Postgres (CockroachDB) with full certificate verification (#7076)

* Postgres (CockroachDB) with full certificate verification

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* remove duplicated comments

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

1 files changed, 12 insertions, 0 deletions

diff --git a/weed/command/scaffold/filer.toml b/weed/command/scaffold/filer.toml
index 24aeacef3..e828f65d7 100644
--- a/weed/command/scaffold/filer.toml
+++ b/weed/command/scaffold/filer.toml
@@ -111,6 +111,12 @@ password = ""
 database = "postgres"          # create or use an existing database
 schema = ""
 sslmode = "disable"
+# SSL certificate options for secure connections
+# For sslmode=verify-full, uncomment and configure the following:
+# sslcert = "/path/to/client.crt"     # client certificate file
+# sslkey = "/path/to/client.key"      # client private key file
+# sslrootcert = "/path/to/ca.crt"     # CA certificate file
+# sslcrl = "/path/to/client.crl"      # Certificate Revocation List (CRL) (optional)
 connection_max_idle = 100
 connection_max_open = 100
 connection_max_lifetime_seconds = 0
@@ -142,6 +148,12 @@ password = ""
 database = "postgres"          # create or use an existing database
 schema = ""
 sslmode = "disable"
+# SSL certificate options for secure connections
+# For sslmode=verify-full, uncomment and configure the following:
+# sslcert = "/path/to/client.crt"     # client certificate file
+# sslkey = "/path/to/client.key"      # client private key file
+# sslrootcert = "/path/to/ca.crt"     # CA certificate file
+# sslcrl = "/path/to/client.crl"      # Certificate Revocation List (CRL) (optional)
 connection_max_idle = 100
 connection_max_open = 100
 connection_max_lifetime_seconds = 0