Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1hgTVF-0007n8-6Z for pgadmin-hackers@arkaria.postgresql.org; Thu, 27 Jun 2019 12:27:49 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.89) (envelope-from ) id 1hgTVD-0007gO-6D for pgadmin-hackers@arkaria.postgresql.org; Thu, 27 Jun 2019 12:27:47 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1hgTVC-0007gH-T5 for pgadmin-hackers@lists.postgresql.org; Thu, 27 Jun 2019 12:27:47 +0000 Received: from mail-wm1-x32a.google.com ([2a00:1450:4864:20::32a]) by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1hgTV6-0003ue-Kw for pgadmin-hackers@lists.postgresql.org; Thu, 27 Jun 2019 12:27:46 +0000 Received: by mail-wm1-x32a.google.com with SMTP id s3so5542590wms.2 for ; Thu, 27 Jun 2019 05:27:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=TpotBMlPQCchdDQC84kSOy9NsVwrVPS0m2jjHuP/ElY=; b=PmBOBWvH1377CGfDtWg2pTx7j1GVS228YAjAWnbvUrHEcPaCNgCslzL1gn5L9/hd8q O1rIR3XOeqdFNocLsgmfgl4RoMEL/hNCF9JYSAnawW6dgN3BIXKDkhAyeI6z0dvGqwSK VgCQtQ36GFqbaifrSvHiDWR9atWKcF47u/Ke4mE3haYwFW/ew0FsJVrzlBPEbY6zRlm5 sB2q3YrUpwhxenXokXEDpKz11Wm/E8EaFqOdtuIVeTzucenlOYkMFb9W5BqSTPDNCT+k 5GVJsAx3hdcYc875kvVBgm9GrTPEBxbM6L4YJFnnRfnhMVY9lLQsVJ0iUOOiJflo1nld H+aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=TpotBMlPQCchdDQC84kSOy9NsVwrVPS0m2jjHuP/ElY=; b=fW9UcdKKg5M/Lc3cD1jDV3PVYTTJpXDYNuM5tkJujBDvVM8YJ1uizA+HT+h5Pd+6UV 4qhKy1vIjx9wnqCfaTc7L0EivYMCmCS072rr7fPfhoO+vvxu14j5jWJkLqd6JNu3Gjbi Y54wDpktkreNdk4wZyQzqfGaJlBKMnDt7HlTIOW/u4SyWZfIiKtL8PHvJKO5kqjoIZk8 EB+90FAW9WZQaWvX0Orhy9UjnC7h4yIYRHSiG7LjaJl89E0VAXM8Ptd2TRQJ+FtRXtKl Wu4G4cjku50Ny/n5LjAHmoj1fMFCok8WeVmWNXl76hhSgyfe3QxW2Jiie2ZTAKdKaqzP gK3A== X-Gm-Message-State: APjAAAUTFikvsFICynQItjV5u5p3qDhbmNVbijCIvtesC3LRSJdzFg/H c/LBdNCnOrpQ+yQnXA1pjkKUc3fQ/rthXSLUslz5Jwg7 X-Google-Smtp-Source: APXvYqyJsSUecv6uI/yiL53buKhm4n3EPMtzZcqkfgntjWBpGf3/dgUqEq4ZpUxCm9fsEyZ7GFsjYFJYyae22K7QF6Y= X-Received: by 2002:a7b:cc97:: with SMTP id p23mr3223725wma.120.1561638458810; Thu, 27 Jun 2019 05:27:38 -0700 (PDT) MIME-Version: 1.0 From: Andrew Coleman Date: Thu, 27 Jun 2019 08:27:27 -0400 Message-ID: Subject: passwords enabled by default To: pgadmin-hackers Content-Type: multipart/alternative; boundary="0000000000009ae58e058c4d49cf" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Precedence: bulk --0000000000009ae58e058c4d49cf Content-Type: text/plain; charset="UTF-8" Recently, while testing my changes to entrypoint.sh in Docker, I noticed that you cannot import or export passwords via the servers.json file. You can get around this by setting the PassFile option in servers.json, but that still doesn't work correctly. For me to make this work, I had to also set the `PGPASSFILE` to the full path location of the pgpass file generated for me by Helm. To clarify, I know how many servers I want to connect to and how to find their passwords in Kubernetes via their secret, and I use Helm to stitch all of that together into a pgpass file that psql and pgadmin4 can use to connect to the servers without user intervention. The presence of the pgpass file and the reference to that file in the servers.json was not enough to allow pgadmin4 to connect to the servers, I also had to set `PGPASSFILE` in my Helm chart to make this work. This seems like another good ticket, no? I know where to add them and I'll put a patch in place, but I could sure use a little bit of guidance on the copy portion of the documentation. I know why it works for me, but would anyone conceivably use this in a non-Dockerized deployment? Thanks, Andrew --0000000000009ae58e058c4d49cf Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Recently, while testing my changes to entrypoint.sh i= n Docker, I noticed that you cannot import or export passwords via the serv= ers.json file. You can get around this by setting the PassFile option in se= rvers.json, but that still doesn't work correctly. For me to make this = work, I had to also set the `PGPASSFILE` to the full path location of the p= gpass file generated for me by Helm.

To clarify, I= know how many servers I want to connect to and how to find their passwords= in Kubernetes via their secret, and I use Helm to stitch all of that toget= her into a pgpass file that psql and pgadmin4 can use to connect to the ser= vers without user intervention.

The presence of th= e pgpass file and the reference to that file in the servers.json was not en= ough to allow pgadmin4 to connect to the servers, I also had to set `PGPASS= FILE` in my Helm chart to make this work.

This see= ms like another good ticket, no? I know where to add them and I'll put = a patch in place, but I could sure use a little bit of guidance on the copy= portion of the documentation. I know why it works for me, but would anyone= conceivably use this in a non-Dockerized deployment?

<= div>Thanks,
Andrew
--0000000000009ae58e058c4d49cf--