1 # PostgreSQL Client Authentication Configuration File
2 # ===================================================
3 # 4 # Refer to the PostgreSQL Administrator's Guide, chapter "Client
5 # Authentication" for a complete description. A short synopsis
6 # follows.
7 #
8 # This file controls: which hosts are allowed to connect, how clients
9 # are authenticated, which PostgreSQL user names they can use, which
10 # databases they can access. Records take one of these forms:
11 # 12 # local DATABASE USER METHOD [OPTION]
13 # host DATABASE USER CIDR-ADDRESS METHOD [OPTION]
14 # hostssl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
15 # hostnossl DATABASE USER CIDR-ADDRESS METHOD [OPTION]
16 #
17 # (The uppercase items must be replaced by actual values.)
18 #
19 # The first field is the connection type: "local" is a Unix-domain socket,
20 # "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
21 # SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
22 # 23 # DATABASE can be "all", "sameuser", "samegroup", a database name, or
24 # a comma-separated list thereof.
25 #
26 # USER can be "all", a user name, a group name prefixed with "+", or
27 # a comma-separated list thereof. In both the DATABASE and USER fields
28 # you can also write a file name prefixed with "@" to include names from
29 # a separate file.
30 #
31 # CIDR-ADDRESS specifies the set of hosts the record matches.
32 # It is made up of an IP address and a CIDR mask that is an integer
33 # (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies
34 # the number of significant bits in the mask. Alternatively, you can write
35 # an IP address and netmask in separate columns to specify the set of hosts.
36 #
37 # METHOD can be "trust", "reject", "md5", "crypt", "password",
38 # "krb4", "krb5", "ident", or "pam". Note that "password" sends passwords
39 # in clear text; "md5" is preferred since it sends encrypted passwords.
40 #
41 # OPTION is the ident map or the name of the PAM service, depending on METHOD.
42 #
43 # Database and user names containing spaces, commas, quotes and other special
44 # characters must be quoted. Quoting one of the keywords "all", "sameuser" or
45 # "samegroup" makes the name lose its special character, and just match a
46 # database or username with that name.
47 #
48 # This file is read on server startup and when the postmaster receives
49 # a SIGHUP signal. If you edit the file on a running system, you have
50 # to SIGHUP the postmaster for the changes to take effect. You can use
51 # "pg_ctl reload" to do that.
52
53 # Put your actual configuration here
54 # ----------------------------------
55 #
56 # If you want to allow non-local connections, you need to add more
57 # "host" records. In that case you will also need to make PostgreSQL listen
58 # on a non-local interface via the listen_addresses configuration parameter,
59 # or via the -i or -h command line switches.
60 #
61
62
63
64 # TYPE DATABASE USER CIDR-ADDRESS METHOD
65
66 # "local" is for Unix domain socket connections only
67 local all all trust
68 # IPv4 local connections:
69 host all all 127.0.0.1/32 trust
70
71 host all all 192.168.0.0/24 trust
72
73 host all all 38.99.91.47 255.255.255.255 trust
74 host all all 38.99.91.48 255.255.255.255 trust
75 host all all 38.99.91.49 255.255.255.255 trust
76 host all all 38.99.91.50 255.255.255.255 trust
77
78 # IPv6 local connections:
79 #host all all ::1/128 ident sameuser

以下　postgresql.conf

1 # -----------------------------
2 # PostgreSQL configuration file
3 # -----------------------------
4 #
5 # This file consists of lines of the form:
6 #
7 # name = value
8 #
9 # (The '=' is optional.) White space may be used. Comments are introduced
10 # with '#' anywhere on a line. The complete list of option names and
11 # allowed values can be found in the PostgreSQL documentation. The
12 # commented-out settings shown in this file represent the default values.
13 #
14 # Please note that re-commenting a setting is NOT sufficient to revert it
15 # to the default value, unless you restart the postmaster.
16 #
17 # Any option can also be given as a command line switch to the
18 # postmaster, e.g. 'postmaster -c log_connections=on'. Some options
19 # can be changed at run-time with the 'SET' SQL command.
20 #
21 # This file is read on postmaster startup and when the postmaster
22 # receives a SIGHUP. If you edit the file on a running system, you have
23 # to SIGHUP the postmaster for the changes to take effect, or use
24 # "pg_ctl reload". Some settings, such as listen_addresses, require
25 # a postmaster shutdown and restart to take effect.
26
27
28 #---------------------------------------------------------------------------
29 # FILE LOCATIONS
30 #---------------------------------------------------------------------------
31
32 # The default values of these variables are driven from the -D command line
33 # switch or PGDATA environment variable, represented here as ConfigDir.
34 # data_directory = 'ConfigDir' # use data in another directory
35 # hba_file = 'ConfigDir/pg_hba.conf' # the host-based authentication file
36 # ident_file = 'ConfigDir/pg_ident.conf' # the IDENT configuration file
37
38 # If external_pid_file is not explicitly set, no extra pid file is written.
39 # external_pid_file = '(none)' # write an extra pid file
40
41
42 #---------------------------------------------------------------------------
43 # CONNECTIONS AND AUTHENTICATION
44 #---------------------------------------------------------------------------
45
46 # - Connection Settings -
47
48 listen_addresses = '*' # what IP interface(s) to listen on;
49 # defaults to localhost, '*' = any
50 #port = 5432
51 max_connections = 100
52 # note: increasing max_connections costs about 500 bytes of shared
53 # memory per connection slot, in addition to costs from shared_buffers
54 # and max_locks_per_transaction.
55 #superuser_reserved_connections = 2
56 #unix_socket_directory = ''
57 #unix_socket_group = ''
58 #unix_socket_permissions = 0777 # octal
59 #rendezvous_name = '' # defaults to the computer name
60
61 # - Security & Authentication -
62
63 #authentication_timeout = 60 # 1-600, in seconds
64 #ssl = false
65 #password_encryption = true
66 #krb_server_keyfile = ''
67 #db_user_namespace = false
68
69
70 #---------------------------------------------------------------------------
71 # RESOURCE USAGE (except WAL)
72 #---------------------------------------------------------------------------
73
74 # - Memory -
75
76 shared_buffers = 1000 # min 16, at least max_connections*2, 8KB each
77 #work_mem = 1024 # min 64, size in KB
78 #maintenance_work_mem = 16384 # min 1024, size in KB
79 #max_stack_depth = 2048 # min 100, size in KB
80
81 # - Free Space Map -
82
83 #max_fsm_pages = 20000 # min max_fsm_relations*16, 6 bytes each
84 #max_fsm_relations = 1000 # min 100, ~50 bytes each
85
86 # - Kernel Resource Usage -
87
88 #max_files_per_process = 1000 # min 25
89 #preload_libraries = ''
90
91 # - Cost-Based Vacuum Delay -
92
93 #vacuum_cost_delay = 0 # 0-1000 milliseconds
94 #vacuum_cost_page_hit = 1 # 0-10000 credits
95 #vacuum_cost_page_miss = 10 # 0-10000 credits
96 #vacuum_cost_page_dirty = 20 # 0-10000 credits
97 #vacuum_cost_limit = 200 # 0-10000 credits
98
99 # - Background writer -
100
101 #bgwriter_delay = 200 # 10-10000 milliseconds between rounds
102 #bgwriter_percent = 1 # 0-100% of dirty buffers in each round
103 #bgwriter_maxpages = 100 # 0-1000 buffers max per round
104
105
106 #---------------------------------------------------------------------------
107 # WRITE AHEAD LOG
108 #---------------------------------------------------------------------------
109
110 # - Settings -
111
112 #fsync = true # turns forced synchronization on or off
113 #wal_sync_method = fsync # the default varies across platforms:
114 # fsync, fdatasync, fsync_writethrough,
115 # open_sync, open_datasync
116 #wal_buffers = 8 # min 4, 8KB each
117 #commit_delay = 0 # range 0-100000, in microseconds
118 #commit_siblings = 5 # range 1-1000
119
120 # - Checkpoints -
121
122 #checkpoint_segments = 3 # in logfile segments, min 1, 16MB each
123 #checkpoint_timeout = 300 # range 30-3600, in seconds
124 #checkpoint_warning = 30 # 0 is off, in seconds
125
126 # - Archiving -
127
128 #archive_command = '' # command to use to archive a logfile segment
129
130
131 #---------------------------------------------------------------------------
132 # QUERY TUNING
133 #---------------------------------------------------------------------------
134
135 # - Planner Method Configuration -
136
137 #enable_hashagg = true
138 #enable_hashjoin = true
139 #enable_indexscan = true
140 #enable_mergejoin = true
141 #enable_nestloop = true
142 #enable_seqscan = true
143 #enable_sort = true
144 #enable_tidscan = true
145
146 # - Planner Cost Constants -
147
148 #effective_cache_size = 1000 # typically 8KB each
149 #random_page_cost = 4 # units are one sequential page fetch cost
150 #cpu_tuple_cost = 0.01 # (same)
151 #cpu_index_tuple_cost = 0.001 # (same)
152 #cpu_operator_cost = 0.0025 # (same)
153
154 # - Genetic Query Optimizer -
155
156 #geqo = true
157 #geqo_threshold = 12
158 #geqo_effort = 5 # range 1-10
159 #geqo_pool_size = 0 # selects default based on effort
160 #geqo_generations = 0 # selects default based on effort
161 #geqo_selection_bias = 2.0 # range 1.5-2.0
162
163 # - Other Planner Options -
164
165 #default_statistics_target = 10 # range 1-1000
166 #from_collapse_limit = 8
167 #join_collapse_limit = 8 # 1 disables collapsing of explicit JOINs
168
169
170 #---------------------------------------------------------------------------
171 # ERROR REPORTING AND LOGGING
172 #---------------------------------------------------------------------------
173
174 # - Where to Log -
175
176 #log_destination = 'stderr' # Valid values are combinations of stderr,
177 # syslog and eventlog, depending on
178 # platform.
179
180 # This is relevant when logging to stderr:
181 redirect_stderr = true # Enable capturing of stderr into log files.
182 # These are only relevant if redirect_stderr is true:
183 log_directory = 'pg_log' # Directory where log files are written.
184 # May be specified absolute or relative to PGDATA
185 log_filename = 'postgresql-%a.log' # Log file name pattern.
186 # May include strftime() escapes
187 log_truncate_on_rotation = true # If true, any existing log file of the
188 # same name as the new log file will be truncated
189 # rather than appended to. But such truncation
190 # only occurs on time-driven rotation,
191 # not on restarts or size-driven rotation.
192 # Default is false, meaning append to existing
193 # files in all cases.
194 log_rotation_age = 1440 # Automatic rotation of logfiles will happen after
195 # so many minutes. 0 to disable.
196 log_rotation_size = 0 # Automatic rotation of logfiles will happen after
197 # so many kilobytes of log output. 0 to disable.
198
199 # These are relevant when logging to syslog:
200 #syslog_facility = 'LOCAL0'
201 #syslog_ident = 'postgres'
202
203
204 # - When to Log -
205
206 #client_min_messages = notice # Values, in order of decreasing detail:
207 # debug5, debug4, debug3, debug2, debug1,
208 # log, notice, warning, error
209
210 #log_min_messages = notice # Values, in order of decreasing detail:
211 # debug5, debug4, debug3, debug2, debug1,
212 # info, notice, warning, error, log, fatal,
213 # panic
214
215 #log_error_verbosity = default # terse, default, or verbose messages
216
217 #log_min_error_statement = panic # Values in order of increasing severity:
218 # debug5, debug4, debug3, debug2, debug1,
219 # info, notice, warning, error, panic(off)
220
221 #log_min_duration_statement = -1 # -1 is disabled, in milliseconds.
222
223 silent_mode = on # DO NOT USE without syslog or redirect_stderr
224
225 # - What to Log -
226
227 #debug_print_parse = false
228 #debug_print_rewritten = false
229 #debug_print_plan = false
230 #debug_pretty_print = false
231 #log_connections = false
232 #log_disconnections = false
233 #log_duration = false
234 #log_line_prefix = '' # e.g. '<%u%%%d> '
235 # %u=user name %d=database name
236 # %r=remote host and port
237 # %p=PID %t=timestamp %i=command tag
238 # %c=session id %l=session line number
239 # %s=session start timestamp %x=transaction id
240 # %q=stop here in non-session processes
241 # %%='%'
242 #log_statement = 'none' # none, mod, ddl, all
243 #log_hostname = false
244
245
246 #---------------------------------------------------------------------------
247 # RUNTIME STATISTICS
248 #---------------------------------------------------------------------------
249
250 # - Statistics Monitoring -
251
252 #log_parser_stats = false
253 #log_planner_stats = false
254 #log_executor_stats = false
255 #log_statement_stats = false
256
257 # - Query/Index Statistics Collector -
258
259 #stats_start_collector = true
260 #stats_command_string = false
261 #stats_block_level = false
262 #stats_row_level = false
263 #stats_reset_on_server_start = true
264
265
266 #---------------------------------------------------------------------------
267 # CLIENT CONNECTION DEFAULTS
268 #---------------------------------------------------------------------------
269
270 # - Statement Behavior -
271
272 #search_path = '$user,public' # schema names
273 #default_tablespace = '' # a tablespace name, or '' for default
274 #check_function_bodies = true
275 #default_transaction_isolation = 'read committed'
276 #default_transaction_read_only = false
277 #statement_timeout = 0 # 0 is disabled, in milliseconds
278
279 # - Locale and Formatting -
280
281 #datestyle = 'iso, mdy'
282 #timezone = unknown # actually, defaults to TZ environment setting
283 #australian_timezones = false
284 #extra_float_digits = 0 # min -15, max 2
285 #client_encoding = sql_ascii # actually, defaults to database encoding
286
287 # These settings are initialized by initdb -- they might be changed
288 lc_messages = 'ja_JP.eucJP' # locale for system error message strings
289 lc_monetary = 'ja_JP.eucJP' # locale for monetary formatting
290 lc_numeric = 'ja_JP.eucJP' # locale for number formatting
291 lc_time = 'ja_JP.eucJP' # locale for time formatting
292
293 # - Other Defaults -
294
295 #explain_pretty_print = true
296 #dynamic_library_path = '$libdir'
297
298
299 #---------------------------------------------------------------------------
300 # LOCK MANAGEMENT
301 #---------------------------------------------------------------------------
302
303 #deadlock_timeout = 1000 # in milliseconds
304 #max_locks_per_transaction = 64 # min 10, ~200*max_connections bytes each
305
306
307 #---------------------------------------------------------------------------
308 # VERSION/PLATFORM COMPATIBILITY
309 #---------------------------------------------------------------------------
310
311 # - Previous Postgres Versions -
312
313 #add_missing_from = true
314 #regex_flavor = advanced # advanced, extended, or basic
315 #sql_inheritance = true
316 #default_with_oids = true
317
318 # - Other Platforms & Clients -
319
320 #transform_null_equals = false