fix(core): Add an option to enable postgres ssl with default certs (#6889)

CP-809
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™ 2023-10-09 13:55:03 +02:00 committed by GitHub
parent b3247e5935
commit 789e1e7ed4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 1 deletions

View file

@ -90,7 +90,7 @@ export function getConnectionOptions(dbType: DatabaseType): ConnectionOptions {
const sslKey = config.getEnv('database.postgresdb.ssl.key');
const sslRejectUnauthorized = config.getEnv('database.postgresdb.ssl.rejectUnauthorized');
let ssl: TlsOptions | undefined;
let ssl: TlsOptions | boolean = config.getEnv('database.postgresdb.ssl.enabled');
if (sslCa !== '' || sslCert !== '' || sslKey !== '' || !sslRejectUnauthorized) {
ssl = {
ca: sslCa || undefined,

View file

@ -92,6 +92,12 @@ export const schema = {
},
ssl: {
enabled: {
doc: 'If SSL should be enabled. If `ca`, `cert`, or `key` are defined, this will automatically default to true',
format: 'Boolean',
default: false,
env: 'DB_POSTGRESDB_SSL_ENABLED',
},
ca: {
doc: 'SSL certificate authority',
format: String,