Skip to content
/ postgres-ssl Public

Postgres container (based on official) that auto-generates SSL and requires client certificates

License

MIT license
4 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

umich-arc/postgres-ssl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
arcts-ssl-entrypoint.sh
arcts-ssl-entrypoint.sh
 
 

Repository files navigation

Postgres-SSL

Docker container automatically generates SSL certificates and requires client certificates to connect.

The auto-generated client certs are accessible within the container and also get piped to STDOUT during initialization.

Once started:

psql "port=5432 host=192.168.0.10 user=postgres sslcert=./postgresql.crt sslkey=./postgresql.key sslrootcert=./root.crt sslmode=verify-ca"

Note: The user in the connection string above must match the $POSTGRES_USER defined at start (defaults to postgres)

Why:

We are provisioning many short lived data services that require secure-by-default settings such as requiring client certificates to establish a connection.

To Do:

  • Configure SSL options via environment variables
  • Allow certs to reside in a different directory (and configure via env)
  • Support multiple versions of Postgres (Currently pinned to 9.6)
  • TravisCI integration / Auto push to Hub

About

Postgres container (based on official) that auto-generates SSL and requires client certificates

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

6 watching

Forks

8 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages