Hello, I’m working on automation of GNU Health (based on Tryton) and I’m testing how to separate the DB and what best practices could be fulfilled.
When PostgreSQL and Tryton are on different systems one could want to have certificate based access from Tryton. Is there an option for this in Tryton?
Seems like underneath it’s necessary to pass sslrootcert, sslcert & sslkey to psycopg, but if it’s possible without touching the code it would be better of course.
Any help would be much appreciated!
PS: Using GH 3.8/Tryton 5.x and Ubuntu 20.04 for the moment, gonna continue with openSUSE Leap, Debian and GH 4.0/Tryton 6 when it’s ready
I don’t think it is, but I might be wrong. However, you might find this interesting: PostgreSQL supports URI formatted connection strings (#4763) · Issues · Tryton / Tryton · GitLab
I think that since trytond: f1ee858677a7 it should not be difficult to create a backend derived from the postgresql one that supports more parameters.
Thanks a lot for the fast replies!
Just to know if my understanding is right:
I could try to extend the main configuration file by those parameters, then extend “def _connection_params(cls, name):” in psql/database.py by getting those using config.get(…), putting it in the dictionary params, restart and hopefully that’s it? (apart from actually having the certificates and psql configuration)