From a32755b6c818bb06af4f4f546437ccf5cf785556 Mon Sep 17 00:00:00 2001
From: boesr <88541074+boesr@users.noreply.github.com>
Date: Thu, 21 Sep 2023 12:54:18 +0200
Subject: [PATCH] root: Add setting to adjust database config for pgpool
 (#6949)

---
 authentik/lib/default.yml                   | 1 +
 authentik/root/settings.py                  | 3 +++
 website/docs/installation/configuration.mdx | 1 +
 3 files changed, 5 insertions(+)

diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml
index fb5a652ae..76792f9c8 100644
--- a/authentik/lib/default.yml
+++ b/authentik/lib/default.yml
@@ -7,6 +7,7 @@ postgresql:
   port: 5432
   password: "env://POSTGRES_PASSWORD"
   use_pgbouncer: false
+  use_pgpool: false
 
 listen:
   listen_http: 0.0.0.0:9000
diff --git a/authentik/root/settings.py b/authentik/root/settings.py
index 0fa099755..4bec86fd9 100644
--- a/authentik/root/settings.py
+++ b/authentik/root/settings.py
@@ -279,6 +279,9 @@ DATABASES = {
     }
 }
 
+if CONFIG.get_bool("postgresql.use_pgpool", False):
+    DATABASES["default"]["DISABLE_SERVER_SIDE_CURSORS"] = True
+
 if CONFIG.get_bool("postgresql.use_pgbouncer", False):
     # https://docs.djangoproject.com/en/4.0/ref/databases/#transaction-pooling-server-side-cursors
     DATABASES["default"]["DISABLE_SERVER_SIDE_CURSORS"] = True
diff --git a/website/docs/installation/configuration.mdx b/website/docs/installation/configuration.mdx
index 7c4b7b531..400c13108 100644
--- a/website/docs/installation/configuration.mdx
+++ b/website/docs/installation/configuration.mdx
@@ -63,6 +63,7 @@ To check if your config has been applied correctly, you can run the following co
 -   `AUTHENTIK_POSTGRESQL__PORT`: Database port, defaults to 5432
 -   `AUTHENTIK_POSTGRESQL__PASSWORD`: Database password, defaults to the environment variable `POSTGRES_PASSWORD`
 -   `AUTHENTIK_POSTGRESQL__USE_PGBOUNCER`: Adjust configuration to support connection to PgBouncer
+-   `AUTHENTIK_POSTGRESQL__USE_PGPOOL`: Adjust configuration to support connection to Pgpool
 -   `AUTHENTIK_POSTGRESQL__SSLMODE`: Strictness of ssl verification. Defaults to `verify-ca`
 -   `AUTHENTIK_POSTGRESQL__SSLROOTCERT`: CA root for server ssl verification
 -   `AUTHENTIK_POSTGRESQL__SSLCERT`: Path to x509 client certificate to authenticate to server