Skip to content

Commit

Permalink
Enable database SSL (#411)
Browse files Browse the repository at this point in the history
  • Loading branch information
lognaturel authored Mar 10, 2023
1 parent e3c57c8 commit 7edddca
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 2 deletions.
1 change: 1 addition & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ services:
- DB_USER=${DB_USER:-odk}
- DB_PASSWORD=${DB_PASSWORD:-odk}
- DB_NAME=${DB_NAME:-odk}
- DB_SSL=${DB_SSL:-null}
- EMAIL_FROM=${EMAIL_FROM:-no-reply@${DOMAIN}}
- EMAIL_HOST=${EMAIL_HOST:-mail}
- EMAIL_PORT=${EMAIL_PORT:-25}
Expand Down
3 changes: 2 additions & 1 deletion files/service/config.json.template
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@
"host": "${DB_HOST}",
"user": "${DB_USER}",
"password": "${DB_PASSWORD}",
"database": "${DB_NAME}"
"database": "${DB_NAME}",
"ssl": ${DB_SSL}
},
"email": {
"serviceAccount": "${EMAIL_FROM}",
Expand Down
2 changes: 1 addition & 1 deletion files/service/scripts/start-odk.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ echo "generating local service configuration.."

ENKETO_API_KEY=$(cat /etc/secrets/enketo-api-key) \
BASE_URL=$( [ "${HTTPS_PORT}" = 443 ] && echo https://"${DOMAIN}" || echo https://"${DOMAIN}":"${HTTPS_PORT}" ) \
envsubst '$DOMAIN $BASE_URL $SYSADMIN_EMAIL $ENKETO_API_KEY $DB_HOST $DB_USER $DB_PASSWORD $DB_NAME $EMAIL_FROM $EMAIL_HOST $EMAIL_PORT $EMAIL_SECURE $EMAIL_IGNORE_TLS $EMAIL_USER $EMAIL_PASSWORD $SENTRY_ORG_SUBDOMAIN $SENTRY_KEY $SENTRY_PROJECT' \
envsubst '$DOMAIN $BASE_URL $SYSADMIN_EMAIL $ENKETO_API_KEY $DB_HOST $DB_USER $DB_PASSWORD $DB_NAME $DB_SSL $EMAIL_FROM $EMAIL_HOST $EMAIL_PORT $EMAIL_SECURE $EMAIL_IGNORE_TLS $EMAIL_USER $EMAIL_PASSWORD $SENTRY_ORG_SUBDOMAIN $SENTRY_KEY $SENTRY_PROJECT' \
< /usr/share/odk/config.json.template \
> /usr/odk/config/local.json

Expand Down

0 comments on commit 7edddca

Please sign in to comment.