Postgrex not respecting ssl = false configuration

mcode10 · October 9, 2023, 11:47pm

Hello,

I am using mix release to run a Phoenix app in production. However, when I start the app as described in the mix release and Phoenix release guides, Postgrex attempts to connect to my postgresql server and fails due to ssl not being enabled. This is despite me using config: $:my_app, $MyApp.Repo, ssl: false. I have added this to config/runtime.exs and config/prod.exs. Additionally, I’ve tried using the url option and appending ssl=false, but that has not worked either. The app also scrapes an env variable, $DATABASE_URL, and I’ve added ssl=false to this as well, but Postgrex seemingly does not accept any of this config. This env variable is not in use, but I wanted to make sure I had tried tweaking that as well. I’ve made sure to redeploy the new release to my server after all of these config changes. Any suggestions?

Thanks in advance!

benwilson512 · October 10, 2023, 11:58am

Hey @mcode10 if you do YourApp.Repo.config() what do you get? The postgrex default is to not do ssl so something somewhere is setting it to true.

mcode10 · October 11, 2023, 12:25am

Thank you for the quick response!

MyApp.Repo.Config returns the following:

[
  telemetry_prefix: [:my_app, :repo],
  otp_app: :my_app,
  timeout: 15000,
  adapter: Ecto.Adapters.Postgres,
  ssl: true,
  pool_size: 10,
  socket_options: [],
  hostname: "localhost",
  scheme: "ecto",
  username: "REDACTED",
  password: "REDACTED",
  database: "REDACTED",
  port: 5432
]

The PostgreSQL server is on the same VPS, hence the “localhost” configuration. The username, password, and database keys are all correct, it’s just that ssl is enabled for some reason.