linus625
linus625
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
Nice!
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Wasp app behind reverse proxy does not request correct server url
Mysteriously, this is not an issue now, after having upgrading my db to certificate based authentication with a custom ca. That was another rabbit hole though. You can read about that here: https://discord.com/channels/686873244791210014/1360545905362866226
11 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Wasp app behind reverse proxy does not request correct server url
Will try again.
11 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
So making that smoother from the wasp interface would be nice.
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
pgboss on the other hand, want a root certificate (if not defined by node or system) a client certificate and a client key to be provided to it (see above).
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
For example, the prisma-specific-argument sslaccept is picked up in dev, but blocks prisma from finding prisma-specific-arguments sslcert and sslidentity in production.
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
As one way of making this less obscure, because I just now realized some of the DATABASE_URL arguments are not picked up by prisma, but some are which is obviously very confusing.
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
Ideally we would setup db connection properties generally via environment variables and let wasp handle DATABASE_URL internally (if needed). It could be backwards compatible by not defining DATABASE_URL and that would tell wasp to look for other environment vars.
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
I get it to connect properly with this code in pgBoss.ts let pgBossNewOptions = { connectionString: config.databaseUrl.split('?').at(0), ssl: (env.PG_ROOTCERT && env.PG_CLIENTCERT && env.PG_CLIENTKEY) ? { rejectUnauthorized: true, ca: fs.readFileSync(env.PG_ROOTCERT), cert: fs.readFileSync(env.PG_CLIENTCERT), key: fs.readFileSync(env.PG_CLIENTKEY) } : false, max: 20, // number of allowed simultaneous connections application_name: 'wasp-pgboss' }; In combination with working certs in the paths (with 600/644 permissions and user access) provided via the new environment variables.
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Using ssl cert references in DATABASE_URL leads to pgBoss requiring custom cert env data
Pg boss expects base64 encoded cert data in the variables ssl.ca, ssl.cert and ssl.key in the json structure that must be set in the environment variable PG_BOSS_NEW_OPTIONS, (including the connectionString set to DATABASE_URL without the prisma specific ssl arguments). This is not secure or preferable from a workflow perspective. What would be preferable is to be able to provide paths to the cert files and settings to other configurable parameters of pgBoss, just like prisma expects.
16 replies
WWasp
Created by linus625 on 4/12/2025 in #đŸ™‹questions
Wasp app behind reverse proxy does not request correct server url
Yes, that is why I do this when building the web-app: "RUN cd .wasp/build/web-app && npm install && REACT_APP_API_URL=${SERVER_URL} npm run build "
11 replies
WWasp
Created by Wlski on 9/5/2024 in #đŸ™‹questions
Nginx ssl certificates broke client/server communication?
I just read through this convo because I have similar requirements. The problem is you don't want to expose the nodejs server port, but only allow access to the api via static web files/typescript etc. I've had some issues with getting this to work, mostly related to docker complexity, but it works at last. One thing I noticed is the nodejs server port seems to be hardcoded to 3001 on production builds because I've wanted to be able to have dev, qa and production builds running on the same node but on different ports (to be able to confirm functionality without going live etc). But it doesn't work (for me). Anyone with similar issues?
28 replies
WWasp
Created by linus625 on 3/10/2025 in #đŸ™‹questions
email verification
Most of the problems relate to integestion with external systems, so not really except more documentation for .env.server. Half of the issues I get is typescript related and it took a while to understand the function of wasp compared to nodejs. Do what you will with this.
14 replies
WWasp
Created by linus625 on 3/10/2025 in #đŸ™‹questions
email verification
Thanks. I got it working after using a new email while also setting the SKIP_EMAIL_VERIFICATION_IN_DEV=true and restarting wasp completely.
14 replies
WWasp
Created by linus625 on 3/10/2025 in #đŸ™‹questions
email verification
@kapa.ai where do I see the log?
14 replies