Merge pull request #574 from Kashalls/postgresfix

chore: attempt to support postgresql ssl

CommonServer/Config.ts

@@ -36,6 +36,22 @@ export const DatabasePassword: string =
 export const DatabaseName: string =
     process.env['DATABASE_NAME'] || 'oneuptimedb';
 
+export const DatabaseSslCa: string | undefined =
+    process.env['DATABASE_SSL_CA'] || undefined;
+
+export const DatabaseSslKey: string | undefined =
+    process.env['DATABASE_SSL_KEY'] || undefined;
+
+export const DatabaseSslCert: string | undefined =
+    process.env['DATABASE_SSL_CERT'] || undefined;
+
+export const DatabaseRejectUnauthorized: boolean =
+    process.env['DATABASE_SSL_REJECT_UNAUTHORIZED'] === 'true';
+
+export const ShouldDatabaseSslEnable: boolean = Boolean(
+    DatabaseSslCa || (DatabaseSslCert && DatabaseSslKey)
+);
+
 export const EncryptionSecret: ObjectID = new ObjectID(
     process.env['ENCRYPTION_SECRET'] || 'secret'
 );
@@ -48,7 +64,7 @@ export const ClusterKey: ObjectID = new ObjectID(
     process.env['ONEUPTIME_SECRET'] || 'secret'
 );
 
-export const hasClusterKey: boolean = Boolean(process.env['ONEUPTIME_SECRET']);
+export const HasClusterKey: boolean = Boolean(process.env['ONEUPTIME_SECRET']);
 
 export const Domain: Hostname = Hostname.fromString(
     process.env['DOMAIN'] || 'localhost'

CommonServer/Infrastructure/PostgresConfig.ts

@@ -5,6 +5,11 @@ import {
     DatabasePassword,
     DatabasePort,
     DatabaseUsername,
+    DatabaseSslCa,
+    DatabaseSslKey,
+    DatabaseSslCert,
+    DatabaseRejectUnauthorized,
+    ShouldDatabaseSslEnable,
     Env,
 } from '../Config';
 import Entities from 'Model/Models/Index';
@@ -23,6 +28,14 @@ export const dataSourceOptions: DataSourceOptions = {
     migrationsTableName: 'migrations',
     migrations: Migrations,
     entities: Entities,
+    ssl: ShouldDatabaseSslEnable
+        ? {
+              rejectUnauthorized: DatabaseRejectUnauthorized,
+              ca: DatabaseSslCa,
+              key: DatabaseSslKey,
+              cert: DatabaseSslCert,
+          }
+        : false,
     // logging: 'all',
     // synchronize: Env === AppEnvironment.Development,
     synchronize: true,

Probe/Services/Register.ts

@@ -7,7 +7,7 @@ import {
     PROBE_NAME,
 } from '../Config';
 import URL from 'Common/Types/API/URL';
-import { ClusterKey, hasClusterKey } from 'CommonServer/Config';
+import { ClusterKey, HasClusterKey } from 'CommonServer/Config';
 import logger from 'CommonServer/Utils/Logger';
 import HTTPResponse from 'Common/Types/API/HTTPResponse';
 import { JSONObject } from 'Common/Types/JSON';
@@ -15,7 +15,7 @@ import LocalCache from 'CommonServer/Infrastructure/LocalCache';
 
 export default class Register {
     public static async registerProbe(): Promise<void> {
-        if (hasClusterKey) {
+        if (HasClusterKey) {
             const resullt: HTTPResponse<JSONObject> = await API.post(
                 URL.fromString(PROBE_API_URL.toString()).addRoute('/register'),
                 {

config.example.env

@@ -59,6 +59,13 @@ DATABASE_USERNAME=postgres
 DATABASE_NAME=oneuptimedb
 DATABASE_HOST=postgres
 
+# Used to connect to managed postgres providers.
+# Fill only what your provider needs.
+DatabaseRejectUnauthorized=false
+DatabaseSslCa=
+DatabaseSslKey=
+DatabaseSslCert=
+
 # Redis DB Settings. 
 
 REDIS_HOST=redis

docker-compose.base.yml

@@ -42,6 +42,10 @@ x-common-server-variables: &common-server-variables
     DATABASE_PASSWORD: ${DATABASE_PASSWORD}
     DATABASE_NAME: ${DATABASE_NAME}
     DATABASE_HOST: ${DATABASE_HOST}
+    DATABASE_SSL_CA: ${DATABASE_SSL_CA}
+    DATABASE_SSL_KEY: ${DATABASE_SSL_KEY}
+    DATABASE_SSL_CERT: ${DATABASE_SSL_CERT}
+    DATABASE_SSL_REJECT_UNAUTHORIZED: ${DATABASE_SSL_REJECT_UNAUTHORIZED}
 
     REDIS_PASSWORD: ${REDIS_PASSWORD}
     REDIS_HOST: ${REDIS_HOST}