Alexander Kukushkin

One way or another there will be a password stored on FS.

> Can Patroni assist in some way? No. Physical replication doesn't allow that.

It won't disconnect you if the node stopped be synchronous, therefore there is no value in such a feature.

> Web connections usually don't last more than 1 SQL transaction And this is a really bad practice. One should always use the connection pool, either application side or external,...

Hi @german-namestnikov, I will disappoint you, but you haven't discovered anything new. First of all it is possible to protect the REST API with basic auth and/or tls, optionally check...

It is enough to put the following in the config.yam: ```yaml postgresql: parameters: archive_mode: on archive_command: ... ``` The same applies to restore_command and archive_cleanup_command. In order to change the...

Both correct. Also, locally defined postgresql.pg_hba (and pg_ident) will not allow overriding it from DCS.

In postgres the superuser is allowed to do anything. It doesn't need to have `pg_*` roles. These roles allow granting very specific permissions to non-superuser, so they also could call...

Any contributions are always welcome!

Have you seen the issue template? It is _explicitly_ asking you to check Patroni **and Postgres logs**!