Skip to content
/ postgres-ssl Public
forked from umich-arc/postgres-ssl

Postgres container (based on official) that auto-generates SSL and requires client certificates

License

MIT license
0 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jun0tpyrc/postgres-ssl

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
arcts-ssl-entrypoint.sh
arcts-ssl-entrypoint.sh
 
 

Repository files navigation

Postgres-SSL

Docker container automatically generates SSL certificates and requires client certificates to connect.

The auto-generated client certs are accessible within the container and also get piped to STDOUT during initialization.

Once started:

psql "port=5432 host=192.168.0.10 user=postgres sslcert=./postgresql.crt sslkey=./postgresql.key sslrootcert=./root.crt sslmode=verify-ca"

Note: The user in the connection string above must match the $POSTGRES_USER defined at start (defaults to postgres)

Why:

We are provisioning many short lived data services that require secure-by-default settings such as requiring client certificates to establish a connection.

To Do:

  • Configure SSL options via environment variables
  • Allow certs to reside in a different directory (and configure via env)
  • Support multiple versions of Postgres (Currently pinned to 9.6)
  • TravisCI integration / Auto push to Hub

About

Postgres container (based on official) that auto-generates SSL and requires client certificates

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 88.9%
  • Dockerfile 11.1%