Update PG HA documentation to advise for more secure defaults
We currently document using
trust_auth_cidr_addresses, but don't go into the full implications of this. If done improperly, a database could be left fairly open.
We should update the documentation to better handle this.
If we want to keep recommending
trust_auth_cidr_adresses, we should explain what
Network Addressshould and should not be.
We should also consider other authentication methods as defaults. I think it might be possible to do certificate authentication without too much work.