dokku/dokku-postgres
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: create ssl certs outside container

Browse Source 
This enables support for alpine-based images like timescaledb (no bash/openssl).

Fixes #153
Fixes timescale/timescaledb-docker#99
This commit is contained in:
Komlan KEDJI
2022-09-04 07:11:42 +00:00
parent 674d10ea4d
commit 09926fbecd
3 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
scripts/create_ssl_certs.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/sh
postgres_service_dir="$1"
cd "$postgres_service_dir"
mkdir certs && cd certs
openssl req -new -newkey rsa:4096 -x509 -days 365000 -nodes -out server.crt -keyout server.key -batch

11
scripts/enable_ssl.sh
View File

@@ -1,7 +1,10 @@
#!/bin/bash
pushd /var/lib/postgresql/data >/dev/null
openssl req -new -newkey rsa:4096 -x509 -days 365000 -nodes -out server.crt -keyout server.key -batch
#!/bin/sh
cd /var/lib/postgresql/data
cp ../certs/* .
chown postgres:postgres server.key
chmod 600 server.key
sed -i "s/^#ssl = off/ssl = on/" postgresql.conf
sed -i "s/^#ssl_ciphers =.*/ssl_ciphers = 'AES256+EECDH:AES256+EDH'/" postgresql.conf
popd >/dev/null