docassemble icon indicating copy to clipboard operation
docassemble copied to clipboard

Published 20 hours ago verified publisher icon jhpyle

The initialize script does not include ssl settings

Open waterfoul opened this issue 3 years ago • 1 comments

This results in errors any time the psql command is used if ssl enforcement is enabled. See

https://github.com/jhpyle/docassemble/blob/master/Docker/initialize.sh#:~:text=export%20PGHOST%3D%22%24%7BDBHOST,unset%20PGDATABASE

waterfoul avatar Mar 07 '22 17:03 waterfoul

The latest version has some changes for this (system update required).

I tried a test with deploying docassemble on EC2 attached to RDS, with SSL enforced on the server side.

CONTAINERROLE=web:celery:cron:rabbitmq:log:redis:mail
DAHOSTNAME=testsecret.docassemble.org
TIMEZONE=America/New_York
USEHTTPS=true
EC2=true
USELETSENCRYPT=true
[email protected]
DBHOST=database-1.crqpsahysol6.us-west-2.rds.amazonaws.com
DBNAME=docassemble
DBUSER=postgres
DBPASSWORD=s95pqSECRETjevYWf
DBSSLMODE=verify-full
DBSSLROOTCERT=us-west-1-bundle.pem

I downloaded us-west-1-bundle.pem from Amazon and put it in my Docker volume for /usr/share/docassemble/certs.

Let me know if you have any further problems. Sorry about all the issues.

jhpyle avatar Mar 14 '22 15:03 jhpyle

I am closing this for now but if there are new issues with PostgreSQL and SSL, feel free to reopen. Thanks for letting me know about the issue.

jhpyle avatar Aug 13 '22 15:08 jhpyle