Database with TLS

[someonewating]

Hi there. I'm trying to connect the database that managed by Azure. The container of immich is running on my local machine, thus, I think it's necessary to configure an SSL connection.
I'm not familiar with the backend. Does anyone would like to tell me how to set up the ssl connection between the server and the database? I have the root ca certification, I just don't know how to make it works.
Thanks in advance.

[martabal]

Hello, it appears that you need to use the environment variable DB_URL in order to establish a SSL connection to your database. Once PR #135 is merged, you will be able to do so. For instructions on setting up your SSL connection, please refer to immich-app/immich#902 and immich-app/immich#3135. I'm unable to provide much assistance since I have never setup a SSL connection for postgres.

[someonewating]

Hello, it appears that you need to utilize the environment variable DB_URL in order to establish an SSL connection to your database. Once PR #135 is merged, you will be able to do so. For instructions on setting up your SSL connection, please refer to immich-app/immich#902 and immich-app/immich#3135. I'm unable to provide much assistance since I have never setup a SSL connection for postgres.

Thanks for your reply. I'll check it.😃

[martabal]

@someonewating, it's merged you can use it 😊

[someonewating]

@someonewating, it's merged you can use it 😊

Yeah I just found it's already implemented. Thank you very much to remind me.

[someonewating]

@someonewating, it's merged you can use it 😊

BTW, I'm exploring the Dockerfile. I found the container is using s6-rc to initialize several services. I tried to add a directory in the root directory with run, type, and up files, but it doesn't work. Do you know the possible reason? Didi I missed something. Thank you.

[martabal]

Before or after you built the image ?

[someonewating]

before. I added those things in root directory, then I run docker build ..

[martabal]

Did you add your new service in user/contents.d too ?

[someonewating]

Did you add your new service in user/contents.d too ?

I'm afraid not. Do I need to add it in user/contents.d as well?

[martabal]

If this is a custom service just for you, the easiest solution would be to place your script in custom-services.d,

[martabal]

I'm afraid not. Do I need to add it in user/contents.d as well?

Yes !

[someonewating]

I'm afraid not. Do I need to add it in user/contents.d as well?

Yes !

I see. Thank you for all of your help!❤

[martabal]

No problem, don't hesitate to open a new issue if you have another question / issue 😊

[someonewating]

No problem, don't hesitate to open a new issue if you have another question / issue 😊

Hi @martabal , everything is fine for me now. I just want to remind you and anyone else trying to use DB_URL that you need to modify check_var() in root/etc/s6-overlay/s6-rc.d/init-check-variables/run to pass the check.

[martabal]

@someonewating, well not anymore since #135 is merged and released. You just have to remove DB_HOSTNAME, DB_USERNAME, DB_PASSWORD and DB_DATABASE_NAME envs and replace them by DB_URL.

[martabal]

if DB_URL is set, it won't check if those envs are set

[someonewating]

@someonewating, well not anymore since #135 is merged and released. You just have to remove DB_HOSTNAME, DB_USERNAME, DB_PASSWORD and DB_DATABASE_NAME envs and replace them by DB_URL.

Wow, you guys updated so fast. I pulled the repo one day ago. Thank you for your brilliant work.😃

[martabal]

Thank you for your kind words, we do everything we can to provide the best AIO image possible 😄