Closed wstrm closed 5 years ago
Ehhhlloooo!
I'm goin' to add an environment variable for the database source in cmd/roasterd that it'll read!
cmd/roasterd
It's going to have the environment variable name: DATABASE_SOURCE
DATABASE_SOURCE
The supported formats are, either:
host=das.databas.example.org user=USERNAME_HERE dbname=DATABASE_NAME_HERE password=PASSWORD_HERE sslmode=require
sslmode= can be:
sslmode=
require
verify_ca
verify_full
disable
... or:
postgres://USERNAME_HERE:PASSWORD_HERE@das.databas.example.org/DATABASE_NAME_HERE?sslmode=require
There are two environment variables available:
REDIS_ADDRESS
localhost:6379
REDIS_PASSWORD
The REDIS_PASSWORD can be generated with:
export REDIS_PASSWORD=$(LC_ALL=C tr -dc '[:alnum:]' < /dev/urandom | head -c64)
View the password:
echo $REDIS_PASSWORD
PR #71 will add both encrypted SecureCookies and CSRF mitigation.
The server reads the following environment variables:
SESSION_KEY
CSRF_KEY
They both require cryptographically secure keys, they can be generated with:
export SESSION_KEY=$(LC_ALL=C tr -dc '[:alnum:]' < /dev/urandom | head -c32) export CSRF_KEY=$(LC_ALL=C tr -dc '[:alnum:]' < /dev/urandom | head -c32)
View the generated keys with:
echo $SESSION_KEY echo $CSRF_KEY
Please, do NOT use the same key for both of the variables.
Add the environment variable to AWS EB in Configuration > Software > Modify > Environment properties
This issue blocks the PR: #71
Reference: https://godoc.org/github.com/lib/pq#hdr-Connection_String_Parameters
Ehhhlloooo!
I'm goin' to add an environment variable for the database source in
cmd/roasterd
that it'll read!PostgreSQL
It's going to have the environment variable name:
DATABASE_SOURCE
The supported formats are, either:
sslmode=
can be:require
- Use SSL/TLS w/o verificationverify_ca
- Verify CA for SSL/TLS, but not the hostnameverify_full
- Verify both CA and hostname for SSL/TLSdisable
- No SSL/TLS... or:
Redis
There are two environment variables available:
REDIS_ADDRESS
- IP/hostname and port, example:localhost:6379
REDIS_PASSWORD
- The Redis passwordThe
REDIS_PASSWORD
can be generated with:View the password:
Required secure keys
PR #71 will add both encrypted SecureCookies and CSRF mitigation.
The server reads the following environment variables:
SESSION_KEY
- SecureCookies keyCSRF_KEY
- CSRF mitigation keyThey both require cryptographically secure keys, they can be generated with:
View the generated keys with:
Please, do NOT use the same key for both of the variables.
Task
Add the environment variable to AWS EB in Configuration > Software > Modify > Environment properties