Add documentation around 0.5.2 release

2024-11-20 11:21:14 +00:00 · 2024-01-17 15:46:56 -05:00 · 2024-01-17 15:46:56 -05:00 · 1b28ea573d
commit 1b28ea573d
parent 0f34eea777
2 changed files with 74 additions and 0 deletions
--- a/pict-rs.toml
+++ b/pict-rs.toml
@ -574,6 +574,16 @@ type = 'postgres'
 # default: empty
 url = 'postgres://user:password@host:5432/db'

+## Optional: Whether to use TLS when connecting to postgres
+# environment variable: PICTRS__REPO__USE_TLS
+# default: false
+use_tls = false
+
+## Optional: The CA Certificate used to verify the postgres TLS certificate
+# environment variable: PICTRS__REPO__CERTIFICATE_FILE
+# default: empty
+certificate_file = '/etc/ca-certificate.crt'
+

 ### Media storage configuration

--- a/releases/0.5.2.md
+++ b/releases/0.5.2.md
@ -0,0 +1,64 @@
+# pict-rs 0.5.2
+
+## Overview
+
+A quick release to improve postgres support.
+
+### Changes
+
+- [Support TLS in Postgres Connections](#support-tls-in-postgres-connections)
+- [Compiler Version Requirements](#compiler-version-requirements)
+
+
+## Upgrade Notes
+
+There's no significant changes from 0.5.1, so upgrading should be as simple as pulling a new version
+of pict-rs.
+
+
+## Descriptions
+
+### Support TLS in Postgres Connections
+
+The postgres repo now supports some new options to enable connecting via TLS. If the postgres
+server's certificate is not generally trusted, a CA certificate can be provided to pict-rs to allow
+it to trust the postgres connection.
+
+If the postgres endpoint uses TLS and has a publicly trusted certificate, the configuration can be
+updated to simply add `use_tls = true`
+```toml
+[repo]
+type = 'postgres'
+url = 'postgres://pictrs:1234@localhost:5432/pictrs'
+use_tls = true
+```
+or with environment variables
+```bash
+PICTRS__REPO__TYPE=postgres
+PICTRS__REPO__URL=postgres://pictrs:1234@localhost:5432/pictrs
+PICTRS__REPO__USE_TLS=true
+```
+
+If the server uses a self-signed certificate, the CA's certificate can be added to pict-rs' trusted
+CAs.
+```toml
+[repo]
+type = 'postgres'
+url = 'postgres://pictrs:1234@localhost:5432/pictrs'
+use_tls = true
+certificate_file = '/path/to/ca/certificate.crt'
+```
+or with environment variables
+```bash
+PICTRS__REPO__TYPE=postgres
+PICTRS__REPO__URL=postgres://pictrs:1234@localhost:5432/pictrs
+PICTRS__REPO__USE_TLS=true
+PICTRS__REPO__CERTIFICATE_FILE=/path/to/ca/certificate.crt
+```
+
+### Compiler Version Requirements
+
+pict-rs 0.5.2 now takes advantage of rust's native support for AFIT (Async Fn In Trait) for the
+store trait. This trait already was not object-safe, so using AFIT does not come with any downsides.
+This does mean that the minimum supported rust version for building pict-rs is now 1.75, which
+released in December 2023.