Postgres with SSL works, but disappears when production.yaml is rendered

I have found that a postgres DB that requires SSL will work if I append the following to temporal/production.yaml persistence->datastores sql entries

tls:
  enabled: true

However certain actions seen to re-create production.yaml and these lines disappear. So I have to manually add them to again to get the temporal worker working.

I’ve dug around in the docs and I’m finding nothing on either how to select SSL for the db connection, nor on what is rendering the production.yaml…

Oh duh, checked GitHub and sure enough there’s no options for TLS here maas/src/maasserver/templates/temporal/production.yaml.template at master · canonical/maas · GitHub

Seems like a very simple fix :man_shrugging: I’d open an issue but they are disabled on github.

Hi @jorhett

Indeed there is a known issue that currently doesn’t allow to use MAAS with PostgreSQL using TLS. We might improve the situation for the upcoming 3.7.

However certain actions seen to re-create production.yaml and these lines disappear.

We didn’t want to expose any complexity related to Temporal, hence that configuration file is crafted when regiond re/starts.

In theory you can adjust production.yaml.template file and set the desired value there