github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
69335153cedb0328116a51ae27ffc57afa00e97b
firezone/www/docs/deploy/advanced/external-database.mdx
Jamil 69335153ce Remove docs.firezone.dev CNAME (#1418) 
This corresponds to step (1) of #1417
2023-02-09 15:19:19 -08:00

87 lines
9.4 KiB
Plaintext
Raw Blame History

---
title: Custom External Database
sidebar_position: 2
---
Firezone uses [Postgresql DB](https://postgresql.org) as its primary data store.
## Compatibility
Firezone should work fine on Postgres versions 12 and above, but we recommend
using the latest stable version whenever possible. If you find an issue with
your particular version of Postgres, [please open a GitHub issue
](https://github.com/firezone/firezone/issues).
In general, Firezone should also work fine using external Postgres-based
database services like Amazon RDS. See the [configuration
](#configure-firezone-to-connect) section below for more information configuring
Firezone with an external DB.
:::warning
Configuring Firezone to use an external database can be complicated and
error-prone. We recommend using the bundled Postgres for Omnibus-based
deployments or the official Postgres Docker image for Docker-based deployments
if possible.
:::
:::info
Need help deploying or maintaining Firezone with an external database? Consider
[contacting us about our Enterprise Plan](https://www.firezone.dev/contact/sales?utm_source=docs.firezone.dev) for
recommended configurations, white-glove deployment assistance, and more.
:::
## Configure Firezone to Connect
<Tabs>
<TabItem value="docker" label="Docker" default>
The Firezone Docker image uses the following environment
variables to connect to the DB (fields in bold required):
| Name | Description | Format | Default |
| --- | --- | --- | --- |
| **`DATABASE_ENCRYPTION_KEY`** | The base64-encoded symmetric encryption key used to encrypt and decrypt sensitive fields. | base64-encoded String | None -- must be generated on install |
| `DATABASE_HOST` | Database host | IP or hostname | `postgres` |
| `DATABASE_PORT` | Database port | Integer | `5432` |
| `DATABASE_NAME` | Name of database | String | `firezone` |
| `DATABASE_USER` | User | String | `postgres` |
| `DATABASE_PASSWORD` | Password | String | `postgres` |
| `DATABASE_POOL` | Size of the Firezone connection pool | Integer | `10` |
| `DATABASE_SSL` | Whether to connect to the database over SSL | Boolean | `false` |
| `DATABASE_SSL_OPTS` | Map of options to send to the `:ssl_opts` option when connecting over SSL. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options) | JSON-encoded String | `{}` |
| `DATABASE_PARAMETERS` | Map of parameters to send to the `:parameters` option when connecting to the database. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). | JSON-encoded String | `{}` |
For more information, see the [environment variable reference
](/reference/env-vars/).
:::note
The official `postgres` docker image can be configured by setting
environment variables for the container. See the Postgres image
[documentation](https://hub.docker.com/_/postgres) for more details.
:::
</TabItem>
<TabItem value="omnibus" label="Omnibus">
The following configuration options are used to configure the bundled Postgres
for Omnibus-based deployments:
| Config Key | Description | Default |
| --- | --- | --- |
| `default['firezone']['database']['user']` | Specifies the username Firezone will use to connect to the DB. | `node['firezone']['postgresql']['username']` |
| `default['firezone']['database']['password']` | If using an external DB, specifies the password Firezone will use to connect to the DB. | `'change_me'` |
| `default['firezone']['database']['name']` | Database that Firezone will use. Will be created if it doesn't exist. | `'firezone'` |
| `default['firezone']['database']['host']` | Database host that Firezone will connect to. | `node['firezone']['postgresql']['listen_address']` |
| `default['firezone']['database']['port']` | Database port that Firezone will connect to. | `node['firezone']['postgresql']['port']` |
| `default['firezone']['database']['pool']` | Database pool size Firezone will use. | `[10, Etc.nprocessors].max` |
| `default['firezone']['database']['ssl']` | Whether to connect to the database over SSL. | `false` |
| `default['firezone']['database']['ssl_opts']` | Hash of options to send to the `:ssl_opts` option when connecting over SSL. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). | `{}` |
| `default['firezone']['database']['parameters']` | Hash of parameters to send to the `:parameters` option when connecting to the database. See [Ecto.Adapters.Postgres documentation](https://hexdocs.pm/ecto_sql/Ecto.Adapters.Postgres.html#module-connection-options). | `{}` |
| `default['firezone']['database']['extensions']` | Database extensions to enable. | `{ 'plpgsql' => true, 'pg_trgm' => true }` |
For more details, see the [configuration file reference
](/reference/configuration-file/).
</TabItem>
</Tabs>
Reference in New Issue View Git Blame Copy Permalink