The connection string is unique to the Worker you call it in and can’t be used outside Hyperdrive or
The connection string is unique to the Worker you call it in and can’t be used outside Hyperdrive or your account, so it can’t be leaked. cc @thomasgauvin for docs here.
17 Replies
What Matt said, the Hyperdrive ID and your connection string are not secrets. Also, if the underlying secrets (password/client secret) were leaked, those can be updated either via Wrangler or API, so you don't need to make a whole new Hyperdrive if it isn't convenient.
What would be the process if you need to rotate because you are switching providers(or for another reason)?
Just swap out the IDs?
At some point it's probably easiest to make a new one for the new provider, and then just swap out the ID in wrangler.toml, yeah.
Howdy! Is there any type of logging viewable for hyperdrive private database tunnels? I have a postgresql server that is connectable directly via ssh port forwarding, via the tunnel established for hyperdrive
cloudflared access tcp, and of course on the machine itself. However, running the recommended test code (const sql = postgres(env.XXXX.connectionString);) results in a connection timeout with no further info provided. Thanks!Did anyone managed to connect a digital ocean manage postgres to a worker?
tried with both hyperdrive and none and it just times out, on my local it works perfectly
Yeah, that's the same issue to which I was referring in my thread yesterday (https://discord.com/channels/595317990191398933/1150557986239021106/1291466735475490938) - I was building a full-stack in Workers Pages and the local hyperdrive dev connection worked OK, but the hyperdrive private connection seemed to be unable to talk to the tunnel, timing out in the process. I had a very productive chat with @AJR, who is looking into the issue
May or may not be the same issue. Is the DO connection behind a tunnel? Or publicly accessible?
Is there a better channel for asking questions specific to Tunnels? I'm having a connectivity issue setting up my database, but believe I've isolated it to the Tunnel.
I followed the instructions at https://developers.cloudflare.com/hyperdrive/configuration/connect-to-private-database/ and wanted to test database connectivity, so I allowed myself through the Access Application, and am receiving connection timeout errors while trying to connect directly from pgAdmin.
Cloudflare Docs
Connect to a private database using Tunnel | Hyperdrive
Hyperdrive can securely connect to your private databases using Cloudflare Tunnel and Cloudflare Access.
If the questions are specifically about Hyperdrive through a tunnel this is the channel. Have you had a chance to look through some of the debugging points in this thread?
https://discord.com/channels/595317990191398933/1291466735475490938
I read about the logging there, and found that no logs were being generated by my connection attempts.
Okay. If you DM me your hyperdrive ID, I'll dig a bit when I'm back in office Monday and see what I can turn up
Thank you! I'll try to do a bit more troubleshooting this weekend, and will send that over if it doesn't work.
public accessible: here you have a reproduction if it helps: https://discord.com/channels/595317990191398933/1292077844259668018
I disabled hyperdrive for the reproduction, the the issue is the same (with/without hyperdrive)
If hyperdrive is out of the equation it gets harder for me to help with that, I'm afraid. I'll ask internally on Monday and see if anyone on some of the other dev platform teams knows something about it
Hey everyone, cross post here from the Rust channel and wondering if anyone can help.
Is anyone else using Rust alongside a Postgres database with Hyperdrive? I'm getting some weird intermittent connection issues, that is like either the worker can't connect or is timing out. I'm wondering if it's something to do with this background work happening and the connection not quite being ready.
