-
-
Notifications
You must be signed in to change notification settings - Fork 279
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docker-compose example not working because prest tries to connect with ssl and postgres-service is running without sslmode #524
Comments
@t-hofmann I'm looking at it... seems this commit broke our Docker examples because SSL is disabled by default on postgres configuration. Fix is pretty simple, something like: ➜ git diff
diff --git a/docker-compose.yml b/docker-compose.yml
index 643f098..f0027e6 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,11 +16,7 @@ services:
- "postgres:postgres"
environment:
- PREST_DEBUG=true # remove comment for enable DEBUG mode (disable JWT)
- - PREST_PG_HOST=postgres
- - PREST_PG_USER=prest
- - PREST_PG_PASS=prest
- - PREST_PG_DATABASE=prest
- - PREST_PG_PORT=5432
+ - PREST_PG_URL=postgresql://prest:prest@postgres:5432/prest/?sslmode=disable
- PREST_JWT_DEFAULT=false # remove if need jwt
depends_on:
- postgres
diff --git a/docs/integrations/timescaledb.en.md b/docs/integrations/timescaledb.en.md
index b3bb656..a89e6d8 100644
--- a/docs/integrations/timescaledb.en.md
+++ b/docs/integrations/timescaledb.en.md
@@ -40,11 +40,7 @@ services:
- "timescaledb:timescaledb"
environment:
- PREST_DEBUG=true # remove comment for enable DEBUG mode (disable JWT)
- - PREST_PG_HOST=timescaledb
- - PREST_PG_USER=prest
- - PREST_PG_PASS=prest
- - PREST_PG_DATABASE=prest
- - PREST_PG_PORT=5432
+ - PREST_PG_URL=postgresql://prest:prest@timescaledb:5432/prest/?sslmode=disable
- PREST_JWT_DEFAULT=false # remove if need jwt
depends_on:
- timescaledb But I'm just thinking if we should expose the pREST SSL config into environment variables. Something like: PREST_PG_SSLMODE='enable'
PREST_PG_SSLCERT='/path/to/ssl/cert'
PREST_PG_SSLKEY='/path/to/ssl/key'
PREST_PG_SSLROOTCERT='/path/to/ssl/rootcert' WDYT @avelino @t-hofmann ? |
I like the environment variables, would be more coherent, but note: the actual SSl-key used by postgres should not be made available to other services than the postgres-service itself, so PREST_PG_SSLKEY is not necessary. So with those environment variable and in case "sslmode=enabled", the only way would be to use "PREST_PG_URL", which as a sideeffect would kind of disable the other PREST_PG_-environment variables... So again, I like the environment variables. |
@t-hofmann it was more simple than I imagine... have a look on PR #529 |
workaround:
add something like:
PREST_PG_URL: "postgres://USER:PASSWORD@postgres:5432/DATABASE?sslmode=disable"
to the environment of the prest-service in the docker-compose.yml
Fix:
introduce a new environment-variable "PREST_PG_SSL" to be one of [enable, disable], default: disable
to the prest-service
which consequently is used to configure presumable the pq-driver
Kindly,
Thomas
The text was updated successfully, but these errors were encountered: