coop-cloud/organising
coop-cloud
/
organising
7
0
Fork 0
Code Issues 156 Pull Requests Projects 2 Releases Activity

Encrypt the traffic between an app and the db #114

New Issue
Open
opened 2021-08-09 18:28:01 +00:00 by knoflook · 0 comments
knoflook commented 2021-08-09 18:28:01 +00:00
Owner
Copy Link

Somebody on the internet says that the traffic between docker containers should be encrypted. We're not doing that (specifically with databases). This is not a huge security vulnerability for now but I think we should take care of that before beta.
https://security.stackexchange.com/questions/186838/should-the-traffic-between-the-containers-need-to-be-encrypted#186842

Here's a resource about how to generate ssl certs on postgres
https://dev.to/danvixent/how-to-setup-postgresql-with-ssl-inside-a-docker-container-5f3

I don't know how we want to go with implementing that (maybe a repo with a code snippet to put in compose.yml?) so I'm hoping somebody who knows more about docker wants to pick this up :)

Somebody on the internet says that the traffic between docker containers should be encrypted. We're not doing that (specifically with databases). This is not a huge security vulnerability for now but I think we should take care of that before beta. https://security.stackexchange.com/questions/186838/should-the-traffic-between-the-containers-need-to-be-encrypted#186842 Here's a resource about how to generate ssl certs on postgres https://dev.to/danvixent/how-to-setup-postgresql-with-ssl-inside-a-docker-container-5f3 I don't know how we want to go with implementing that (maybe a repo with a code snippet to put in compose.yml?) so I'm hoping somebody who knows more about docker wants to pick this up :)
decentral1se added the
question
 label 2021-08-10 18:02:00 +00:00
decentral1se added this to the Pen Testing/security milestone 2021-09-09 14:26:43 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels   
abra

Everything to do with abra

  
abra-gandi

Abra Gandi plugin

  
awaiting-feedback

Ping/pong on comms

  
backups

   
bug

Something is not working

  
build

Go build related issues

  
ci/cd

Getting the robots into the mix

  
community organising

Opening this thing up

  
contributing

Contributors stuff

  
coopcloud.tech

Our main website

  
democracy

Democratic decision making

  
design

Design thinking required

  
documentation

Let's write things together

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
finance

Money things

  
funding

Anything related to grant funding

  
good first issue

Easy start with development

  
help wanted

Need some help

  
installer

Installation related issues

  
kadabra

   
performance

Performance related

  
proposal

Large change which requires feedback & decisin making

  
question

More information is needed

  
recipes.coopcloud.tech

Our recipes catalogue

  
security

Securing our shit

  
test

Unit or integration test suite

  
wontfix

This won't be fixed

No Label
abra
abra-gandi
awaiting-feedback
backups
bug
build
ci/cd
community organising
contributing
coopcloud.tech
democracy
design
documentation
duplicate
enhancement
finance
funding
good first issue
help wanted
installer
kadabra
performance
proposal
question
recipes.coopcloud.tech
security
test
wontfix
Milestone
Clear milestone
No items
No Milestone
Pen Testing/security
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/organising#114
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?