Skip to content

Commit

Permalink
OPS-6085-allow-encrypted-db-connection (#159)
Browse files Browse the repository at this point in the history
Added option to enable SSL for the database connection.
  • Loading branch information
YannickEvers authored Mar 7, 2024
1 parent ce6c358 commit 793d7bb
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
1 change: 1 addition & 0 deletions src/config.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ exports.DB_DATABASE = process.env.DB_DATABASE;
exports.DB_USERNAME = process.env.DB_USERNAME;
exports.DB_PASSWORD = process.env.DB_PASSWORD;
exports.DB_PORT = process.env.DB_PORT || 5432;
exports.DB_SSL = process.env.DB_SSL?.toLowerCase?.() === 'true';
exports.CONNECTION_POOL_SIZE = process.env.CONNECTION_POOL_SIZE || 10;
exports.DB_IDLE_TIMEOUT_MILLIS = process.env.DB_IDLE_TIMEOUT_MILLIS;
exports.DB_MAX_USES = process.env.DB_MAX_USES;
Expand Down
5 changes: 4 additions & 1 deletion src/infrastructure/databasePromise.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ const resolveDBCredentials = () => {
const db_host = config.DB_HOST;
const db_port = config.DB_PORT;
const db_database = config.DB_DATABASE;
const db_ssl = config.DB_SSL;

if (!db_username ||
(config.NODE_ENV === 'production' && !db_password) ||
Expand All @@ -25,13 +26,15 @@ const resolveDBCredentials = () => {
host: db_host,
port: db_port,
database: db_database,
ssl: db_ssl,
};
} else {
db = {
user: db_username,
host: db_host,
port: db_port,
database: db_database,
ssl: db_ssl,
};
}
} else {
Expand All @@ -41,12 +44,12 @@ const resolveDBCredentials = () => {
host: 'localhost',
port: 5432,
database: 'schulcloud_calendar',
ssl: false, //default
};
}
// https://github.com/vitaly-t/pg-promise/wiki/Connection-Syntax#configuration-object
// https://www.npmjs.com/package/pg-pool
// https://docs.hpi-schul-cloud.org/display/CARCH/Open+Issues+Scalability+and+Stabilization
// db.ssl = true;
// db.connectionTimeoutMillis = 1000;
// db.min = config.CONNECTION_POOL_SIZE_MIN; // validate if it is exist
if (config.DB_IDLE_TIMEOUT_MILLIS) {
Expand Down

0 comments on commit 793d7bb

Please sign in to comment.