postgre-tls/USAGE.md

PloughGres Usage Guide

Quick Start

1. Start the PostgreSQL container:

   ./start.sh
   

2. Connect to the database:

   ./connect.sh
   

3. Stop the container:

   docker-compose down
   

Common Operations

Database Management

• View container status: docker ps
• View container logs: docker logs ploughgres-db
• Access PostgreSQL shell: ./connect.sh
• Restart container: docker-compose restart

SSL Connection Testing

The setup uses TLSv1.3 with 256-bit encryption. Connection details:

• Host: localhost
• Port: 5432
• Database: ploughgres
• User: ploughgres_user
• SSL Mode: verify-full (certificate verification enabled)

Data Persistence

• Database data is stored in ./data/ directory
• SSL certificates are in ./secrets/ directory
• All data remains in the project directory (userspace)

Security Features

• ✅ SSL/TLS encryption (TLSv1.3)
• ✅ Certificate verification
• ✅ SCRAM-SHA-256 authentication
• ✅ Row-level security enabled
• ✅ Audit logging
• ✅ Encryption functions (pgcrypto)

Troubleshooting

Container Issues

• Container won't start: Check docker logs ploughgres-db
• Port conflicts: Ensure port 5432 is available
• Permission issues: Check file permissions in secrets/ directory

SSL Connection Issues

• Certificate errors: Verify certificates exist in secrets/
• Connection refused: Ensure container is running and healthy
• Authentication failed: Check password in secrets/postgres_password.txt

Development

Making Changes

1. Stop the container: docker-compose down
2. Make your changes
3. Rebuild and restart: ./start.sh

Viewing SSL Status

Connect to the database and run:

SELECT ssl, version, cipher, bits FROM pg_stat_ssl WHERE pid = pg_backend_pid();

Files Overview

• docker-compose.yml - Container configuration
• start.sh - Initialization and startup script
• connect.sh - SSL connection test script
• Dockerfile - Container image definition
• secrets/ - SSL certificates and passwords
• data/ - PostgreSQL data directory