From f1e1ce61bfc6811894f2eda7e5995909ffc4a084 Mon Sep 17 00:00:00 2001 From: moisses89 <7888669+moisses89@users.noreply.github.com> Date: Tue, 9 Jan 2024 12:01:39 +0100 Subject: [PATCH 1/3] Add configuration for SSL database connection --- .env.sample | 2 ++ src/datasources/db/database.options.ts | 22 +++++++++++++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.env.sample b/.env.sample index 1372d73..e4879de 100644 --- a/.env.sample +++ b/.env.sample @@ -7,4 +7,6 @@ ADMIN_PASSWORD=password WEBHOOKS_CACHE_TTL=300000 NODE_ENV=dev SSE_AUTH_TOKEN=aW5mcmFAc2FmZS5nbG9iYWw6YWJjMTIz +ENABLE_DB_SSL=false +# DB_CA_PATH=/path/of/db/certificate # URL_BASE_PATH=/test # Set a globlal url path diff --git a/src/datasources/db/database.options.ts b/src/datasources/db/database.options.ts index 2bd5f57..0039d05 100644 --- a/src/datasources/db/database.options.ts +++ b/src/datasources/db/database.options.ts @@ -1,5 +1,6 @@ import { Webhook } from '../../routes/webhook/entities/webhook.entity'; import { DataSourceOptions } from 'typeorm'; +import * as fs from 'fs'; /** * Use process.env for configuration instead of Nest.js ConfigService @@ -10,4 +11,23 @@ export const dataSourceOptions: DataSourceOptions = { url: process.env.MIGRATIONS_DATABASE_URL, entities: [Webhook], migrations: [__dirname + '/../migrations/**/*{.ts,.js}'], -}; + ... (process.env.DB_SSL_ENABLE == 'true' ? { + ssl: true, + ... (process.env.DB_CA_PATH ? { + extra: { + ssl: { + ca: fs.readFileSync(process.env.DB_CA_PATH), + rejectUnauthorized: true + } + } + } : { + extra: { + ssl: { + rejectUnauthorized: false + } + } + }) + }:{ + ssl: false + }) +}; \ No newline at end of file From 6d4629f329f51b03072828fe1cdf705ece02e10d Mon Sep 17 00:00:00 2001 From: moisses89 <7888669+moisses89@users.noreply.github.com> Date: Tue, 9 Jan 2024 15:41:02 +0100 Subject: [PATCH 2/3] Remove extra field --- .env.sample | 2 +- src/datasources/db/database.options.ts | 34 ++++++++++---------------- 2 files changed, 14 insertions(+), 22 deletions(-) diff --git a/.env.sample b/.env.sample index e4879de..3563f76 100644 --- a/.env.sample +++ b/.env.sample @@ -7,6 +7,6 @@ ADMIN_PASSWORD=password WEBHOOKS_CACHE_TTL=300000 NODE_ENV=dev SSE_AUTH_TOKEN=aW5mcmFAc2FmZS5nbG9iYWw6YWJjMTIz -ENABLE_DB_SSL=false +DB_SSL_ENABLE=false # DB_CA_PATH=/path/of/db/certificate # URL_BASE_PATH=/test # Set a globlal url path diff --git a/src/datasources/db/database.options.ts b/src/datasources/db/database.options.ts index 0039d05..27c9255 100644 --- a/src/datasources/db/database.options.ts +++ b/src/datasources/db/database.options.ts @@ -1,7 +1,6 @@ import { Webhook } from '../../routes/webhook/entities/webhook.entity'; import { DataSourceOptions } from 'typeorm'; -import * as fs from 'fs'; - +import { readFileSync } from 'fs'; /** * Use process.env for configuration instead of Nest.js ConfigService * as it cannot be used by TypeORM CLI to generate and run migrations @@ -11,23 +10,16 @@ export const dataSourceOptions: DataSourceOptions = { url: process.env.MIGRATIONS_DATABASE_URL, entities: [Webhook], migrations: [__dirname + '/../migrations/**/*{.ts,.js}'], - ... (process.env.DB_SSL_ENABLE == 'true' ? { - ssl: true, - ... (process.env.DB_CA_PATH ? { - extra: { - ssl: { - ca: fs.readFileSync(process.env.DB_CA_PATH), - rejectUnauthorized: true - } + ...(process.env.DB_SSL_ENABLE == 'true' + ? { + ssl: process.env.DB_CA_PATH + ? { + ca: readFileSync(process.env.DB_CA_PATH), + rejectUnauthorized: true, + } + : { + rejectUnauthorized: false, + }, } - } : { - extra: { - ssl: { - rejectUnauthorized: false - } - } - }) - }:{ - ssl: false - }) -}; \ No newline at end of file + : {}), +}; From a38f9bf7be4779d4d014f0a062c69ab6aad205b8 Mon Sep 17 00:00:00 2001 From: moisses89 <7888669+moisses89@users.noreply.github.com> Date: Mon, 15 Jan 2024 12:51:19 +0100 Subject: [PATCH 3/3] Change environment variable names --- .env.sample | 4 ++-- src/datasources/db/database.options.ts | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.env.sample b/.env.sample index 3563f76..e1e2546 100644 --- a/.env.sample +++ b/.env.sample @@ -7,6 +7,6 @@ ADMIN_PASSWORD=password WEBHOOKS_CACHE_TTL=300000 NODE_ENV=dev SSE_AUTH_TOKEN=aW5mcmFAc2FmZS5nbG9iYWw6YWJjMTIz -DB_SSL_ENABLE=false -# DB_CA_PATH=/path/of/db/certificate +DATABASE_SSL_ENABLED=false +# DATABASE_CA_PATH=/path/of/db/certificate # URL_BASE_PATH=/test # Set a globlal url path diff --git a/src/datasources/db/database.options.ts b/src/datasources/db/database.options.ts index 27c9255..7042b71 100644 --- a/src/datasources/db/database.options.ts +++ b/src/datasources/db/database.options.ts @@ -10,11 +10,11 @@ export const dataSourceOptions: DataSourceOptions = { url: process.env.MIGRATIONS_DATABASE_URL, entities: [Webhook], migrations: [__dirname + '/../migrations/**/*{.ts,.js}'], - ...(process.env.DB_SSL_ENABLE == 'true' + ...(process.env.DATABASE_SSL_ENABLED == 'true' ? { - ssl: process.env.DB_CA_PATH + ssl: process.env.DATABASE_CA_PATH ? { - ca: readFileSync(process.env.DB_CA_PATH), + ca: readFileSync(process.env.DATABASE_CA_PATH), rejectUnauthorized: true, } : {