I have a Postgres cluster running, but would like to allow access from a Metabase server we run with a separate cloud service. I’ve gone ahead and opened up the Postgres DB using the new proxy handler: pg_tls, however I now see that the pg_tls does not enforce TLS. I think it’s pretty insane to have a Postgres server open to the Internet which allows plain text connections, so want to force all connections to be TLS. This does not appear to be possible. Whilst the fly.toml file has support for force_https, there appears to be no equivalent for pg_tls.
Can you advise:
- What was the thinking behind allowing plain text connections by default with a
pg_tlshandler which is clearly for TLS connections? - How can I override this and force TLS connections only?
- Is there anything more sophisticated (from a security perspective) you’re considering for Postgres connections such as certificate auth, or restrictions by host/IP etc?