diff --git a/api/config/packages/common_ground.yaml b/api/config/packages/common_ground.yaml index d40100742..133652fd7 100644 --- a/api/config/packages/common_ground.yaml +++ b/api/config/packages/common_ground.yaml @@ -9,6 +9,10 @@ parameters: env(APP_COMMONGROUND_KEY): "d4bb1810-8358-4372-98db-6c7bd2fb370c" env(APP_COMMONGROUND_SECRET): "" env(CACHE_URL): '' + + env(DATABASE_ROOT_CERT): /var/certs/postgresql.crt + env(REDIS_PROTOCOL): redis + common_ground.app.id: "%env(APP_COMMONGROUND_ID)%" app_commonground_id: "%env(APP_COMMONGROUND_ID)%" diff --git a/api/config/packages/doctrine.yaml b/api/config/packages/doctrine.yaml index 605bd6b64..4821f778b 100644 --- a/api/config/packages/doctrine.yaml +++ b/api/config/packages/doctrine.yaml @@ -3,6 +3,7 @@ doctrine: # IMPORTANT: You MUST configure your server version, # either here or in the DATABASE_URL env var (see .env file) #server_version: '13' + sslrootcert: '%env(DATABASE_ROOT_CERT)%' url: '%env(resolve:DATABASE_URL)%' types: uuid: Ramsey\Uuid\Doctrine\UuidType diff --git a/api/config/packages/framework.yaml b/api/config/packages/framework.yaml index 7be339232..4006d648c 100644 --- a/api/config/packages/framework.yaml +++ b/api/config/packages/framework.yaml @@ -21,7 +21,7 @@ framework: prefix_seed: commonground_gateway_cache app: cache.adapter.redis system: cache.adapter.redis - default_redis_provider: "redis://%env(REDIS_HOST)%:%env(int:REDIS_PORT)%" + default_redis_provider: "%env(REDIS_PROTOCOL)%://%env(REDIS_HOST)%:%env(int:REDIS_PORT)%" trusted_hosts: "%env(TRUSTED_HOSTS)%" diff --git a/api/helm/commonground-gateway-1.5.6.tgz b/api/helm/commonground-gateway-1.5.6.tgz new file mode 100644 index 000000000..4820f9c89 Binary files /dev/null and b/api/helm/commonground-gateway-1.5.6.tgz differ diff --git a/api/helm/commonground-gateway/Chart.yaml b/api/helm/commonground-gateway/Chart.yaml index 5ca5d1713..ef74b7db7 100644 --- a/api/helm/commonground-gateway/Chart.yaml +++ b/api/helm/commonground-gateway/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.5.5 +version: 1.5.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/api/helm/commonground-gateway/templates/consumer.yaml b/api/helm/commonground-gateway/templates/consumer.yaml index 818c5c410..75a64062c 100644 --- a/api/helm/commonground-gateway/templates/consumer.yaml +++ b/api/helm/commonground-gateway/templates/consumer.yaml @@ -53,6 +53,13 @@ spec: - name: vendor persistentVolumeClaim: claimName: {{ include "commonground-gateway.fullname" . }}-vendor + {{- if .Values.security.postgresCert }} + - name: postgres-certificate + projected: + sources: + - secret: + name: {{ include "commonground-gateway.fullname" . }}-postgresCert + {{- end }} initContainers: - name: {{ include "commonground-gateway.fullname" . }}-init securityContext: @@ -86,7 +93,13 @@ spec: - mountPath: /var/run/idp name: idp-certificate readOnly: true - {{- end }} + {{- end }} + {{- if .Values.security.postgresCert }} + - mountPath: /srv/api/var/certs/postgres.crt + subPath: certificate.crt + name: postgres-certificate + readOnly: true + {{- end }} - mountPath: /srv/api/vendor subPath: vendor name: vendor @@ -161,6 +174,8 @@ spec: secretKeyRef: key: database-url name: {{ include "commonground-gateway.fullname" . }} + - name: DATABASE_ROOT_CERT + value: /srv/api/var/certs/postgres.crt - name: CACHE_URL valueFrom: secretKeyRef: @@ -247,6 +262,8 @@ spec: configMapKeyRef: key: redis-port name: {{ include "commonground-gateway.fullname" . }} + - name: REDIS_PROTOCOL + value: {{ .Values.security.redisProtocol }} {{- end }} - name: SAML_ENABLED valueFrom: diff --git a/api/helm/commonground-gateway/templates/cron-runner.yaml b/api/helm/commonground-gateway/templates/cron-runner.yaml index dfe1509e7..158b3d980 100644 --- a/api/helm/commonground-gateway/templates/cron-runner.yaml +++ b/api/helm/commonground-gateway/templates/cron-runner.yaml @@ -60,7 +60,14 @@ spec: - name: vendor persistentVolumeClaim: claimName: {{ include "commonground-gateway.fullname" . }}-vendor - + + {{- if .Values.security.postgresCert }} + - name: postgres-certificate + projected: + sources: + - secret: + name: {{ include "commonground-gateway.fullname" . }}-postgresCert + {{- end }} initContainers: - name: {{ include "commonground-gateway.fullname" . }}-init securityContext: @@ -120,6 +127,12 @@ spec: subPath: bundles.php name: vendor readOnly: false + {{- if .Values.security.postgresCert }} + - mountPath: /srv/api/var/certs/postgres.crt + subPath: certificate.crt + name: postgres-certificate + readOnly: true + {{- end }} args: - bin/console - cronjob:command @@ -169,6 +182,8 @@ spec: secretKeyRef: key: database-url name: {{ include "commonground-gateway.fullname" . }} + - name: DATABASE_ROOT_CERT + value: /srv/api/var/certs/postgres.crt - name: CACHE_URL valueFrom: secretKeyRef: @@ -257,6 +272,8 @@ spec: configMapKeyRef: key: redis-port name: {{ include "commonground-gateway.fullname" . }} + - name: REDIS_PROTOCOL + value: {{ .Values.security.redisProtocol }} {{- end }} - name: SAML_ENABLED valueFrom: diff --git a/api/helm/commonground-gateway/templates/deployment.yaml b/api/helm/commonground-gateway/templates/deployment.yaml index c4a1764f0..b3b91150f 100644 --- a/api/helm/commonground-gateway/templates/deployment.yaml +++ b/api/helm/commonground-gateway/templates/deployment.yaml @@ -86,6 +86,13 @@ spec: - secret: name: {{ include "commonground-gateway.fullname" . }}-tls {{- end }} + {{- if .Values.security.postgresCert }} + - name: postgres-certificate + projected: + sources: + - secret: + name: {{ include "commonground-gateway.fullname" . }}-postgresCert + {{- end }} initContainers: - name: {{ include "commonground-gateway.fullname" . }}-init securityContext: @@ -140,6 +147,12 @@ spec: name: doctrine readOnly: true {{- end }} + {{- if .Values.security.postgresCert }} + - mountPath: /srv/api/var/certs/postgres.crt + subPath: certificate.crt + name: postgres-certificate + readOnly: true + {{- end }} - mountPath: /srv/api/vendor subPath: vendor name: vendor @@ -211,6 +224,8 @@ spec: secretKeyRef: key: database-url name: {{ include "commonground-gateway.fullname" . }} + - name: DATABASE_ROOT_CERT + value: /srv/api/var/certs/postgres.crt - name: CACHE_URL valueFrom: secretKeyRef: @@ -310,6 +325,8 @@ spec: configMapKeyRef: key: redis-port name: {{ include "commonground-gateway.fullname" . }} + - name: REDIS_PROTOCOL + value: {{ .Values.security.redisProtocol }} {{- end }} - name: SAML_ENABLED valueFrom: diff --git a/api/helm/commonground-gateway/templates/secrets.yaml b/api/helm/commonground-gateway/templates/secrets.yaml index f916ca943..c3b6ca500 100644 --- a/api/helm/commonground-gateway/templates/secrets.yaml +++ b/api/helm/commonground-gateway/templates/secrets.yaml @@ -42,3 +42,17 @@ data: {{ else }} mongodb-url: {{ .Values.mongodb.url | b64enc | quote }} {{ end }} + +{{- if .Values.security.postgresCert }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "commonground-gateway.fullname" . }}-postgresCert + labels: + {{- include "commonground-gateway.labels" . | nindent 4 }} +type: Opaque +stringData: + certificate.crt: | + {{ .Values.security.postgresCert | nindent 8 }} +{{- end }} diff --git a/api/helm/commonground-gateway/values.yaml b/api/helm/commonground-gateway/values.yaml index edc328a4f..0ad36e7e1 100644 --- a/api/helm/commonground-gateway/values.yaml +++ b/api/helm/commonground-gateway/values.yaml @@ -82,6 +82,8 @@ security: CvVVrqBVqLHjva4erqYol6K/jbSfUtRCy8IlFU7LYu1KLehZKYvj3vekj3Cn08Aq ljr/Q8Pw+OfUZTzKg4PVDQVfFqKtyosv -----END CERTIFICATE----- + postgresCert: null + redisProtocol: redis authEnabled: true sessionDuration: 900 certificate: @@ -215,6 +217,9 @@ mongodb: memory: 6Gi gateway-ui: + pwa: + image: + tag: latest enabled: true resources: requests: diff --git a/api/helm/index.yaml b/api/helm/index.yaml index cc14a68e2..d6936e836 100644 --- a/api/helm/index.yaml +++ b/api/helm/index.yaml @@ -3,7 +3,37 @@ entries: commonground-gateway: - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.959881698+02:00" + created: "2024-04-23T15:30:09.885970934+02:00" + dependencies: + - condition: postgresql.enabled + name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 12.1.2 + - condition: redis.enabled + name: redis + repository: https://charts.bitnami.com/bitnami + version: 17.3.11 + - name: rabbitmq + repository: https://charts.bitnami.com/bitnami + version: 11.9.1 + - condition: mongodb.enabled + name: mongodb + repository: https://charts.bitnami.com/bitnami + version: 13.4.4 + - condition: gateway-ui.enabled + name: gateway-ui + repository: https://raw.githubusercontent.com/ConductionNL/gateway-ui/development/helm/ + version: 0.1.7 + description: A Helm chart for Kubernetes + digest: c30f4175e7f99e51da2f32f0518dfbb4d1216cb5896d5ae83b23a400a85c794b + name: commonground-gateway + type: application + urls: + - commonground-gateway-1.5.6.tgz + version: 1.5.6 + - apiVersion: v2 + appVersion: "2.2" + created: "2024-04-23T15:30:09.822785036+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -33,7 +63,7 @@ entries: version: 1.5.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.920081399+02:00" + created: "2024-04-23T15:30:09.72900806+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -63,7 +93,7 @@ entries: version: 1.5.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.879294206+02:00" + created: "2024-04-23T15:30:09.63242211+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -93,7 +123,7 @@ entries: version: 1.5.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.837427124+02:00" + created: "2024-04-23T15:30:09.552968004+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -123,7 +153,7 @@ entries: version: 1.5.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.793977916+02:00" + created: "2024-04-23T15:30:09.474294011+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -153,7 +183,7 @@ entries: version: 1.5.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.750232846+02:00" + created: "2024-04-23T15:30:09.388993723+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -183,7 +213,7 @@ entries: version: 1.5.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.712562442+02:00" + created: "2024-04-23T15:30:09.302182013+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -213,7 +243,7 @@ entries: version: 1.4.7 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.681769773+02:00" + created: "2024-04-23T15:30:09.214618345+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -243,7 +273,7 @@ entries: version: 1.4.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.636406114+02:00" + created: "2024-04-23T15:30:09.091851597+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -273,7 +303,7 @@ entries: version: 1.4.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.588033421+02:00" + created: "2024-04-23T15:30:08.981662526+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -303,7 +333,7 @@ entries: version: 1.4.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.542518699+02:00" + created: "2024-04-23T15:30:08.885033255+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -333,7 +363,7 @@ entries: version: 1.4.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.499025118+02:00" + created: "2024-04-23T15:30:08.75496482+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -363,7 +393,7 @@ entries: version: 1.4.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.45593534+02:00" + created: "2024-04-23T15:30:08.641123613+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -393,7 +423,7 @@ entries: version: 1.4.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.387562418+02:00" + created: "2024-04-23T15:30:08.4984428+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -423,7 +453,7 @@ entries: version: 1.4.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.327486571+02:00" + created: "2024-04-23T15:30:08.359581474+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -453,7 +483,7 @@ entries: version: 1.3.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.288473738+02:00" + created: "2024-04-23T15:30:08.288308632+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -483,7 +513,7 @@ entries: version: 1.3.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.227859808+02:00" + created: "2024-04-23T15:30:08.234665148+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -513,7 +543,7 @@ entries: version: 1.2.9 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.193109234+02:00" + created: "2024-04-23T15:30:08.18081359+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -539,7 +569,7 @@ entries: version: 1.2.8 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.143449118+02:00" + created: "2024-04-23T15:30:08.080877556+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -565,7 +595,7 @@ entries: version: 1.2.7 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.094041193+02:00" + created: "2024-04-23T15:30:08.028154586+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -591,7 +621,7 @@ entries: version: 1.2.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.046561894+02:00" + created: "2024-04-23T15:30:07.967764037+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -617,7 +647,7 @@ entries: version: 1.2.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:39.002399632+02:00" + created: "2024-04-23T15:30:07.904947002+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -643,7 +673,7 @@ entries: version: 1.2.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.951651911+02:00" + created: "2024-04-23T15:30:07.851892023+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -669,7 +699,7 @@ entries: version: 1.2.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.90362668+02:00" + created: "2024-04-23T15:30:07.794173768+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -695,7 +725,7 @@ entries: version: 1.2.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.858125685+02:00" + created: "2024-04-23T15:30:07.734488769+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -721,7 +751,7 @@ entries: version: 1.2.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.814899701+02:00" + created: "2024-04-23T15:30:07.673986604+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -747,7 +777,7 @@ entries: version: 1.2.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.755222898+02:00" + created: "2024-04-23T15:30:07.61319341+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -773,7 +803,7 @@ entries: version: 1.1.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.715056795+02:00" + created: "2024-04-23T15:30:07.542390243+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -799,7 +829,7 @@ entries: version: 1.1.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.670644484+02:00" + created: "2024-04-23T15:30:07.477926538+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -825,7 +855,7 @@ entries: version: 1.1.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.625377161+02:00" + created: "2024-04-23T15:30:07.413901086+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -851,7 +881,7 @@ entries: version: 1.1.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.586252441+02:00" + created: "2024-04-23T15:30:07.359452373+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -877,7 +907,7 @@ entries: version: 1.1.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.54063717+02:00" + created: "2024-04-23T15:30:07.305318185+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -903,7 +933,7 @@ entries: version: 1.0.7 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.501532542+02:00" + created: "2024-04-23T15:30:07.240032748+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -929,7 +959,7 @@ entries: version: 1.0.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.451882037+02:00" + created: "2024-04-23T15:30:07.178725114+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -955,7 +985,7 @@ entries: version: 1.0.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.408398852+02:00" + created: "2024-04-23T15:30:07.112783402+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -981,7 +1011,7 @@ entries: version: 1.0.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.375366422+02:00" + created: "2024-04-23T15:30:07.059481513+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1007,7 +1037,7 @@ entries: version: 1.0.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.328752101+02:00" + created: "2024-04-23T15:30:07.007977322+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1033,7 +1063,7 @@ entries: version: 1.0.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.270179813+02:00" + created: "2024-04-23T15:30:06.944318216+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1059,7 +1089,7 @@ entries: version: 1.0.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-19T09:30:38.223639667+02:00" + created: "2024-04-23T15:30:06.876336666+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1085,7 +1115,7 @@ entries: version: 1.0.0 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.945558676+02:00" + created: "2024-04-23T15:30:06.449422857+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1107,7 +1137,7 @@ entries: version: 0.1.13 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.909337571+02:00" + created: "2024-04-23T15:30:06.405072706+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1129,7 +1159,7 @@ entries: version: 0.1.12 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.875364545+02:00" + created: "2024-04-23T15:30:06.367047975+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1151,7 +1181,7 @@ entries: version: 0.1.11 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.846706082+02:00" + created: "2024-04-23T15:30:06.326640441+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1173,7 +1203,7 @@ entries: version: 0.1.10 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.185839558+02:00" + created: "2024-04-23T15:30:06.815342448+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1195,7 +1225,7 @@ entries: version: 0.1.9 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.153614905+02:00" + created: "2024-04-23T15:30:06.766993414+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1217,7 +1247,7 @@ entries: version: 0.1.8 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.117506755+02:00" + created: "2024-04-23T15:30:06.721484487+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1239,7 +1269,7 @@ entries: version: 0.1.7 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.085622657+02:00" + created: "2024-04-23T15:30:06.666659081+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1258,7 +1288,7 @@ entries: version: 0.1.6 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.066754133+02:00" + created: "2024-04-23T15:30:06.629689069+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1277,7 +1307,7 @@ entries: version: 0.1.5 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.04401057+02:00" + created: "2024-04-23T15:30:06.595947102+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1296,7 +1326,7 @@ entries: version: 0.1.4 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:38.017118186+02:00" + created: "2024-04-23T15:30:06.564415397+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1315,7 +1345,7 @@ entries: version: 0.1.3 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.995048323+02:00" + created: "2024-04-23T15:30:06.523960306+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1334,7 +1364,7 @@ entries: version: 0.1.2 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.82735073+02:00" + created: "2024-04-23T15:30:06.281889306+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1353,7 +1383,7 @@ entries: version: 0.1.1 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-19T09:30:37.798415544+02:00" + created: "2024-04-23T15:30:06.240206182+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1370,4 +1400,4 @@ entries: urls: - commonground-gateway-0.1.0.tgz version: 0.1.0 -generated: "2024-04-19T09:30:37.772089237+02:00" +generated: "2024-04-23T15:30:06.208615197+02:00" diff --git a/docker-compose.yml b/docker-compose.yml index 251ffd3ae..43160108f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -48,6 +48,7 @@ services: - APP_INIT='true' - CONTAINER_REGISTRY_BASE=${CONTAINER_REGISTRY_BASE} - CONTAINER_PROJECT_NAME=${CONTAINER_PROJECT_NAME} + - DATABASE_ROOT_CERT=/var/certs/postgresql.crt - DATABASE_URL=postgres://api-platform:!ChangeMe!@db/api?serverVersion=10.1 # - DATABASE_URL=mysql://api-platform:!ChangeMe!@db/api?serverVersion=10.1 - CACHE_URL=mongodb://api-platform:!ChangeMe!@mongodb @@ -87,6 +88,7 @@ services: - NOTIFICATION_ENABLED=${NOTIFICATION_ENABLED} - REDIS_HOST=redis - REDIS_PORT=6379 + - REDIS_PROTOCOL=redis - APP_AUTH=${APP_AUTH} - GITHUB_KEY=${GITHUB_KEY} - PUBLICCODE=${PUBLICCODE} @@ -170,6 +172,11 @@ services: - db-data:/var/lib/postgresql/data:rw ports: - "5432:5432" + command: > + -c ssl=on + -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem + -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key + mongodb: image: mongo:4.4.14