search

louislam / uptime-kuma

A fancy self-hosted monitoring tool
https://uptime.kuma.pet
MIT License
55.72k stars 5.01k forks source link

Add SSL certificate setting for PostgreSQL monitor #2062

Open bjoliveau opened 2 years ago

bjoliveau commented 2 years ago

⚠️ Please verify that this feature request has NOT been suggested before.

🏷️ Feature Request Type

Other

🔖 Feature description

Feature to monitor postgresql services is added and it is great !

It would be really nice to have the ability to enable SSL with a boolean or toggle and in this case the SSL related information

✔️ Solution

It would be really nice to have the ability to enable SSL with a boolean or toggle and in this case the SSL related information

❓ Alternatives

We could bypass with a third-party API service and POST the sql request in this API on an existing type monitor as HTTP

📝 Additional Context

No response

TimmiORG commented 5 months ago

This would be great if this could be supported. Basically with the same features as you could do SSL checks on HTTP endpoints.

CommanderStorm commented 5 months ago

In the case of postgres that would likely be just a shorthand for adding ssl=true to the connection string as discussed in https://github.com/louislam/uptime-kuma/issues/3868

TimmiORG commented 5 months ago

Hi @CommanderStorm

but this would only allow the connection through SSL and it should fail if the certificate is expired. I understood this request to get also the possibility to get a notification in case of the certificate is about to expire and to be able to see the validity "in days" of the certificate on the status page. Same you it is done for HTTP certificates.

davidfrickert commented 3 weeks ago

This is currently possible by adding sslmode=require in the connection string, but uptime-kuma is trying to validate the certificate and fails with "self-signed certificate" error. According to postgres docs the require mode should not try to validate the certificate, only the verify-ca or verify-full modes should do it. --> https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-PROTECTION Could this be fixed?

If this project is using the node-postgres library, then the issue might be in this library: https://github.com/brianc/node-postgres/issues/2375

Edit: there is a workaround which is to use sslmode=no-verify in the connection string