mirror of
https://github.com/Dokploy/templates.git
synced 2026-07-10 00:15:28 +02:00
fix(engram): use static internal Postgres password in DSN
The template helper's ${password:N} can emit URL-reserved characters
(!@#$%^&*), which corrupt ENGRAM_DATABASE_URL while Postgres receives
the raw password, causing intermittent connection failures on first
deploy. Postgres is not exposed (internal network only), so a static
internal password is safe and matches the convention used by the
umami and documenso templates. Real secrets (JWT, cloud token, admin
token) remain randomly generated.
This commit is contained in:
@@ -5,7 +5,7 @@ services:
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
POSTGRES_USER: engram
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
|
||||
POSTGRES_PASSWORD: engram
|
||||
POSTGRES_DB: engram_cloud
|
||||
volumes:
|
||||
- engram-postgres:/var/lib/postgresql/data
|
||||
@@ -22,7 +22,7 @@ services:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
environment:
|
||||
ENGRAM_DATABASE_URL: ${ENGRAM_DATABASE_URL}
|
||||
ENGRAM_DATABASE_URL: postgres://engram:engram@postgres:5432/engram_cloud?sslmode=disable
|
||||
ENGRAM_JWT_SECRET: ${ENGRAM_JWT_SECRET}
|
||||
ENGRAM_CLOUD_TOKEN: ${ENGRAM_CLOUD_TOKEN}
|
||||
ENGRAM_CLOUD_ADMIN: ${ENGRAM_CLOUD_ADMIN}
|
||||
|
||||
@@ -1,14 +1,11 @@
|
||||
[variables]
|
||||
main_domain = "${domain}"
|
||||
pg_password = "${password:32}"
|
||||
jwt_secret = "${password:64}"
|
||||
cloud_token = "${password:48}"
|
||||
admin_token = "${password:48}"
|
||||
|
||||
[config]
|
||||
env = [
|
||||
"POSTGRES_PASSWORD=${pg_password}",
|
||||
"ENGRAM_DATABASE_URL=postgres://engram:${pg_password}@postgres:5432/engram_cloud?sslmode=disable",
|
||||
"ENGRAM_JWT_SECRET=${jwt_secret}",
|
||||
"ENGRAM_CLOUD_TOKEN=${cloud_token}",
|
||||
"ENGRAM_CLOUD_ADMIN=${admin_token}",
|
||||
|
||||
Reference in New Issue
Block a user