Skip to content

Single Node Docker Advanced Configuration

Audience: System Administrators

Content Summary: This Immuta Single Node Docker installation has advanced configuration options.

Custom pg_hba.conf Rules

To support Query Engine Authentication, the Single Node Docker installation provides a method to configure your own pg_hba.conf rules. Custom pg_hba.conf rules are appended to the top of the default pg_hba.conf file. pg_hba.conf rules are evaluated from top to bottom, selecting the first match. See the instructions below for enabling custom pg_hba.conf rules:

Ensure ${IMMUTA_HOME} is configured

Prior to executing any of the advanced configuration commands below, ensure your ${IMMUTA_HOME} environment variable is properly set.

env | grep 'IMMUTA_'

If not set, re-source your immuta-env file as detailed in Single Node Docker Install, Step 2.

  1. Create a text-file containing your pg_hba.conf rules at ${IMMUTA_HOME}/volumes/db/custom_pg_hba.conf.


    host immuta +<IAMID>_user ldap ldapserver="<LDAP SERVER>" ldapbinddn="<BIND DN>" ldapbindpasswd="<BIND PASSWORD>" ldapbasedn="<BASE DN>" ldapsearchfilter="<LDAP SEARCH FILTER>"
  2. Set permissions for pg_hba.conf.

    chown 1000:1000 "${IMMUTA_HOME}/volumes/db/custom_pg_hba.conf"
    chmod 600 "${IMMUTA_HOME}/volumes/db/custom_pg_hba.conf"
  3. Add CUSTOM_PG_HBA_FILE environment variable to db service in docker-compose.yaml.

        # ...
          - CUSTOM_PG_HBA_FILE="/var/run/immuta/custom_pg_hba.conf"
          # ...
  4. Add bind mount volume to db service in docker-compose.yaml.

        # ...
          - "<IMMUTA_HOME>/volumes/db/custom_pg_hba.conf:/var/run/immuta/custom_pg_hba.conf"
          # ...
  5. Stop, remove, and then restart containers.

    docker-compose down
    docker-compose up -d