pg-boss can't find certificates
Hey!
I'm trying to connect my app to an RDS db:
DATABASE_URL="postgres://user:[email protected]/databaseb?ssl=true&sslmode=verify-full&sslrootcert=~/certs/global-bundle.pem"
Notice the sslrootcert=~/certs/global-bundle.pem" which points at a folder with AWS SSL certificates.
Running wasp db migrate-dev works great. I can successfully connect to the AWS db.
Running wasp start does not work due to:
Initially I tried to set /certs in my project directory and that failed for the same reason. I though pg-boss was initializing from a weird path so I tried to move it to ~/certs to be able to set an absolute path. Also didn't work.
My question is, why can't pg-boss find the path ~/certs? Is it running in a VM or something?3 Replies
Hi @Joaquim. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
Based on the information provided in the knowledge sources, I can offer some insights into your pg-boss connection issue with RDS.
It appears that pg-boss is having trouble locating the SSL certificate file you've specified. This could be due to how pg-boss interprets file paths or how it's executed within the Wasp environment.
Here are a few points to consider:
1. Wasp uses pg-boss for job execution, particularly for features like scheduled tasks or background jobs. Github Issue #1605 (https://github.com/wasp-lang/wasp/issues/1605)
2. When deploying to environments like Heroku that require SSL connections, Wasp documentation suggests setting a specific environment variable for pg-boss:
Wasp Deployment Docs (https://wasp-lang.dev/docs/advanced/deployment/manually#deploy-to-a-heroku-app)
3. The
~ symbol in file paths is typically expanded by the shell to represent the user's home directory. However, it's possible that pg-boss or the environment it runs in doesn't perform this expansion.
To troubleshoot this issue, you could try the following:
1. Use an absolute path instead of ~. For example: /home/yourusername/certs/global-bundle.pem
2. If you're running this in a production environment, you might want to consider using the approach similar to the Heroku deployment, where SSL options are specified directly in the connection string or environment variable.
3. You could also try setting the PG_BOSS_NEW_OPTIONS environment variable with your connection details, including the SSL options:
If these suggestions don't resolve the issue, it might be worth investigating how Wasp is executing pg-boss and in what environment or context it's running. Unfortunately, the provided knowledge sources don't give enough information to definitively answer why pg-boss can't find the path you've specified.
If you continue to face issues, you might want to reach out to the Wasp community or maintainers for more specific guidance on using pg-boss with RDS and SSL certificates in your particular setup.
----------------------
Note: you can ask me a follow up question by @ mentioning me again :speech_balloon:
----------------------
Sorry @Joaquim, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist:
Perhaps try again in 15mins?It indeed might b eproblem with pgboss not resolving that path, have you tried using absolute path, did that help @Joaquim ?
Yesterday I was in "please god just let it deploy" mode so I don't remember exactly what worked and I don't want to redo the process right now.
I don't think I was able to pass the certificate to pg boss. Ended up setting
"ssl":{"rejectUnauthorized":false} in PG_BOSS_NEW_OPTIONS and removing the certs path from pgboss url connectionString.
So now I have ssl in my webapp connection to my db but pgboss, that also runs in the same machine, doesn't:p
Need to fix that when I have the time.