trevor/links
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

secrutiry update
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
Andrey K. Choi
2025-11-04 13:44:00 +09:00
parent 2b3cb736d5
commit 735c1984f9
9 changed files with 705 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
database/pg_hba.conf Normal file
View File

@@ -0,0 +1,24 @@
# PostgreSQL Client Authentication Configuration
# Security-hardened for CatLink Production
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all postgres peer
local links_db links_user scram-sha-256
# IPv4 local connections:
host links_db links_user 127.0.0.1/32 scram-sha-256
# IPv6 local connections:
host links_db links_user ::1/128 scram-sha-256
# Docker network connections (текущая сеть links_default: 172.19.0.0/16)
host links_db links_user 172.19.0.0/16 scram-sha-256
# Новая защищенная сеть catlink-network: 172.20.0.0/16
host links_db links_user 172.20.0.0/16 scram-sha-256
# Deny all other connections
host all all 0.0.0.0/0 reject
host all all ::/0 reject