Spaces:
Sleeping
Sleeping
Seth
commited on
Commit
·
4a4a980
1
Parent(s):
ebd72bb
update
Browse files- README.md +4 -2
- backend/app/database.py +12 -1
README.md
CHANGED
|
@@ -223,8 +223,10 @@ PostGen/
|
|
| 223 |
|
| 224 |
1. **Get Your Connection String**:
|
| 225 |
- From your CockroachDB dashboard, copy the connection string
|
| 226 |
-
- Format: `postgresql://username:password@host:port/database?sslmode=
|
| 227 |
-
- Example: `postgresql://seth:YOUR_PASSWORD@ezofis-11210.jxf.gcp-us-east1.cockroachlabs.cloud:26257/defaultdb?sslmode=
|
|
|
|
|
|
|
| 228 |
|
| 229 |
2. **Add to HuggingFace Spaces**:
|
| 230 |
- Go to your Space settings → "Variables and secrets"
|
|
|
|
| 223 |
|
| 224 |
1. **Get Your Connection String**:
|
| 225 |
- From your CockroachDB dashboard, copy the connection string
|
| 226 |
+
- Format: `postgresql://username:password@host:port/database?sslmode=require`
|
| 227 |
+
- Example: `postgresql://seth:YOUR_PASSWORD@ezofis-11210.jxf.gcp-us-east1.cockroachlabs.cloud:26257/defaultdb?sslmode=require`
|
| 228 |
+
- **Note**: The app automatically uses `sslmode=require` (secure SSL without certificate file requirement)
|
| 229 |
+
- If you use `sslmode=verify-full`, the app will automatically fall back to `require` if the certificate file is not available
|
| 230 |
|
| 231 |
2. **Add to HuggingFace Spaces**:
|
| 232 |
- Go to your Space settings → "Variables and secrets"
|
backend/app/database.py
CHANGED
|
@@ -14,9 +14,20 @@ DATABASE_URL = os.getenv(
|
|
| 14 |
if DATABASE_URL.startswith("postgresql://") or DATABASE_URL.startswith("postgres://"):
|
| 15 |
# CockroachDB connection - use NullPool to avoid connection issues
|
| 16 |
# CockroachDB requires SSL, so we ensure sslmode is set
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 17 |
if "sslmode" not in DATABASE_URL:
|
| 18 |
separator = "&" if "?" in DATABASE_URL else "?"
|
| 19 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 20 |
|
| 21 |
engine = create_engine(
|
| 22 |
DATABASE_URL,
|
|
|
|
| 14 |
if DATABASE_URL.startswith("postgresql://") or DATABASE_URL.startswith("postgres://"):
|
| 15 |
# CockroachDB connection - use NullPool to avoid connection issues
|
| 16 |
# CockroachDB requires SSL, so we ensure sslmode is set
|
| 17 |
+
# Use 'require' mode which uses SSL but doesn't require certificate file
|
| 18 |
+
# For production with certificate, use 'verify-full' and provide sslrootcert
|
| 19 |
+
import os
|
| 20 |
+
cert_path = os.path.expanduser("~/.postgresql/root.crt")
|
| 21 |
+
|
| 22 |
if "sslmode" not in DATABASE_URL:
|
| 23 |
separator = "&" if "?" in DATABASE_URL else "?"
|
| 24 |
+
# Use 'require' instead of 'verify-full' to work without certificate file
|
| 25 |
+
# Still secure (uses SSL) but doesn't verify the certificate
|
| 26 |
+
DATABASE_URL = f"{DATABASE_URL}{separator}sslmode=require"
|
| 27 |
+
elif "sslmode=verify-full" in DATABASE_URL and not os.path.exists(cert_path):
|
| 28 |
+
# If verify-full is set but cert file doesn't exist, change to require
|
| 29 |
+
DATABASE_URL = DATABASE_URL.replace("sslmode=verify-full", "sslmode=require")
|
| 30 |
+
print("⚠ Certificate file not found, using sslmode=require instead of verify-full")
|
| 31 |
|
| 32 |
engine = create_engine(
|
| 33 |
DATABASE_URL,
|