mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 01:37:31 +00:00
fix: Secure sql connection (#332)
* feat: sql ssl connection * fix: simpler implementation of ssl-config in sql * fix(config): set db ssl connection by env vars
This commit is contained in:
Silvan
@@ -28,7 +28,11 @@ Mgmt:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'management'
|
||||
Database: 'eventstore'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_MANAGEMENT_CERT
|
||||
Key: $CR_MANAGEMENT_KEY
|
||||
Cache:
|
||||
Type: 'fastcache'
|
||||
Config:
|
||||
@@ -38,7 +42,11 @@ Mgmt:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'management'
|
||||
Database: 'management'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_MANAGEMENT_CERT
|
||||
Key: $CR_MANAGEMENT_KEY
|
||||
Spooler:
|
||||
ConcurrentTasks: 4
|
||||
BulkLimit: 100
|
||||
@@ -95,7 +103,11 @@ Auth:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'auth'
|
||||
Database: 'eventstore'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_AUTH_CERT
|
||||
Key: $CR_AUTH_KEY
|
||||
Cache:
|
||||
Type: 'fastcache'
|
||||
Config:
|
||||
@@ -106,13 +118,21 @@ Auth:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'auth'
|
||||
Database: 'auth'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_AUTH_CERT
|
||||
Key: $CR_AUTH_KEY
|
||||
View:
|
||||
Host: $ZITADEL_EVENTSTORE_HOST
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'auth'
|
||||
Database: 'auth'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_AUTH_CERT
|
||||
Key: $CR_AUTH_KEY
|
||||
Spooler:
|
||||
ConcurrentTasks: 4
|
||||
BulkLimit: 100
|
||||
@@ -152,7 +172,11 @@ AuthZ:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'authz'
|
||||
Database: 'eventstore'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_AUTHZ_CERT
|
||||
Key: $CR_AUTHZ_KEY
|
||||
Cache:
|
||||
Type: 'fastcache'
|
||||
Config:
|
||||
@@ -162,7 +186,11 @@ AuthZ:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'authz'
|
||||
Database: 'authz'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_AUTHZ_CERT
|
||||
Key: $CR_AUTHZ_KEY
|
||||
Spooler:
|
||||
ConcurrentTasks: 1
|
||||
BulkLimit: 100
|
||||
@@ -186,7 +214,11 @@ Admin:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'admin_api'
|
||||
Database: 'eventstore'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_ADMIN_CERT
|
||||
Key: $CR_ADMIN_KEY
|
||||
Cache:
|
||||
Type: 'fastcache'
|
||||
Config:
|
||||
@@ -196,7 +228,11 @@ Admin:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'admin_api'
|
||||
Database: 'admin_api'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_ADMIN_CERT
|
||||
Key: $CR_ADMIN_KEY
|
||||
Spooler:
|
||||
ConcurrentTasks: 1
|
||||
BulkLimit: 100
|
||||
@@ -225,7 +261,11 @@ Notification:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'notification'
|
||||
Database: 'eventstore'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_NOTIFY_CERT
|
||||
Key: $CR_NOTIFY_KEY
|
||||
Cache:
|
||||
Type: 'fastcache'
|
||||
Config:
|
||||
@@ -235,7 +275,11 @@ Notification:
|
||||
Port: $ZITADEL_EVENTSTORE_PORT
|
||||
User: 'notification'
|
||||
Database: 'notification'
|
||||
SSLmode: disable
|
||||
SSL:
|
||||
Mode: $CR_SSL_MODE
|
||||
RootCert: $CR_ROOT_CERT
|
||||
Cert: $CR_NOTIFY_CERT
|
||||
Key: $CR_NOTIFY_KEY
|
||||
Spooler:
|
||||
ConcurrentTasks: 4
|
||||
BulkLimit: 100
|
||||
|
||||
Reference in New Issue
Block a user