. /etc/sysconfig/postgresql
else
ALLOW_TCP_CONNECTIONS=no
- POSTGRES_DATA_DIR=/var/lib/psql
+ ALLOW_USE_SSL=no
+ POSTGRES_DATA_DIR=/var/lib/pgsql
POSTGRES_LOG=/var/log/pgsql
fi
if [ -f /var/lock/subsys/postgresql ]; then
msg_Already_Running PostgreSQL
else
+ if is_yes "$ALLOW_USE_SSL"; then
+ if is_no "$ALLOW_TCP_CONNECTIONS"; then
+ nls "You must enable ALLOW_TCP_CONNECTIONS in order to use SSL"
+ exit 1
+ elif [ ! -f "$POSTGRES_DATA_DIR/server.key" ]; then
+ nls "$POSTGRES_DATA_DIR/server.key not found!"
+ exit 1
+ elif [ ! -f "$POSTGRES_DATA_DIR/server.crt" ]; then
+ nls "$POSTGRES_DATA_DIR/server.crt not found!"
+ exit 1
+ fi
+ fi
+
# Sanity check
[ -f /tmp/.s.PGSQL.5432 ] || rm -f /tmp/.s.PGSQL.5432
msg_starting PostgreSQL
busy
PGSQL_CMDLINE="$([ -n "$POSTGRES_DATA_DIR" ] && echo "-D $POSTGRES_DATA_DIR") \
- $([ "$POSTGRES_QUIET". = yes. ] && echo '-s')";
+ $(is_yes "$POSTGRES_QUIET" && echo '-s')";
POSTMASTER_OPTIONS=" \
- $([ "$POSTGRES_QUIET". = yes. ] && echo '-S') \
- $([ "$POSTGRES_DISABLE_FSYNC". = yes. ] && echo '-F') \
- $([ "$ALLOW_TCP_CONNECTIONS". = yes. ] && echo '-i')";
+ $(is_yes "$POSTGRES_QUIET" && echo '-S') \
+ $(is_yes "$POSTGRES_DISABLE_FSYNC" && echo '-F') \
+ $(is_yes "$ALLOW_TCP_CONNECTIONS" && echo '-i') \
+ $(is_yes "$ALLOW_USE_SSL" && echo '-l')";
TMPDIR=/tmp su postgres -c "\
$(echo "/usr/bin/pg_ctl start $PGSQL_CMDLINE -l $POSTGRES_LOG") \
# only on unix socket
ALLOW_TCP_CONNECTIONS=no
+# Allow using SSL on TCP connections. Requires ALLOW_TCP_CONNECTIONS to be
+# set to yes. Also, you must supply key and certificate files
+# ($POSTGRES_DATA_DIR/server.{key,crt})
+ALLOW_USE_SSL=no
+
# Disable automatic fsync() call after each transac tion. This option
# improves performance, but an operating system crash while a transaction is
# in progress will probably cause data loss.