jasonheecs · February 13, 2019 15:26
diff --git a/pg_hba.conf b/pg_hba.conf
 # Alternatively, you can write an IP address and netmask in separate
 # columns to specify the set of hosts.  Instead of a CIDR-address, you
 # can write "samehost" to match any of the server's own IP addresses,
 # or "samenet" to match any address in any subnet that the server is
 # directly connected to.
 #
 # METHOD can be "trust", "reject", "md5", "password", "scram-sha-256",
 # "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert".
 # Note that "password" sends passwords in clear text; "md5" or
 # "scram-sha-256" are preferred since they send encrypted passwords.
 #
 # OPTIONS are a set of options for the authentication in the format
 # NAME=VALUE.  The available options depend on the different
 # authentication methods -- refer to the "Client Authentication"
 # section in the documentation for a list of which options are
 # available for which authentication methods.
 #
 # Database and user names containing spaces, commas, quotes and other
 # special characters must be quoted.  Quoting one of the keywords
 # "all", "sameuser", "samerole" or "replication" makes the name lose
 # its special character, and just match a database or username with
 # that name.
 #
 # This file is read on server startup and when the server receives a
 # SIGHUP signal.  If you edit the file on a running system, you have to
 # SIGHUP the server for the changes to take effect, run "pg_ctl reload",
 # or execute "SELECT pg_reload_conf()".
 #
 # Put your actual configuration here
 # ----------------------------------
 #
 # If you want to allow non-local connections, you need to add more
 # "host" records.  In that case you will also need to make PostgreSQL
 # listen on a non-local interface via the listen_addresses
 # configuration parameter, or via the -i or -h command line switches.




 # DO NOT DISABLE!
 # If you change this first entry you will need to make sure that the
 # database superuser can access the database using some other method.
 # Noninteractive access to all databases is required during automatic
 # maintenance (custom daily cronjobs, replication, and similar tasks).
 #
 # Database administrative login by Unix domain socket
 local   all             postgres                                trust

 # TYPE  DATABASE        USER            ADDRESS                 METHOD

 # "local" is for Unix domain socket connections only
 local   all             all                                     peer
 # IPv4 local connections:
 host    all             all             127.0.0.1/32            trust
 # IPv6 local connections:
 host    all             all             ::1/128                 trust
 # Allow replication connections from localhost, by a user with the
 # replication privilege.
 local   replication     all                                     peer
 host    replication     all             127.0.0.1/32            md5
 host    replication     all             ::1/128                 md5
	# Alternatively, you can write an IP address and netmask in separate
	# columns to specify the set of hosts. Instead of a CIDR-address, you
	# can write "samehost" to match any of the server's own IP addresses,
	# or "samenet" to match any address in any subnet that the server is
	# directly connected to.
	#
	# METHOD can be "trust", "reject", "md5", "password", "scram-sha-256",
	# "gss", "sspi", "ident", "peer", "pam", "ldap", "radius" or "cert".
	# Note that "password" sends passwords in clear text; "md5" or
	# "scram-sha-256" are preferred since they send encrypted passwords.
	#
	# OPTIONS are a set of options for the authentication in the format
	# NAME=VALUE. The available options depend on the different
	# authentication methods -- refer to the "Client Authentication"
	# section in the documentation for a list of which options are
	# available for which authentication methods.
	#
	# Database and user names containing spaces, commas, quotes and other
	# special characters must be quoted. Quoting one of the keywords
	# "all", "sameuser", "samerole" or "replication" makes the name lose
	# its special character, and just match a database or username with
	# that name.
	#
	# This file is read on server startup and when the server receives a
	# SIGHUP signal. If you edit the file on a running system, you have to
	# SIGHUP the server for the changes to take effect, run "pg_ctl reload",
	# or execute "SELECT pg_reload_conf()".
	#
	# Put your actual configuration here
	# ----------------------------------
	#
	# If you want to allow non-local connections, you need to add more
	# "host" records. In that case you will also need to make PostgreSQL
	# listen on a non-local interface via the listen_addresses
	# configuration parameter, or via the -i or -h command line switches.




	# DO NOT DISABLE!
	# If you change this first entry you will need to make sure that the
	# database superuser can access the database using some other method.
	# Noninteractive access to all databases is required during automatic
	# maintenance (custom daily cronjobs, replication, and similar tasks).
	#
	# Database administrative login by Unix domain socket
	local all postgres trust

	# TYPE DATABASE USER ADDRESS METHOD

	# "local" is for Unix domain socket connections only
	local all all peer
	# IPv4 local connections:
	host all all 127.0.0.1/32 trust
	# IPv6 local connections:
	host all all ::1/128 trust
	# Allow replication connections from localhost, by a user with the
	# replication privilege.
	local replication all peer
	host replication all 127.0.0.1/32 md5
	host replication all ::1/128 md5