{%- from "postgres/map.jinja" import postgres with context -%}

######################################################################
# ATTENTION! Managed by SaltStack.                                   #
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN! #
######################################################################
#
# PostgreSQL Client Authentication Configuration File
# ===================================================
#
# Refer to the "Client Authentication" section in the PostgreSQL
# documentation for a complete description of this file.

# DO NOT DISABLE!
# If you change this first entry you will need to make sure that the
# database superuser can access the database using some other method.
# Noninteractive access to all databases is required during automatic
# maintenance (custom daily cronjobs, replication, and similar tasks).

# Database administrative login by Unix domain socket
local   all             postgres                                peer

# TYPE  DATABASE        USER            ADDRESS                 METHOD

{%- for acl in postgres.acls %}
  {%- if acl|first() == 'local' %}

    {%- if acl|length() == 3 %}
      {%- do acl.extend(['', 'md5']) %}
    {%- elif acl|length() == 4 %}
      {%- do acl.insert(3, '') %}
    {%- endif %}

  {%- else %}

    {%- if acl|length() == 4 %}
      {%- do acl.append('md5') %}
    {%- endif %}

  {%- endif %}
{{ '{0:<7} {1:<15} {2:<15} {3:<23} {4}'.format(*acl) -}}
{% endfor %}