feat: accept db ssl config

This commit is contained in:
NGPixel 2019-12-30 16:18:23 -05:00
parent 89dc81a2c6
commit f1725159f7
2 changed files with 38 additions and 5 deletions

View File

@ -22,6 +22,7 @@ port: 3000
db: db:
type: postgres type: postgres
# PostgreSQL / MySQL / MariaDB / MS SQL Server only: # PostgreSQL / MySQL / MariaDB / MS SQL Server only:
host: localhost host: localhost
port: 5432 port: 5432
@ -29,6 +30,19 @@ db:
pass: wikijsrocks pass: wikijsrocks
db: wiki db: wiki
ssl: false ssl: false
# Optional - PostgreSQL / MySQL / MariaDB only:
# -> Uncomment lines you need below and set `auto` to false
# -> Full list of accepted options: https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options
sslOptions:
auto: true
# rejectUnauthorized: false
# ca: path/to/ca.crt
# cert: path/to/cert.crt
# key: path/to/key.pem
# pfx: path/to/cert.pfx
# passphrase: xyz123
# SQLite only: # SQLite only:
storage: path/to/database.sqlite storage: path/to/database.sqlite
@ -95,7 +109,7 @@ logLevel: info
uploads: uploads:
# Maximum upload size in bytes per file (default: 5242880 (5 MB)) # Maximum upload size in bytes per file (default: 5242880 (5 MB))
maxFileSize: 5242880 maxFileSize: 5242880
# Maximum file uploads per request (default: 20) # Maximum file uploads per request (default: 10)
maxFiles: 10 maxFiles: 10
# --------------------------------------------------------------------- # ---------------------------------------------------------------------
@ -109,5 +123,5 @@ offline: false
# --------------------------------------------------------------------- # ---------------------------------------------------------------------
# Data Path # Data Path
# --------------------------------------------------------------------- # ---------------------------------------------------------------------
# Writeable data path for Wiki.js, mainly for cache and user uploads. # Writeable data path used for cache and temporary user uploads.
dataPath: ./data dataPath: ./data

View File

@ -3,6 +3,7 @@ const autoload = require('auto-load')
const path = require('path') const path = require('path')
const Promise = require('bluebird') const Promise = require('bluebird')
const Knex = require('knex') const Knex = require('knex')
const fs = require('fs')
const Objection = require('objection') const Objection = require('objection')
const migrationSource = require('../db/migrator-source') const migrationSource = require('../db/migrator-source')
@ -34,13 +35,31 @@ module.exports = {
} }
const dbUseSSL = (WIKI.config.db.ssl === true || WIKI.config.db.ssl === 'true' || WIKI.config.db.ssl === 1 || WIKI.config.db.ssl === '1') const dbUseSSL = (WIKI.config.db.ssl === true || WIKI.config.db.ssl === 'true' || WIKI.config.db.ssl === 1 || WIKI.config.db.ssl === '1')
let sslOptions = null
if (dbUseSSL && _.isPlainObject(dbConfig) && _.get(dbConfig, 'sslOptions.auto', null) === false) {
sslOptions = dbConfig.sslOptions
if (sslOptions.ca) {
sslOptions.ca = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.ca))
}
if (sslOptions.cert) {
sslOptions.cert = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.cert))
}
if (sslOptions.key) {
sslOptions.key = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.key))
}
if (sslOptions.pfx) {
sslOptions.pfx = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.pfx))
}
} else {
sslOptions = true
}
switch (WIKI.config.db.type) { switch (WIKI.config.db.type) {
case 'postgres': case 'postgres':
dbClient = 'pg' dbClient = 'pg'
if (dbUseSSL && _.isPlainObject(dbConfig)) { if (dbUseSSL && _.isPlainObject(dbConfig)) {
dbConfig.ssl = true dbConfig.ssl = sslOptions
} }
break break
case 'mariadb': case 'mariadb':
@ -48,7 +67,7 @@ module.exports = {
dbClient = 'mysql2' dbClient = 'mysql2'
if (dbUseSSL && _.isPlainObject(dbConfig)) { if (dbUseSSL && _.isPlainObject(dbConfig)) {
dbConfig.ssl = true dbConfig.ssl = sslOptions
} }
// Fix mysql boolean handling... // Fix mysql boolean handling...