Postgresql SSL configuration

ℹ️ Support
,
1

Hello,

I need to install Nextcloud on a remote database on my Patroni cluster, which only accepts SSL connections.

I have of course configured my empty Nextcloud database and my certificates.
The direct connection with the PostgreSQL client and the certificates/passwords works from the Nextcloud server.

But I am having difficulty passing the certificates with the Nextcloud configuration.
I have looked at the documentation, but the SSL configuration on PostgreSQL is not documented.

Saw a few rare comments from people saying that everything has to be passed through ‘dbhost’.
I tried that, without success, I also tried ‘dbdriversoptions’ with PDO, also without success.

I have reached the end of what I can try to do to solve this.

Important note:
I was able to install Nextcloud manually by entering the necessary parameters in the command:

sudo -u www-data bash -c 'export PGSSLMODE=verify-ca; export PGSSLCERT=/etc/ssl/internal/nextcloud.crt; export PGSSLKEY=/etc/ssl/internal/nextcloud.key; export PGSSLROOTCERT=/etc/ssl/internal/chain.pem; php -d error_reporting=E_ALL -d display_errors=1 -d memory_limit=1024M -d max_execution_time=300 occ maintenance:install --database "pgsql" --database-host "database.lplineage.internal:5432" --database-name "nextcloud_db" --database-user "nextcloud" --database-pass "mypassword" --admin-user "adm" --admin-pass "mypassword" --data-dir "/mnt/nextcloud-data" --verbose 2>&1 | tee /mnt/nextcloud-data/install.log'

My config.php :

<?php
$CONFIG = array (
  'dbtype' => 'pgsql',
  'dbhost' => 'database.domain:5432;sslmode=verify-ca;sslcert=/etc/ssl/internal/nextcloud.crt;sslkey=/etc/ssl/internal/nextcloud.key;sslrootcert=/etc/ssl/internal/chain.pem',
  'dbname' => 'nextcloud_db',
  'dbuser' => 'nextcloud',
  'dbpassword' => 'pw',
  'dbtableprefix' => 'oc_',
  'datadirectory' => '/mnt/nextcloud-data',
  'overwrite.cli.url' => 'https://nextcloud.lplineage.com',
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'instanceid' => 'ocquv9hu0stc',
  'passwordsalt' => 'pwsalted',
  'secret' => 'mysecret',
  'trusted_domains' =>
  array (
    0 => 'localhost',
  ),
  'trusted_domains' =>
  array (
    0 => 'localhost',
    1 => 'nextcloud.domain',
  ),
  'version' => '31.0.8.1',
  'dbport' => '',
  'installed' => true,
  'maintenance' => false,
);

Logs :
Failed to connect to the database: An exception occurred in the driver: SQLSTATE[08006] [7] connection to server at \"database.domain\" (192.168.30.230), port 5432 failed: SSL error: tlsv13 alert certificate required",

Thanks a lot for your help !