conf snippets. Does such a feature exist
> for any version of PG?
If I understand you correctly, you want a `pg_hba.conf.d` where
PostgreSQL reads every file in `pg_hba.conf.d` in alphabetical order and
concatenates it to the contents of `pg_hba.conf`? So effectively you can
create a `pg_hba.conf` from a bunch of small files?

If so: No, there is no such feature in PostgreSQL. You might be able to
come up with a convincing argument for the creation of one, especially
if you made it generic enough that it also worked for postgresql.conf,
but you probably won't get enough interest for someone else to write it.
If you want the feature you'll probably need to write it yourself -
after asking on pgsql-hackers to make sure there are no objections to
the idea and that your design is reasonable.

What you CAN do is simulate the feature using init scripts. Have your
PostgreSQL start/stop scripts do something like:

cat pg_hba.conf.head pg_hba.conf.d/* pg_hba.conf.tail > pg_hba.conf

(Note that the glob will sort alphabetically at least in bash; see
http://superuser.com/questions/192280/does-bashs-match-files-in-alphanumeric-order)

Make sure to put prominent comments in pg_hba.conf.head and
pg_hba.conf.tail that explain that pg_hba.conf is a generated file, so
people don't edit it then wonder why it's overwritten.

You'll need to provide a "reload" command that rewrites pg_hba.conf and
then signals PostgreSQL to reload or uses pg_ctl reload, as well as the
usual start and stop commands.

--
Craig Ringer