diff options
| -rw-r--r-- | weed/command/scaffold/filer.toml | 12 | ||||
| -rw-r--r-- | weed/filer/postgres/postgres_store.go | 18 | ||||
| -rw-r--r-- | weed/filer/postgres2/postgres2_store.go | 18 |
3 files changed, 46 insertions, 2 deletions
diff --git a/weed/command/scaffold/filer.toml b/weed/command/scaffold/filer.toml index 24aeacef3..e828f65d7 100644 --- a/weed/command/scaffold/filer.toml +++ b/weed/command/scaffold/filer.toml @@ -111,6 +111,12 @@ password = "" database = "postgres" # create or use an existing database schema = "" sslmode = "disable" +# SSL certificate options for secure connections +# For sslmode=verify-full, uncomment and configure the following: +# sslcert = "/path/to/client.crt" # client certificate file +# sslkey = "/path/to/client.key" # client private key file +# sslrootcert = "/path/to/ca.crt" # CA certificate file +# sslcrl = "/path/to/client.crl" # Certificate Revocation List (CRL) (optional) connection_max_idle = 100 connection_max_open = 100 connection_max_lifetime_seconds = 0 @@ -142,6 +148,12 @@ password = "" database = "postgres" # create or use an existing database schema = "" sslmode = "disable" +# SSL certificate options for secure connections +# For sslmode=verify-full, uncomment and configure the following: +# sslcert = "/path/to/client.crt" # client certificate file +# sslkey = "/path/to/client.key" # client private key file +# sslrootcert = "/path/to/ca.crt" # CA certificate file +# sslcrl = "/path/to/client.crl" # Certificate Revocation List (CRL) (optional) connection_max_idle = 100 connection_max_open = 100 connection_max_lifetime_seconds = 0 diff --git a/weed/filer/postgres/postgres_store.go b/weed/filer/postgres/postgres_store.go index 0c02f0726..568096b0b 100644 --- a/weed/filer/postgres/postgres_store.go +++ b/weed/filer/postgres/postgres_store.go @@ -35,13 +35,17 @@ func (store *PostgresStore) Initialize(configuration util.Configuration, prefix configuration.GetString(prefix+"database"), configuration.GetString(prefix+"schema"), configuration.GetString(prefix+"sslmode"), + configuration.GetString(prefix+"sslcert"), + configuration.GetString(prefix+"sslkey"), + configuration.GetString(prefix+"sslrootcert"), + configuration.GetString(prefix+"sslcrl"), configuration.GetInt(prefix+"connection_max_idle"), configuration.GetInt(prefix+"connection_max_open"), configuration.GetInt(prefix+"connection_max_lifetime_seconds"), ) } -func (store *PostgresStore) initialize(upsertQuery string, enableUpsert bool, user, password, hostname string, port int, database, schema, sslmode string, maxIdle, maxOpen, maxLifetimeSeconds int) (err error) { +func (store *PostgresStore) initialize(upsertQuery string, enableUpsert bool, user, password, hostname string, port int, database, schema, sslmode, sslcert, sslkey, sslrootcert, sslcrl string, maxIdle, maxOpen, maxLifetimeSeconds int) (err error) { store.SupportBucketTable = false if !enableUpsert { @@ -63,6 +67,18 @@ func (store *PostgresStore) initialize(upsertQuery string, enableUpsert bool, us if sslmode != "" { sqlUrl += " sslmode=" + sslmode } + if sslcert != "" { + sqlUrl += " sslcert=" + sslcert + } + if sslkey != "" { + sqlUrl += " sslkey=" + sslkey + } + if sslrootcert != "" { + sqlUrl += " sslrootcert=" + sslrootcert + } + if sslcrl != "" { + sqlUrl += " sslcrl=" + sslcrl + } if user != "" { sqlUrl += " user=" + user } diff --git a/weed/filer/postgres2/postgres2_store.go b/weed/filer/postgres2/postgres2_store.go index 4f063ad19..135bd54c4 100644 --- a/weed/filer/postgres2/postgres2_store.go +++ b/weed/filer/postgres2/postgres2_store.go @@ -40,13 +40,17 @@ func (store *PostgresStore2) Initialize(configuration util.Configuration, prefix configuration.GetString(prefix+"database"), configuration.GetString(prefix+"schema"), configuration.GetString(prefix+"sslmode"), + configuration.GetString(prefix+"sslcert"), + configuration.GetString(prefix+"sslkey"), + configuration.GetString(prefix+"sslrootcert"), + configuration.GetString(prefix+"sslcrl"), configuration.GetInt(prefix+"connection_max_idle"), configuration.GetInt(prefix+"connection_max_open"), configuration.GetInt(prefix+"connection_max_lifetime_seconds"), ) } -func (store *PostgresStore2) initialize(createTable, upsertQuery string, enableUpsert bool, user, password, hostname string, port int, database, schema, sslmode string, maxIdle, maxOpen, maxLifetimeSeconds int) (err error) { +func (store *PostgresStore2) initialize(createTable, upsertQuery string, enableUpsert bool, user, password, hostname string, port int, database, schema, sslmode, sslcert, sslkey, sslrootcert, sslcrl string, maxIdle, maxOpen, maxLifetimeSeconds int) (err error) { store.SupportBucketTable = true if !enableUpsert { @@ -68,6 +72,18 @@ func (store *PostgresStore2) initialize(createTable, upsertQuery string, enableU if sslmode != "" { sqlUrl += " sslmode=" + sslmode } + if sslcert != "" { + sqlUrl += " sslcert=" + sslcert + } + if sslkey != "" { + sqlUrl += " sslkey=" + sslkey + } + if sslrootcert != "" { + sqlUrl += " sslrootcert=" + sslrootcert + } + if sslcrl != "" { + sqlUrl += " sslcrl=" + sslcrl + } if user != "" { sqlUrl += " user=" + user } |