docs: added DB_SSL and DB_SSL_CA to helm chart (#2492)

***NO_CI***

* Update deployment.yaml

added DB_SSL option for postgres

* Update README.md

added note about `postgresql.ssl`

* added DB_SSL_CA

* added postgressql.ca note

* Update values.yaml

added more PostgresSQL details to values.yml

* Update values.yaml

* Update values.yaml

removed whitespace

* Update README.md

added ssl and ca notes

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* docs: update README

Co-authored-by: Nicolas Giard <github@ngpixel.com>

dev/helm/README.md

@@ -108,6 +108,8 @@ The following table lists the configurable parameters of the Wiki.js chart and t
 | `postgresql.postgresqlHost`            | External postgres host                      | `nil`                                                      |
 | `postgresql.postgresqlPassword`        | External postgres password                  | `nil`                                                      |
 | `postgresql.postgresqlPort`            | External postgres port                      | `5432`                                                     |
+| `postgresql.ssl`                       | Enable external postgres SSL connection     | `false`                                                   |
+| `postgresql.ca`                        | Certificate of Authority path for postgres  | `nil`                                                     |
 | `postgresql.persistence.enabled`                | Enable postgres persistence using PVC                | `true`                                                     |
 | `postgresql.persistence.existingClaim`          | Provide an existing `PersistentVolumeClaim` for postgres | `nil`                                                      |
 | `postgresql.persistence.storageClass`           | Postgres PVC Storage Class (example: `nfs`)                           | `nil`                 |
@@ -137,6 +139,8 @@ By default, PostgreSQL is installed as part of the chart.
 
 To use an external PostgreSQL server, set `postgresql.enabled` to `false` and then set `postgresql.postgresqlHost` and `postgresql.postgresqlPassword`. The other options (`postgresql.postgresqlDatabase`, `postgresql.postgresqlUser` and `postgresql.postgresqlPort`) may also want changing from their default values.
 
+To use an SSL connection you can set `postgresql.ssl` to `true` and if needed the path to a Certificate of Authority can be set using `postgresql.ca` to `/path/to/ca`. Default `postgresql.ssl` value is `false`.
+
 You also need to add the follow Helm template to your deployment:
 
 ```yaml

dev/helm/templates/deployment.yaml

@@ -38,6 +38,10 @@ spec:
               value: {{ default "wiki" .Values.postgresql.postgresqlDatabase }}
             - name: DB_USER
               value: {{ default "wiki" .Values.postgresql.postgresqlUser }}
+            - name: DB_SSL
+              value: "{{ default "false" .Values.postgresql.ssl }}"    
+            - name: DB_SSL_CA
+              value: "{{ default "" .Values.postgresql.ca }}"   
             - name: DB_PASS
               valueFrom:
                 secretKeyRef:

dev/helm/values.yaml

@@ -80,6 +80,22 @@ postgresql:
   ## Set to false if bringing your own PostgreSQL, and set secret value postgresql-uri.
   ##
   enabled: true
+  ## ssl enforce SSL communication with PostgresSQL
+  ## Default to false
+  ##  
+  # ssl: false
+  ## ca Certificate of Authority
+  ## Default to empty, point to location of CA
+  ##
+  # ca: "path to ca"
+  ## postgresqlHost override postgres database host
+  ## Default to postgres
+  ##
+  # postgresqlHost: postgres
+  ## postgresqlPort port for postgres 
+  ## Default to 5432
+  ##
+  # postgresqlPort: 5432
   ## PostgreSQL fullname Override
   ## Default to wiki-postgresql unless fullname override is set for Chart
   ##