We have a self-hosted Retool instance with externalized Postgres databases for the app and for RetoolDB. RetoolDB initialized without SSL, and all my attempts to force it to connect over SSL are failing.
I've tried setting the RETOOLDB_POSTGRES_SSL environment variable to true, and even directly editing the resources table to set the ssl column to TRUE, with no dice. My guess is that the encrypted connection string needs to be updated somehow? Is there a way to do that without blowing away my existing Retool Database?
Hey @matt_matsec! Sorry for the delay here. You are correct, the connection string needs to be updated. As this is an encrypted value, it requires a bit of db surgery. Here are some steps to guide you.
- Create new connection string of format:
postgresql://USER_NAME:PASSWORD@HOST:5432/DB_NAME?sslmode=require
- Store that string into a dummy configuration variable
select value from config_vars cv left join config_var_values cvv on cv.uuid = cvv."configVarUuid" where name = 'DUMMY_NAME'; to get encrypted value of the connection string
- copy
resources.options JSON for corresponding resource in text editor
- swap
... value inside __RETOOL_ENCRYPTED__(...)
update resources set options '{... options ...}' :: jsonb where id = RESOURCE_ID to update the DB with the new value
1 Like
Alternatively, if the db is empty, you can try reentering the connection info at the /resources?setupRetoolDB=1 path.
worked like a charm, thank you!
1 Like
Fantastic! Glad that got you back on track 