Hey,
some points on PostgreSQL & documentation.
1) I was working on separating PostgreSQL on another system as a base
for redundancy/clusters. I got it working now in Ansible for both Ubuntu
& openSUSE Leap (devel branch, hopefully merged soon).
Basically the additional steps are the following:
- Set "listen_addresses = '*'" and "password_encryption = scram-sha-256"
in postgresql.conf. If using openSUSE create selfsigned cert/key and set
paths as well because ssl is off and snakeoil certs don't exist by default.
- Set a password when creating the postgresql role
- Set a pg_hba.conf line like "hostssl health tryton
10.13.13.102/24 scram-sha-256"
- At HMIS set the Postgresql URI like postgresql://tryton:password@domain/
Then the database can be at another system, only be accessed from the
given IP & user+pw+db, SSL is used and the password is stored securely.
2) I will document this in detail as soon as possible but I will be on
vacation and it might last until april to have it ready. Besides I can
add stuff I did like using directories in /etc/, /var/log/ & /var/lib/
without read access for other users for vanilla installation and further
PostgreSQL/Apache/Nginx configurations.
3) What about starting a new HMIS documentation using Python Sphinx with
RTD themes? If someone writes a new chapter as a single .rst file it can
easily be integrated (and html re-generated from everything).
I could make a start together with a renewed installation chapter. If
you don't know Sphinx & RTD theme by name have a look here, but you
probably already saw it at other documentations:
https://geraldwiese.gitlab.io/gnuhealth-automatic-deployment/index.html
Greets
Gerald
