Browse Source
docs: added DB_SSL and DB_SSL_CA to helm chart (#2492 )
***NO_CI***
* Update deployment.yaml
added DB_SSL option for postgres
* Update README.md
added note about `postgresql.ssl`
* added DB_SSL_CA
* added postgressql.ca note
* Update values.yaml
added more PostgresSQL details to values.yml
* Update values.yaml
* Update values.yaml
removed whitespace
* Update README.md
added ssl and ca notes
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* Update README.md
* docs: update README
Co-authored-by: Nicolas Giard <github@ngpixel.com>
pull/3770/head
Matt
3 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with
24 additions and
0 deletions
dev/helm/README.md
dev/helm/templates/deployment.yaml
dev/helm/values.yaml
@ -108,6 +108,8 @@ The following table lists the configurable parameters of the Wiki.js chart and t
| `postgresql.postgresqlHost` | External postgres host | `nil` |
| `postgresql.postgresqlPassword` | External postgres password | `nil` |
| `postgresql.postgresqlPort` | External postgres port | `5432` |
| `postgresql.ssl` | Enable external postgres SSL connection | `false` |
| `postgresql.ca` | Certificate of Authority path for postgres | `nil` |
| `postgresql.persistence.enabled` | Enable postgres persistence using PVC | `true` |
| `postgresql.persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` for postgres | `nil` |
| `postgresql.persistence.storageClass` | Postgres PVC Storage Class (example: `nfs` ) | `nil` |
@ -137,6 +139,8 @@ By default, PostgreSQL is installed as part of the chart.
To use an external PostgreSQL server, set `postgresql.enabled` to `false` and then set `postgresql.postgresqlHost` and `postgresql.postgresqlPassword` . The other options (`postgresql.postgresqlDatabase`, `postgresql.postgresqlUser` and `postgresql.postgresqlPort` ) may also want changing from their default values.
To use an SSL connection you can set `postgresql.ssl` to `true` and if needed the path to a Certificate of Authority can be set using `postgresql.ca` to `/path/to/ca` . Default `postgresql.ssl` value is `false` .
You also need to add the follow Helm template to your deployment:
```yaml
@ -38,6 +38,10 @@ spec:
value : {{ default "wiki" .Values.postgresql.postgresqlDatabase }}
- name : DB_USER
value : {{ default "wiki" .Values.postgresql.postgresqlUser }}
- name : DB_SSL
value : "{{ default " false " .Values.postgresql.ssl }}"
- name : DB_SSL_CA
value : "{{ default " " .Values.postgresql.ca }}"
- name : DB_PASS
valueFrom:
secretKeyRef:
@ -80,6 +80,22 @@ postgresql:
## Set to false if bringing your own PostgreSQL, and set secret value postgresql-uri.
##
enabled : true
## ssl enforce SSL communication with PostgresSQL
## Default to false
##
# ssl: false
## ca Certificate of Authority
## Default to empty, point to location of CA
##
# ca: "path to ca"
## postgresqlHost override postgres database host
## Default to postgres
##
# postgresqlHost: postgres
## postgresqlPort port for postgres
## Default to 5432
##
# postgresqlPort: 5432
## PostgreSQL fullname Override
## Default to wiki-postgresql unless fullname override is set for Chart
##