feat: accept db ssl config

2019-12-30 16:18:23 -05:00 · 2019-12-30 16:18:23 -05:00 · f1725159f7
commit f1725159f7
parent 89dc81a2c6
2 changed files with 38 additions and 5 deletions
--- a/config.sample.yml
+++ b/config.sample.yml
@ -22,6 +22,7 @@ port: 3000
 db:
  type: postgres
  # PostgreSQL / MySQL / MariaDB / MS SQL Server only:
  host: localhost
  port: 5432
@ -29,6 +30,19 @@ db:
  pass: wikijsrocks
  db: wiki
  ssl: false
  # Optional - PostgreSQL / MySQL / MariaDB only:
  # -> Uncomment lines you need below and set `auto` to false
  # -> Full list of accepted options: https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options
  sslOptions:
    auto: true
    # rejectUnauthorized: false
    # ca: path/to/ca.crt
    # cert: path/to/cert.crt
    # key: path/to/key.pem
    # pfx: path/to/cert.pfx
    # passphrase: xyz123
  # SQLite only:
  storage: path/to/database.sqlite
@ -95,7 +109,7 @@ logLevel: info
 uploads:
  # Maximum upload size in bytes per file (default: 5242880 (5 MB))
  maxFileSize: 5242880
-  # Maximum file uploads per request (default: 20)
+  # Maximum file uploads per request (default: 10)
  maxFiles: 10
 # ---------------------------------------------------------------------
@ -109,5 +123,5 @@ offline: false
 # ---------------------------------------------------------------------
 # Data Path
 # ---------------------------------------------------------------------
-# Writeable data path for Wiki.js, mainly for cache and user uploads.
+# Writeable data path used for cache and temporary user uploads.
 dataPath: ./data
--- a/server/core/db.js
+++ b/server/core/db.js
@ -3,6 +3,7 @@ const autoload = require('auto-load')
 const path = require('path')
 const Promise = require('bluebird')
 const Knex = require('knex')
 const fs = require('fs')
 const Objection = require('objection')
 const migrationSource = require('../db/migrator-source')
@ -34,13 +35,31 @@ module.exports = {
    }
    const dbUseSSL = (WIKI.config.db.ssl === true || WIKI.config.db.ssl === 'true' || WIKI.config.db.ssl === 1 || WIKI.config.db.ssl === '1')
    let sslOptions = null
    if (dbUseSSL && _.isPlainObject(dbConfig) && _.get(dbConfig, 'sslOptions.auto', null) === false) {
      sslOptions = dbConfig.sslOptions
      if (sslOptions.ca) {
        sslOptions.ca = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.ca))
      }
      if (sslOptions.cert) {
        sslOptions.cert = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.cert))
      }
      if (sslOptions.key) {
        sslOptions.key = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.key))
      }
      if (sslOptions.pfx) {
        sslOptions.pfx = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.pfx))
      }
    } else {
      sslOptions = true
    }
    switch (WIKI.config.db.type) {
      case 'postgres':
        dbClient = 'pg'
        if (dbUseSSL && _.isPlainObject(dbConfig)) {
-          dbConfig.ssl = true
+          dbConfig.ssl = sslOptions
        }
        break
      case 'mariadb':
@ -48,7 +67,7 @@ module.exports = {
        dbClient = 'mysql2'
        if (dbUseSSL && _.isPlainObject(dbConfig)) {
-          dbConfig.ssl = true
+          dbConfig.ssl = sslOptions
        }
        // Fix mysql boolean handling...