search

ether / etherpad-lite

Etherpad: A modern really-real-time collaborative document editor.
http://docs.etherpad.org/
Apache License 2.0
15.95k stars 2.78k forks source link

Etherpad Docker w/ PostgreSQL can't be configured to require SSL transport (DB_URL ignored?) #6352

Closed mwexcell closed 2 weeks ago

mwexcell commented 2 weeks ago

Describe the bug

When installing Etherpad via Docker, and using a cloud hosted Postgres server, the DB_URL (which appears to be the correct/only way to configure the connection with sslmode=required) doesn't seem to work. If I remove the environment variables for host, username, etc., the seem to use their defaults - like localhost for host - instead of using the url in the DB_URL variable.

To Reproduce Steps to reproduce the behavior:

1.Run the docker container as specified in the documentation, but use DB_TYPE=postgres and a full DB_URL (postgres://...) instead of DB_TYPE=postgres, and DB_HOST, etc.

  1. The docker logs will show the server begin to start up, shutdown, and show this error: Error: connect ECONNREFUSED 127.0.0.1:5432

Expected behavior

I would expect that the DB_URL would be used instead of the DB_HOST, etc., which will allow me to set additional, standard, postgres options on the URL.

Server (please complete the following information):

**Additional context

It may be that I'm missing something obvious, but is there another way to set SSL Mode on the PG connection?

SamTV12345 commented 2 weeks ago

Describe the bug

When installing Etherpad via Docker, and using a cloud hosted Postgres server, the DB_URL (which appears to be the correct/only way to configure the connection with sslmode=required) doesn't seem to work. If I remove the environment variables for host, username, etc., the seem to use their defaults - like localhost for host - instead of using the url in the DB_URL variable.

To Reproduce Steps to reproduce the behavior:

1.Run the docker container as specified in the documentation, but use DB_TYPE=postgres and a full DB_URL (postgres://...) instead of DB_TYPE=postgres, and DB_HOST, etc. 2. The docker logs will show the server begin to start up, shutdown, and show this error: Error: connect ECONNREFUSED 127.0.0.1:5432

Expected behavior

I would expect that the DB_URL would be used instead of the DB_HOST, etc., which will allow me to set additional, standard, postgres options on the URL.

Server (please complete the following information):

  • Etherpad version: develop from 2 hours ago
  • OS: Ubuntu 23.10

**Additional context

It may be that I'm missing something obvious, but is there another way to set SSL Mode on the PG connection?

Hi @mwexcell thanks for creating an issue. As we simply map all settings into the postgres configuration you should be able to set everything as you require. You can enable ssl by passing the things in the settings.json: https://node-postgres.com/features/ssl

mwexcell commented 2 weeks ago

Thank you very much for your quick response!

Do you have an example of setting postgres sslmode via settings? I have tried to change DB_URL in the settings file as well, and I get the same result.

SamTV12345 commented 2 weeks ago

You need the dbType, host etc. things and "ssl":true and insert your certificates in the settings.json as shown in the link above.

mwexcell commented 2 weeks ago

That was the hint I needed. The settings file was filling a "url" setting from DB_URL. By changing that to "connectionString" in the settings.json.docker file, I appears I am able to use the DB_URL environment variable to set all of it. Thanks!