Escape URL-unsafe characters in DB connection string

[egasimus]

Issue Summary

I like my passwords with extra weird characters. However Lemmy seems to do naive string templating when building the PostgreSQL connection string. So if the password happens to contain e.g. a colon, the whole thing break.

Steps to Reproduce

Set a DB password containing a URL-unsafe character in config.hjson, and try to launch Lemmy.

Technical details

Maybe you gotta percent-encode the data from the config that goes into the connection URL?

[dessalines]

Seems like something we shouldn't support, especially since the ansible install auto-generates a safe password anyway. What's preventing you from using a character only DB password?

[egasimus]

ansible

Is Ansible part of Lemmy?

Seems like something we shouldn't support

It's literally how URLs work by specification. And you're not "supporting" it, the maintenance burden is literally zero.

What's preventing you from using a character only DB password?

What mandates one? You mean alphanumeric only because punctuation marks are also characters. Also what mandates the 60 char max password length enforced by the frontend? You guys are hashing em, right?

[dessalines]

Ansible is how you install lemmy, from our docs: https://join-lemmy.org/docs/en/administration/administration.html

Read the link I provided you over in the other thread for why you shouldn't use special characters for postgres passwords, db names, etc.

[dessalines]

Also what mandates the 60 char max password length enforced by the frontend? You guys are hashing em, right?

Hashing and checking passwords is resource intensive, and some character limit is necessary no matter what. No unhashed passwords are stored in the DB, we are hashing them with https://github.com/Keats/rust-bcrypt

[egasimus]

Ansible is how you install lemmy, from our docs: https://join-lemmy.org/docs/en/administration/administration.html

From the docs:

Lemmy has two primary installation methods:
Manually with Docker
Automated with Ansible

We recommend using Ansible...

(emphasis mine)

Great! So I went with Docker, simply because Ansible is not available in my environment; either way, the code causing the issue is neither part of Docker nor Ansible - it's part of the scope of the Lemmy application, though. That a particular deployment method successfully generates configuration has no bearing on how the application itself handles the configuration that is actually provided to it.

[dessalines]

No probs, just know that DB connection strings / URLs are finicky, which is why pretty much every app you'll see uses no special characters for the DB password.