chore: modified code to use self-signed ssl certificates

2025-05-10 18:53:05 +00:00 · 2025-04-19 01:20:58 -04:00 · 2025-04-19 01:20:58 -04:00 · a5b33da0fa
commit a5b33da0fa
parent d050976484
7 changed files with 89 additions and 7 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -8,11 +8,18 @@ services:
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: ${POSTGRES_DB}
    volumes:
+      - ./certs/psql-server.crt:/var/lib/postgresql/server.crt:ro
+      - ./certs/psql-server.key:/var/lib/postgresql/server.key:ro
      - postgres_data:/var/lib/postgresql/data
    ports:
-      - "5432:5432"
+      - '5432:5432'
+    command: >
+      postgres
+      -c ssl=on
+      -c ssl_cert_file=/var/lib/postgresql/server.crt
+      -c ssl_key_file=/var/lib/postgresql/server.key
    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
+      test: ['CMD-SHELL', 'pg_isready -U ${POSTGRES_USER}']
      interval: 10s
      timeout: 5s
      retries: 5
@ -23,13 +30,23 @@ services:
    image: valkey/valkey:8-alpine
    container_name: valkey
    restart: always
-    command: ["valkey-server", "--requirepass", "${VALKEY_PASSWORD}"]
    ports:
-      - "6379:6379"
+      - '6379:6379'
    volumes:
+      - ./certs/cache-server.crt:/certs/server.crt:ro
+      - ./certs/cache-server.key:/certs/server.key:ro
+      - ./certs/cache-ca.crt:/certs/ca.crt:ro
      - valkey_data:/data
+    command: >
+      valkey-server
+      --requirepass ${VALKEY_PASSWORD}
+      --tls-port 6379
+      --port 0
+      --tls-cert-file /certs/server.crt
+      --tls-key-file /certs/server.key
+      --tls-ca-cert-file /certs/ca.crt
    healthcheck:
-      test: ["CMD", "valkey-cli", "-a", "${VALKEY_PASSWORD}", "ping"]
+      test: ['CMD', 'valkey-cli', '-a', '${VALKEY_PASSWORD}', 'ping']
      interval: 10s
      timeout: 5s
      retries: 5