Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit001670c

Browse files
docs: add steps for postgres SSL cert config (#8648)
* docs: add steps for postgres SSL cert config* make fmt* Update docs/install/kubernetes.mdCo-authored-by: Cian Johnston <cian@coder.com>* fixup! Update docs/install/kubernetes.md---------Co-authored-by: Cian Johnston <cian@coder.com>
1 parent1a915f5 commit001670c

File tree

1 file changed

+33
-0
lines changed

1 file changed

+33
-0
lines changed

‎docs/install/kubernetes.md

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -179,6 +179,39 @@ In certain enterprise environments, the [Azure Application Gateway](https://lear
179179
-Websocket traffic (required for workspace connections)
180180
-TLS termination
181181

182+
## PostgreSQL Certificates
183+
184+
Your organization may require connecting to the database instance over SSL. To supply
185+
Coder with the appropriate certificates, and have it connect over SSL, follow the steps below:
186+
187+
1. Create the certificate as a secret in your Kubernetes cluster, if not already present:
188+
189+
```console
190+
$ kubectl create secret tls postgres-certs -n coder --key="postgres.key" --cert="postgres.crt"
191+
```
192+
193+
1. Define the secret volume and volumeMounts in the Helm chart:
194+
195+
```yaml
196+
coder:
197+
volumes:
198+
- name: "pg-certs-mount"
199+
secret:
200+
secretName: "postgres-certs"
201+
volumeMounts:
202+
- name: "pg-certs-mount"
203+
mountPath: "$HOME/.postgresql"
204+
readOnly: true
205+
```
206+
207+
1. Lastly, your PG connection URL will look like:
208+
209+
```console
210+
postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=require&sslcert=$HOME/.postgresql/postgres.crt&sslkey=$HOME/.postgresql/postgres.key"
211+
```
212+
213+
> More information on connecting to PostgreSQL databases using certificates can be found [here](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).
214+
182215
## Upgrading Coder via Helm
183216

184217
To upgrade Coder in the future or change values,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp