helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard

Published 20 hours ago verified publisher icon temporalio

Postgres TLS

Open loopingrage opened this issue 3 years ago • 3 comments

Is your feature request related to a problem? Please describe.

There doesn't seem to be a way to configure TLS options for Postgres via the helm chart. The underlying server supports it so just seems like it needs to be surfaced in values.

Describe the solution you'd like

Ability to configure Postgres TLS options via Temporal Helm Chart.

loopingrage avatar Mar 22 '21 05:03 loopingrage

Looks like there actually is a way to configure PostgreSQL TLS by adding tls.enabled: true to both SQL persistence configurations:

server:
  config:
    persistence:
      default:
        driver: "sql"

        sql:
          driver: "postgres"
          host: _HOST_
          port: 5432
          database: temporal
          user: _USERNAME_
          password: _PASSWORD_
          maxConns: 20
          maxConnLifetime: "1h"
          tls:
            enabled: true

Other TLS options seem to be supported too: https://docs.temporal.io/docs/server-configuration#persistence

atapio avatar Apr 17 '21 09:04 atapio

What's the status on this? Is it still not possible to configure cert-based authentication for PostgreSQL through the helm chart?

petergardfjall avatar Aug 28 '23 10:08 petergardfjall

This is not used in admin-tools update schema.

debugger24 avatar Oct 17 '23 10:10 debugger24