From fe164389c1d0e18808b3ff62c97c0a8fd0f42b5f Mon Sep 17 00:00:00 2001 From: Jamil Date: Sun, 15 Dec 2024 16:39:29 -0800 Subject: [PATCH] docs: Add instructions for connecting to Cloud SQL as the `firezone` user (#7527) This is needed to perform index surgery. --------- Signed-off-by: Jamil --- elixir/README.md | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/elixir/README.md b/elixir/README.md index d1964af61..58cf804cd 100644 --- a/elixir/README.md +++ b/elixir/README.md @@ -314,7 +314,7 @@ You can disable headless mode for the browser by adding to the acceptance test that you are running. -## Connecting to a staging or production instances +## Connecting to a staging or production instance We use Google Cloud Platform for all our staging and production infrastructure. You'll need access to this env to perform the commands below; to request access @@ -488,6 +488,25 @@ token: gcloud auth application-default login ``` +### Connecting to Cloud SQL instance as the `firezone` user + +Some operations like DROPing indexes to recreate them require you to connect as the table owner, which in our case is the `firezone` user. + +The password for this user is randomly generated by Terraform, so to connect as this user you need to obtain the password +from the Application configuration inside a running elixir container. + +First, [obtain an iex shell](#connecting-to-a-staging-or-production-instances), then view the password with: + +```elixir +Application.get_env(:domain, Domain.Repo) +``` + +Now, you can connect to the Cloud SQL instance as the `firezone` user: + +```bash +psql "host=localhost port=9000 sslmode=disable dbname=firezone user=firezone" +``` + ## Deploying ### Apply Terraform changes without deploying new containers