Closed rnalrd closed 1 month ago
Hi @rnalrd
Please try using usessl
{
"LocalNode": {
"help": "Settings for PGSQL Database (data)",
"node": "LocalNode",
"user": "homer_user",
"pass": "password",
"name": "homer_data",
"keepalive": true,
"host": "homer-db",
"usessl": true
}
}
check this.
Same problem with "usessl"
~ # cat /etc/homer/webapp_config.json | jq '.database_data, .database_config'
{
"LocalNode": {
"help": "Settings for PGSQL Database (data)",
"node": "LocalNode",
"user": "homer_user",
"pass": "password",
"name": "homer_data",
"keepalive": true,
"host": "homer-db",
"usessl": true
}
}
{
"help": "Settings for PGSQL Database (settings)",
"node": "LocalConfig",
"user": "homer_user",
"pass": "password",
"name": "homer_config",
"keepalive": true,
"host": "homer-db",
"usessl": true
}
~ # homer-app -create-homer-user -database-root-user=$dbuser -database-host=$dbhost -database-root-password=$dbpass -webapp-config-path=/etc/homer
CONNECT to DB ROOT STRING: [host=homer-db user=postgres dbname=postgres sslmode=disable port=5432 password=password]
panic: pq: no pg_hba.conf entry for host "bad:beef:cafe:1016::169", user "postgres", database "postgres", no encryption
goroutine 1 [running]:
main.checkAdminFlags()
/app/main.go:1840 +0xfe5
main.main()
/app/main.go:225 +0xaf
I have tested with version 1.4.59 and with param "usessl=true"
it prints log line
{"level":"info","msg":"Connecting to [127.0.0.1, homer_user, homer_data, LocalNode, 0, ssl: require]\n","time":"2024-05-06T04:37:10-05:00"}
while with "usessl=false"
it prints
{"level":"info","msg":"Connecting to [127.0.0.1, homer_user, homer_data, LocalNode, 0, ssl: disable]\n","time":"2024-05-06T04:35:33-05:00"}
and it is working in both scenarios. try enabling debug log in webapp config and share homer-app logs.
homer:~# cat /etc/homer/webapp_config.json | jq '.database_data, .database_config, .system_settings'
{
"LocalNode": {
"help": "Settings for PGSQL Database (data)",
"node": "LocalNode",
"user": "homer_user",
"pass": "password",
"name": "homer_data",
"keepalive": true,
"host": "homer-db",
"usessl": true
}
}
{
"help": "Settings for PGSQL Database (settings)",
"node": "LocalConfig",
"user": "homer_user",
"pass": "password",
"name": "homer_config",
"keepalive": true,
"host": "homer-db",
"usessl": true
}
{
"help": "Settings for HOMER logs",
"logpath": "/var/log/homer",
"logname": "homer-app.log",
"_loglevels": "can be: fatal, error, warn, info, debug, trace",
"loglevel": "debug",
"logstdout": true
}
homer:~# homer-app -create-homer-user -database-root-user=$dbuser -database-host=$dbhost -database-root-password=$dbpass -webapp-config-path=/etc/homer
{"level":"info","msg":"init logging system","time":"2024-05-08T06:35:22Z"}
CONNECT to DB ROOT STRING: [host=homer-db user=postgres dbname=postgres sslmode=disable port=5432 password=password]
{"level":"error","msg":"pq: no pg_hba.conf entry for host \"dead:beef::1016::169\", user \"postgres\", database \"postgres\", no encryption","time":"2024-05-08T06:35:22Z"}
{"level":"error","msg":"Couldn't establish connection. Please be sure you can have correct passwordpq: no pg_hba.conf entry for host \"dead:beef::1016::169\", user \"postgres\", database \"postgres\", no encryption","time":"2024-05-08T06:35:22Z"}
{"level":"error","msg":"Try run: sudo -u postgres psql -c \"ALTER USER postgres PASSWORD 'postgres';\"","time":"2024-05-08T06:35:22Z"}
panic: pq: no pg_hba.conf entry for host "dead:beef::1016::169", user "postgres", database "postgres", no encryption
goroutine 1 [running]:
main.checkAdminFlags()
/app/main.go:1840 +0xfe5
main.main()
/app/main.go:225 +0xaf
Adding -database-ssl-mode=require
everything works as it should:
homer:~# homer-app -create-homer-user -database-root-user=$dbuser -database-host=$dbhost -database-root-password=$dbpass -database-ssl-mode=require -webapp-config-path=/etc/homer
{"level":"info","msg":"init logging system","time":"2024-05-08T06:36:04Z"}
CONNECT to DB ROOT STRING: [host=homer-db user=postgres dbname=postgres sslmode=require port=5432 password=password]
{"level":"debug","msg":"----------------------------------- ","time":"2024-05-08T06:36:04Z"}
{"level":"debug","msg":"*** Database Data Root Session created *** ","time":"2024-05-08T06:36:04Z"}
{"level":"debug","msg":"----------------------------------- ","time":"2024-05-08T06:36:04Z"}
HOMER - creating user [user=homer_user password=homer_password]
(/app/migration/migration.go:62)
[2024-05-08 06:36:04] pq: role "homer_user" already exists
(/app/migration/migration.go:62)
[2024-05-08 06:36:04] [0.72ms] CREATE USER "homer_user" WITH PASSWORD 'homer_password'
[0 rows affected or returned ]
DONE
HOMER - show users
Role name | Attributes
------------------------------------------------
health_check |
homer_user |
postgres | superuser, create database
replication |
sr_check_user |
DONE
I followed this blog to configure SSL on Postgres. May you have to follow Step 6 to resolve no pg_hba.conf entry for host
.
my pg_hba.conf does not allow non-SSL connections, that is why there's the error with "no encryption":
{"level":"error","msg":"pq: no pg_hba.conf entry for host \"dead:beef::1016::169\", user \"postgres\", database \"postgres\", no encryption","time":"2024-05-08T06:35:22Z"}
{"level":"error","msg":"Couldn't establish connection. Please be sure you can have correct passwordpq: no pg_hba.conf entry for host \"dead:beef::1016::169\", user \"postgres\", database \"postgres\", no encryption","time":"2024-05-08T06:35:22Z"}
When I add the CLI option -database-ssl-mode=require
the connection is accepted. The problem is that "usessl: true" in config does not do its job, I need to specify via CLI that I want an SSL connection.
we can add the custom fields
https://github.com/sipcapture/homer-app/commit/9e5c7b8c60121ef08e3208468e0c058c279ce40e
please test it, you can specify any params inside
closed as resolved
Trying to use SSL when connecting to PGSQL. Using command line option
-database-ssl-mode=require
works no problem, but using config optionsslmode="require"
it doesn't.