bakery-ia/infrastructure/kubernetes/base/configmaps/postgres-logging-config.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: postgres-logging-config
  namespace: bakery-ia
  labels:
    app.kubernetes.io/name: bakery-ia
    app.kubernetes.io/component: database-logging
data:
  postgresql.conf: |
    # PostgreSQL Configuration for Kubernetes
    # Generated for security compliance and monitoring

    # Network Configuration
    listen_addresses = '*'
    port = 5432

    # Connection Logging
    log_connections = on
    log_disconnections = on
    log_hostname = off

    # Query Logging
    log_statement = 'all'
    log_duration = on
    log_min_duration_statement = 1000

    # Log Destination
    log_destination = 'stderr'
    logging_collector = off

    # Log Output Format
    log_line_prefix = '%t [%p]: user=%u,db=%d,app=%a,client=%h '
    log_timezone = 'UTC'

    # Error Logging
    log_error_verbosity = default
    log_min_messages = warning
    log_min_error_statement = error

    # Checkpoints
    log_checkpoints = on

    # Lock Waits
    log_lock_waits = on
    deadlock_timeout = 1s

    # Temporary Files
    log_temp_files = 0

    # Autovacuum Logging
    log_autovacuum_min_duration = 0

    # SSL/TLS Configuration
    ssl = on
    ssl_cert_file = '/tls/server-cert.pem'
    ssl_key_file = '/tls/server-key.pem'
    ssl_ca_file = '/tls/ca-cert.pem'
    ssl_prefer_server_ciphers = on
    ssl_min_protocol_version = 'TLSv1.2'