I have found that a postgres DB that requires SSL will work if I append the following to temporal/production.yaml
persistence->datastores sql
entries
tls:
enabled: true
However certain actions seen to re-create production.yaml
and these lines disappear. So I have to manually add them to again to get the temporal worker working.
I’ve dug around in the docs and I’m finding nothing on either how to select SSL for the db connection, nor on what is rendering the production.yaml…
Oh duh, checked GitHub and sure enough there’s no options for TLS here maas/src/maasserver/templates/temporal/production.yaml.template at master · canonical/maas · GitHub
Seems like a very simple fix
I’d open an issue but they are disabled on github.
Hi @jorhett
Indeed there is a known issue that currently doesn’t allow to use MAAS with PostgreSQL using TLS. We might improve the situation for the upcoming 3.7.
However certain actions seen to re-create production.yaml
and these lines disappear.
We didn’t want to expose any complexity related to Temporal, hence that configuration file is crafted when regiond
re/starts.
In theory you can adjust production.yaml.template
file and set the desired value there