Postgres currently trusts all local connections to the database since I can't get Unicorn to supply a password at runtime. This is fine while there is only one app running on the server but it is probably good practice to tighten the permissions when possible.
Possible approaches:
Create a separate db role in Capistrano whose system username matches its Postgres role name (that way we can use peer/ident authentication); or
Do away with Unicorn and install Phusion Passenger instead.
Both of these options seem a little more trouble than they're worth at present, but its an enhancement for the future.
Postgres currently trusts all local connections to the database since I can't get Unicorn to supply a password at runtime. This is fine while there is only one app running on the server but it is probably good practice to tighten the permissions when possible.
Possible approaches:
Both of these options seem a little more trouble than they're worth at present, but its an enhancement for the future.