vikunja
/
vikunja
6
43
Fork 69
Code Issues 152 Pull Requests 10 Packages Releases 32 Activity

Add client-cert parameters of the Go pq driver to the Vikunja config #1161

Merged
konrad merged 4 commits from :main into main 2022-04-23 15:46:03 +00:00
Conversation 1 Commits 4 Files Changed 4 +51 -7
Ghost commented 2022-04-23 09:11:27 +00:00
First-time contributor
Copy Link

Description

I have one central PostgreSQL-Server and I would like the communication not only to be encrypted but also throw a client-cert against the postgres instance.

This change adds the "sslcert", "sslkey" and "sslrootcert" parameters of the Go pq driver to the Vikunja config.
Tested with a self-compiled binary on Fedora 35, PostgreSQL 13.6 on Rocky Linux 8.5 and the following options set:

  1. unencrypted:
    • database.sslmode: disabled
  2. encrypted, no client-cert
    • database.sslmode: verifiy-ca
    • database.sslrootcert: /path/to/ca-cert
  3. encrypted, client-cert:
    • database.sslmode: verify-full
    • database.sslcert: /path/to/client-cert
    • database.sslkey: /path/to/client-key
    • database.sslrootcert: /path/to/ca-cert

Checklist

  • I added or improved tests
  • I added or improved docs for my feature
    • Swagger (including mage do-the-swag)
    • Error codes
    • New config options (including adding them to config.yml.saml and running mage generate-docs)
# Description I have one central PostgreSQL-Server and I would like the communication not only to be encrypted but also throw a client-cert against the postgres instance. This change adds the "sslcert", "sslkey" and "sslrootcert" parameters of the Go pq driver to the Vikunja config. Tested with a self-compiled binary on Fedora 35, PostgreSQL 13.6 on Rocky Linux 8.5 and the following options set: 1. unencrypted: * database.sslmode: disabled 2. encrypted, no client-cert * database.sslmode: verifiy-ca * database.sslrootcert: /path/to/ca-cert 3. encrypted, client-cert: * database.sslmode: verify-full * database.sslcert: /path/to/client-cert * database.sslkey: /path/to/client-key * database.sslrootcert: /path/to/ca-cert # Checklist * [ ] I added or improved tests * [x] I added or improved docs for my feature * [ ] Swagger (including `mage do-the-swag`) * [ ] Error codes * [x] New config options (including adding them to `config.yml.saml` and running `mage generate-docs`)
Ghost added 2 commits 2022-04-23 09:11:30 +00:00
konrad reviewed 2022-04-23 10:21:25 +00:00
konrad left a comment
Owner
Copy Link

Looks great! Please fix the lint errors so we can merge this.

Looks great! Please fix the lint errors so we can merge this.
Ghost added 1 commit 2022-04-23 11:05:22 +00:00
continuous-integration/drone/pr Build is passing Details
1ede545408 Fix lint error 
Committer: tuxthepenguin
Ghost commented 2022-04-23 11:22:57 +00:00
Author
First-time contributor
Copy Link

Error is fixed. Thanks!

Error is fixed. Thanks!
Ghost added 1 commit 2022-04-23 11:28:30 +00:00
continuous-integration/drone/pr Build is passing Details
c5b6296ec0 Fixed typo in config.md 
Committer: tuxthepenguin
konrad approved these changes 2022-04-23 15:45:45 +00:00
konrad left a comment
Owner
Copy Link

Thanks!

Thanks!
konrad merged commit 4960a498ff into main 2022-04-23 15:46:03 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
konrad
Labels
Clear labels   
dependencies

   
duplicate

This issue or pull request already exists

  
help wanted

Need some help

  
invalid

Something is wrong

  
kind/bug

Something is not working

  
kind/feature

New feature

  
needs reproduction

   
question

More information is needed

  
security

   
wontfix

This won't be fixed

No Label
dependencies
duplicate
help wanted
invalid
kind/bug
kind/feature
needs reproduction
question
security
wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: vikunja/vikunja#1161
No description provided.
Delete Branch ":main"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?