fix(database): fix volume and file mounts and naming

- fix: Volume and file mounts are unmounted if there are more than 1
- rename the crt and key to server key and crt to follow best practices
- move crt and key to a more standardized location

app/Actions/Database/StartPostgresql.php

@@ -52,9 +52,9 @@ class StartPostgresql
                 $this->commands[] = "echo 'No SSL certificate found, generating new SSL certificate for this database.'";
                 $this->ssl_certificate = SslHelper::generateSslCertificate(
                     commonName: $this->database->uuid,
-                    // additionalSans: ["IP:{$server->ip_address}"], // Issue is the server IP can be also be a domain/ hostname and we need to be sure what it is before setting it.
                     resourceType: $this->database->getMorphClass(),
                     resourceId: $this->database->id,
+                    serverId: $server->id,
                     caCert: $caCert->ssl_certificate,
                     caKey: $caCert->ssl_private_key,
                 );
@@ -106,60 +106,84 @@ class StartPostgresql
                 ],
             ],
         ];
+
         if (filled($this->database->limits_cpuset)) {
             data_set($docker_compose, "services.{$container_name}.cpuset", $this->database->limits_cpuset);
         }
+
         if ($this->database->destination->server->isLogDrainEnabled() && $this->database->isLogDrainEnabled()) {
             $docker_compose['services'][$container_name]['logging'] = generate_fluentd_configuration();
         }
+
         if (count($this->database->ports_mappings_array) > 0) {
             $docker_compose['services'][$container_name]['ports'] = $this->database->ports_mappings_array;
         }
+
+        $docker_compose['services'][$container_name]['volumes'] ??= [];
+
         if (count($persistent_storages) > 0) {
-            $docker_compose['services'][$container_name]['volumes'] = $persistent_storages;
+            $docker_compose['services'][$container_name]['volumes'] = array_merge(
+                $docker_compose['services'][$container_name]['volumes'],
+                $persistent_storages
+            );
         }
+
         if (count($persistent_file_volumes) > 0) {
-            $docker_compose['services'][$container_name]['volumes'] = $persistent_file_volumes->map(function ($item) {
+            $docker_compose['services'][$container_name]['volumes'] = array_merge(
-                return "$item->fs_path:$item->mount_path";
+                $docker_compose['services'][$container_name]['volumes'],
-            })->toArray();
+                $persistent_file_volumes->map(function ($item) {
+                    return "$item->fs_path:$item->mount_path";
+                })->toArray()
+            );
         }
+
         if (count($volume_names) > 0) {
             $docker_compose['volumes'] = $volume_names;
         }
+
         if (count($this->init_scripts) > 0) {
             foreach ($this->init_scripts as $init_script) {
-                $docker_compose['services'][$container_name]['volumes'][] = [
+                $docker_compose['services'][$container_name]['volumes'] = array_merge(
-                    'type' => 'bind',
+                    $docker_compose['services'][$container_name]['volumes'],
-                    'source' => $init_script,
+                    [[
-                    'target' => '/docker-entrypoint-initdb.d/'.basename($init_script),
+                        'type' => 'bind',
-                    'read_only' => true,
+                        'source' => $init_script,
-                ];
+                        'target' => '/docker-entrypoint-initdb.d/'.basename($init_script),
+                        'read_only' => true,
+                    ]]
+                );
             }
         }
-        if ($this->database->enable_ssl) {
+
-            $docker_compose['services'][$container_name]['command'] = [
-                'postgres',
-                '-c',
-                'ssl=on',
-                '-c',
-                'ssl_cert_file=/etc/postgresql/ssl/internal.crt',
-                '-c',
-                'ssl_key_file=/etc/postgresql/ssl/internal.key',
-            ];
-        }
         if (filled($this->database->postgres_conf)) {
-            $docker_compose['services'][$container_name]['volumes'][] = [
+            $docker_compose['services'][$container_name]['volumes'] = array_merge(
-                'type' => 'bind',
+                $docker_compose['services'][$container_name]['volumes'],
-                'source' => $this->configuration_dir.'/custom-postgres.conf',
+                [[
-                'target' => '/etc/postgresql/postgresql.conf',
+                    'type' => 'bind',
-                'read_only' => true,
+                    'source' => $this->configuration_dir.'/custom-postgres.conf',
-            ];
+                    'target' => '/etc/postgresql/postgresql.conf',
+                    'read_only' => true,
+                ]]
+            );
             $docker_compose['services'][$container_name]['command'] = [
                 'postgres',
                 '-c',
                 'config_file=/etc/postgresql/postgresql.conf',
             ];
         }
+
+        if ($this->database->enable_ssl) {
+            $docker_compose['services'][$container_name]['command'] = [
+                'postgres',
+                '-c',
+                'ssl=on',
+                '-c',
+                'ssl_cert_file=/var/lib/postgresql/certs/server.crt',
+                '-c',
+                'ssl_key_file=/var/lib/postgresql/certs/server.key',
+            ];
+        }
+
         // Add custom docker run options
         $docker_run_options = convertDockerRunToCompose($this->database->custom_docker_run_options);
         $docker_compose = generateCustomDockerRunOptionsForDatabases($docker_run_options, $docker_compose, $container_name, $this->database->destination->network);
@@ -173,7 +197,7 @@ class StartPostgresql
         $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml pull";
         $this->commands[] = "docker compose -f $this->configuration_dir/docker-compose.yml up -d";
         if ($this->database->enable_ssl) {
-            $this->commands[] = executeInDocker($this->database->uuid, "chown {$this->database->postgres_user}:{$this->database->postgres_user} /etc/postgresql/ssl/internal.key /etc/postgresql/ssl/internal.crt");
+            $this->commands[] = executeInDocker($this->database->uuid, "chown {$this->database->postgres_user}:{$this->database->postgres_user} /var/lib/postgresql/certs/server.key /var/lib/postgresql/certs/server.crt");
         }
         $this->commands[] = "echo 'Database started.'";
 
@@ -284,16 +308,16 @@ class StartPostgresql
         }
 
         $this->database->fileStorages()->create([
-            'fs_path' => $this->configuration_dir.'/ssl/internal.crt',
+            'fs_path' => $this->configuration_dir.'/ssl/server.crt',
-            'mount_path' => '/etc/postgresql/ssl/internal.crt',
+            'mount_path' => '/var/lib/postgresql/certs/server.crt',
             'content' => $this->ssl_certificate->ssl_certificate,
             'is_directory' => false,
             'chmod' => '644',
         ]);
 
         $this->database->fileStorages()->create([
-            'fs_path' => $this->configuration_dir.'/ssl/internal.key',
+            'fs_path' => $this->configuration_dir.'/ssl/server.key',
-            'mount_path' => '/etc/postgresql/ssl/internal.key',
+            'mount_path' => '/var/lib/postgresql/certs/server.key',
             'content' => $this->ssl_certificate->ssl_private_key,
             'is_directory' => false,
             'chmod' => '600',