1 Adding a PostgreSQL target
Eugene edited this page 2024-10-08 20:52:44 +02:00

This feature is available in v0.11+

This page explains the process of adding a new PostgreSQL target host to Warpgate and allowing users to connect to it.

Authentication setup

Currently, Warpgate can connect to PostgreSQL servers with a username/password using md5 and password (plaintext) auth mode.

As a PostgreSQL protocol server, Warpgate only allows secure (TLS) connections and uses password auth mode.

Enabling PostgreSQL listener

Enable the PostgreSQL protocol in your config file (default: /etc/warpgate.yaml) if you didn't do so during the initial setup:

+ postgres:
+   enable: true
+   certificate: /var/lib/warpgate/tls.certificate.pem
+   key: /var/lib/warpgate/tls.key.pem

You can reuse the same certificate and key that are used for the HTTP listener.

Connection setup

Log into the Warpgate admin UI and navigate to Config > Targets > Add target and give the new PostgreSQL target a name:

Screenshot 2024-10-08 at 20 48 09

Fill out the configuration:

Screenshot 2024-10-08 at 20 48 54

The target should show up on the Warpgate's homepage:

Screenshot 2024-10-08 at 20 51 01

Users will be able to click the entry to obtain connection instructions:

Screenshot 2024-10-08 at 20 51 16

Client setup

You can now use any PostgreSQL client applications to connect through Warpgate with the following settings:

  • Host: the Warpgate host
  • Port: the Warpgate PostgreSQL port (default: 55432)
  • Username: admin#<target-name> or admin:<target-name>, in this example: admin#db1
  • Password: your Warpgate admin password
  • TLS: enabled
  • Cleartext password authentication: allowed

If your client uses a database URL, use: postgresql://<username>#<target>:<password>@<warpgate host>:<warpgate postgresql port>?sslmode=require

While your PostgreSQL session is running, you'll be able to see its status in the Admin UI, including the query log:

image

Up next