password_encryption cannot be set as allowed by postgres12

[neiaberau]

postgresql.conf-12.j2:password_encryption = {{ 'on' if postgresql_password_encryption else 'off' }} # md5 or scram-sha-256
postgresql.conf-12.orig:#password_encryption = md5 # md5 or scram-sha-256

if I understand this correct, only on or off can be set, while postgres prefers md5 or scram-sha-256

from https://www.postgresql.org/docs/12/runtime-config-connection.html:
The default value is md5, which stores the password as an MD5 hash (on is also accepted, as alias for md5). Setting this parameter to scram-sha-256 will encrypt the password with SCRAM-SHA-256.

[maglub]

Hi, the same goes for the postgresql.conf-11.j2 config file.

Valid values should be:

• on or md5
• scram-sha-256
• ""

[sa3mlk]

FWIW, the issue seems to be resolved in PR #470 for postgresql 11, however the template for postgresql 12 needs to be updated too with the same change.

[maglub]

The PR #470 is a blanket change, with more than just the template, but has a good solution:

password_encryption = {{ postgresql_password_encryption if postgresql_password_encryption else 'off' }}		# md5 or scram-sha-256

[egmont1227]

This is fixed with #460 and sane defaults are waiting in #507

This can be closed then.

[maglub]

Closing