You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Could it be possible to store certificates/private keys for mutual TLS using environment variables (as an extra option, instead of uploading them via the admin interface) and referring to those environment variables in the Certificate model? This removes the need to have (persistent) volumes to keep uploaded certificates in storage after redeploys.
I'd suggest creating a fixture instead with the paths to the certificates, and then mounting the certificates as ConfigMap/Secret in a subfolder of the private-media storage. That way you still have the database records, they point to actual mounted files and no code changes are needed.
At the deployment level, you can set up an init container to ensure the fixture is loaded (and migrations are run).
Suggestion from gemeente Amsterdam:
Could it be possible to store certificates/private keys for mutual TLS using environment variables (as an extra option, instead of uploading them via the admin interface) and referring to those environment variables in the
Certificate
model? This removes the need to have (persistent) volumes to keep uploaded certificates in storage after redeploys.@sergei-maertens thoughts?
The text was updated successfully, but these errors were encountered: