firefly-iii: Connect to external PostgreSQL
Since the new database server outside the Kubernetes cluster, created for Authelia, was seeded from a backup of the in-cluster server, it already contained the data from Firefly-III as well. Thus, we can switch Firefly-III to using it, too. The documentation for Firefly-III does not mention anything about how to configure it to use certificate-based authentication for PostgreSQL, as is required by the new server. Fortunately, it ultimately uses _libpq_, so the standard `PG...` environment variables work fine. We just need a certificate issued by the _postgresql-ca_ ClusterIssuer and the _DCH Root CA_ certificate mounted in the Firefly-III container.
This commit is contained in:
@@ -7,10 +7,13 @@ TZ=America/Chicago
|
||||
TRUSTED_PROXIES=172.30.0.160/28
|
||||
|
||||
DB_CONNECTION=pgsql
|
||||
DB_HOST=default.postgresql
|
||||
DB_HOST=postgresql.pyrocufflink.blue
|
||||
DB_PORT=5432
|
||||
DB_USERNAME=firefly-iii.firefly
|
||||
DB_USERNAME=firefly
|
||||
DB_DATABASE=firefly
|
||||
PGSSLROOTCERT=/run/dch-ca/dch-root-ca.crt
|
||||
PGSSLCERT=/run/secrets/firefly/postgresql/tls.crt
|
||||
PGSSLKEY=/run/secrets/firefly/postgresql/tls.key
|
||||
|
||||
CACHE_DRIVER=redis
|
||||
SESSION_DRIVER=redis
|
||||
|
||||
Reference in New Issue
Block a user