rbv/rbv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Switch database connections to mTLS auth on new server

Browse Source 
Unit files now use the direct mTLS connection string (no password) and
deploy script no longer extracts or injects a database password.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
rob thijssen
2026-04-21 19:00:59 +03:00
parent 60a1640327
commit cc69175b20
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
asset/systemd/rbv-caption@.service
View File

@@ -8,7 +8,7 @@ Environment=RUST_LOG=debug,ort=off,sqlx::query=off,hyper_util=off
ExecStart=/usr/local/bin/rbv-caption \
--model %i \
--model-dir /var/lib/rbv/models \
--database postgres://rbv:password@gramathea.kosherinata.internal:4432/rbv \
--database postgres://rbv@10.3.0.194:5432/rbv?sslmode=verify-full&sslrootcert=/etc/pki/ca-trust/source/anchors/root-internal.pem&sslcert=/etc/pki/tls/misc/%H.pem&sslkey=/etc/pki/tls/private/%H.pem \
--cdn-map /tank/data/rbv/vault=https://rbv.internal/vault \
--batch-size 100
Restart=always