Skip to content

Commit 9e228f6

Browse files
mafredrimafredri
authored
Merge branch 'main' into mafredri/feat-coderd-add-user-latency-and-insights-endpoints
2 parents 7fd13df + 539fcf9 commit 9e228f6

File tree

2 files changed

+37
-0
lines changed

2 files changed

+37
-0
lines changed

coderd/util/tz/tz_test.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,10 @@ func Test_TimezoneIANA(t *testing.T) {
3131
// Not all Linux operating systems are guaranteed to have localtime!
3232
t.Skip("localtime doesn't exist!")
3333
}
34+
if runtime.GOOS == "windows" {
35+
// This test can be flaky on some Windows runners :(
36+
t.Skip("This test is flaky under Windows.")
37+
}
3438
oldEnv, found := os.LookupEnv("TZ")
3539
if found {
3640
require.NoError(t, os.Unsetenv("TZ"))

docs/install/kubernetes.md

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -179,6 +179,39 @@ In certain enterprise environments, the [Azure Application Gateway](https://lear
179179
- Websocket traffic (required for workspace connections)
180180
- TLS termination
181181

182+
## PostgreSQL Certificates
183+
184+
Your organization may require connecting to the database instance over SSL. To supply
185+
Coder with the appropriate certificates, and have it connect over SSL, follow the steps below:
186+
187+
1. Create the certificate as a secret in your Kubernetes cluster, if not already present:
188+
189+
```console
190+
$ kubectl create secret tls postgres-certs -n coder --key="postgres.key" --cert="postgres.crt"
191+
```
192+
193+
1. Define the secret volume and volumeMounts in the Helm chart:
194+
195+
```yaml
196+
coder:
197+
volumes:
198+
- name: "pg-certs-mount"
199+
secret:
200+
secretName: "postgres-certs"
201+
volumeMounts:
202+
- name: "pg-certs-mount"
203+
mountPath: "$HOME/.postgresql"
204+
readOnly: true
205+
```
206+
207+
1. Lastly, your PG connection URL will look like:
208+
209+
```console
210+
postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=require&sslcert=$HOME/.postgresql/postgres.crt&sslkey=$HOME/.postgresql/postgres.key"
211+
```
212+
213+
> More information on connecting to PostgreSQL databases using certificates can be found [here](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).
214+
182215
## Upgrading Coder via Helm
183216

184217
To upgrade Coder in the future or change values,

0 commit comments

Comments
 (0)