From 7ebcaad53a3261d8a4aefd8a64c5c7d9d8ac2fa0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sat, 26 Jan 2019 14:51:19 +0100
Subject: Fix the SSL state for databases connections

Whenever possible, we use a socket connexion (all postgresql
connections, and a few mysql ones)

When remote (only mysql), we require SSL in the users database (cannot
be enforced globally)

Also, put pam configurations in a correct state

Fixes https://git.immae.eu/mantisbt/view.php?id=89
Fixes https://git.immae.eu/mantisbt/view.php?id=90
Fixes https://git.immae.eu/mantisbt/view.php?id=88
---
 nixops/modules/websites/tools/dav/davical.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'nixops/modules/websites/tools/dav/davical.nix')

diff --git a/nixops/modules/websites/tools/dav/davical.nix b/nixops/modules/websites/tools/dav/davical.nix
index 4d0639f..3f43607 100644
--- a/nixops/modules/websites/tools/dav/davical.nix
+++ b/nixops/modules/websites/tools/dav/davical.nix
@@ -18,7 +18,7 @@ let
   davical = rec {
     config = writeText "davical_config.php" ''
         <?php
-        $c->pg_connect[] = "dbname=davical user=davical_app host=db-1.immae.eu password=${env.postgresql.password}";
+        $c->pg_connect[] = "dbname=${env.postgresql.database} user=${env.postgresql.user} host=${env.postgresql.socket} password=${env.postgresql.password}";
 
         $c->readonly_webdav_collections = false;
 
-- 
cgit v1.2.3