admin: Database Preparation #167
Preview ready: https://forgejo.codeberg.page/@pull_167/
https://forgejo.codeberg.page/@pull_167/docs/v1.19/admin/database-preparation/ looks ok and is linked from the TOC
@ -0,0 +27,4 @@
Enter the password as prompted.
3. Create database user which will be used by Forgejo, authenticated by password. This example uses `'forgejo'` as password. Please use a secure password for your instance.
By choosing this password it is not obvious which value represents the user and which the password in the code examples below.
@ -0,0 +167,4 @@
- You need two valid TLS certificates, one for the database instance (database server) and one for the Forgejo instance (database client). Both certificates must be signed by a trusted CA.
- The database certificate must contain `TLS Web Server Authentication` in the `X509v3 Extended Key Usage` extension attribute, while the client certificate needs `TLS Web Client Authentication` in the corresponding attribute.
- On the database server certificate, one of `Subject Alternative Name` or `Common Name` entries must be the fully-qualified domain name (FQDN) of the database instance (e.g. `db.example.com`). On the database client certificate, one of the entries mentioned above must contain the database username that Forgejo will be using to connect.
Isn't the dot at the end required for a FQDN?
I fail to see it in the example.
It is not required.
@ -0,0 +205,4 @@
hostssl forgejodb forgejo 192.0.2.10/32 scram-sha-256 clientcert=verify-full
```
For PostgreSQL 11 and earlier:
Do we need that „and earlier" here?
According to https://www.postgresql.org/support/versioning/ only v11 is still supported.
One tiny update then this should be good to go.
@ -0,0 +240,4 @@
### MySQL
While the MySQL driver used by Forgejo also supports two-way TLS, Forgejo currently supports only one-way TLS. See issue #10828 for details.
The issue link must be adapted to point to GitHub here.
Good catch, fixed.
Addressed two review comments and moved two others to a separate issue to improve the content of this page since this PR is about importing it rather than improve it.
Is that ok?
a59bbfa57e
6d5aba5381
Safe enough.
No due date set.
No dependencies set.
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?