Make redis and postgres tls optional and opt-in
This commit is contained in:
parent
4f92a1066f
commit
1b77d101ee
6 changed files with 19 additions and 15 deletions
|
@ -35,7 +35,7 @@ port: 3000
|
||||||
db:
|
db:
|
||||||
host: localhost
|
host: localhost
|
||||||
port: 5432
|
port: 5432
|
||||||
|
#ssl: false
|
||||||
# Database name
|
# Database name
|
||||||
db: calckey
|
db: calckey
|
||||||
|
|
||||||
|
@ -48,6 +48,7 @@ db:
|
||||||
|
|
||||||
# Extra Connection options
|
# Extra Connection options
|
||||||
#extra:
|
#extra:
|
||||||
|
# TODO: find another example
|
||||||
# ssl: true
|
# ssl: true
|
||||||
|
|
||||||
# ┌─────────────────────┐
|
# ┌─────────────────────┐
|
||||||
|
@ -56,6 +57,7 @@ db:
|
||||||
redis:
|
redis:
|
||||||
host: localhost
|
host: localhost
|
||||||
port: 6379
|
port: 6379
|
||||||
|
#tls: false
|
||||||
#family: 0 # 0=Both, 4=IPv4, 6=IPv6
|
#family: 0 # 0=Both, 4=IPv4, 6=IPv6
|
||||||
#pass: example-pass
|
#pass: example-pass
|
||||||
#prefix: example-prefix
|
#prefix: example-prefix
|
||||||
|
|
|
@ -12,8 +12,8 @@ export default new DataSource({
|
||||||
extra: config.db.extra,
|
extra: config.db.extra,
|
||||||
entities: entities,
|
entities: entities,
|
||||||
migrations: ["migration/*.js"],
|
migrations: ["migration/*.js"],
|
||||||
ssl: {
|
ssl: config.db.ssl ? {
|
||||||
rejectUnauthorized: false,
|
rejectUnauthorized: false, //TODO make configurable
|
||||||
ca: process.env.DB_SSL_CERT,
|
ca: process.env.DB_SSL_CERT,
|
||||||
},
|
} : undefined,
|
||||||
});
|
});
|
||||||
|
|
|
@ -15,6 +15,7 @@ export type Source = {
|
||||||
pass: string;
|
pass: string;
|
||||||
disableCache?: boolean;
|
disableCache?: boolean;
|
||||||
extra?: { [x: string]: string };
|
extra?: { [x: string]: string };
|
||||||
|
ssl?: boolean;
|
||||||
};
|
};
|
||||||
redis: {
|
redis: {
|
||||||
host: string;
|
host: string;
|
||||||
|
@ -24,6 +25,7 @@ export type Source = {
|
||||||
db?: number;
|
db?: number;
|
||||||
prefix?: string;
|
prefix?: string;
|
||||||
user?: string;
|
user?: string;
|
||||||
|
tls?: boolean;
|
||||||
};
|
};
|
||||||
elasticsearch: {
|
elasticsearch: {
|
||||||
host: string;
|
host: string;
|
||||||
|
|
|
@ -211,10 +211,10 @@ export const db = new DataSource({
|
||||||
password: config.redis.pass,
|
password: config.redis.pass,
|
||||||
keyPrefix: `${config.redis.prefix}:query:`,
|
keyPrefix: `${config.redis.prefix}:query:`,
|
||||||
db: config.redis.db || 0,
|
db: config.redis.db || 0,
|
||||||
tls: {
|
tls: config.redis.tls ? {
|
||||||
host: config.redis.host,
|
host: config.redis.host,
|
||||||
rejectUnauthorized: false,
|
rejectUnauthorized: false, // TODO make configurable
|
||||||
},
|
} : undefined,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
: false,
|
: false,
|
||||||
|
@ -223,10 +223,10 @@ export const db = new DataSource({
|
||||||
maxQueryExecutionTime: 300,
|
maxQueryExecutionTime: 300,
|
||||||
entities: entities,
|
entities: entities,
|
||||||
migrations: ["../../migration/*.js"],
|
migrations: ["../../migration/*.js"],
|
||||||
ssl: {
|
ssl: config.db.ssl ? {
|
||||||
rejectUnauthorized: false,
|
rejectUnauthorized: false,
|
||||||
ca: process.env.DB_SSL_CERT,
|
ca: process.env.DB_SSL_CERT,
|
||||||
},
|
} : undefined,
|
||||||
});
|
});
|
||||||
|
|
||||||
export async function initDb(force = false) {
|
export async function initDb(force = false) {
|
||||||
|
|
|
@ -10,10 +10,10 @@ export function createConnection() {
|
||||||
username: config.redis.user ?? "default",
|
username: config.redis.user ?? "default",
|
||||||
keyPrefix: `${config.redis.prefix}:`,
|
keyPrefix: `${config.redis.prefix}:`,
|
||||||
db: config.redis.db || 0,
|
db: config.redis.db || 0,
|
||||||
tls: {
|
tls: config.redis.tls ? {
|
||||||
rejectUnauthorized: false,
|
rejectUnauthorized: false, //TODO make configurable
|
||||||
host: config.redis.host,
|
host: config.redis.host,
|
||||||
},
|
} : undefined,
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,9 +10,9 @@ export function initialize<T>(name: string, limitPerSec = -1) {
|
||||||
user: config.redis.user ?? "default",
|
user: config.redis.user ?? "default",
|
||||||
password: config.redis.pass,
|
password: config.redis.pass,
|
||||||
db: config.redis.db || 0,
|
db: config.redis.db || 0,
|
||||||
tls: {
|
tls: config.redis.tls ? {
|
||||||
host: config.redis.host,
|
host: config.redis.host, //TODO add configurable cert validation
|
||||||
},
|
} : undefined,
|
||||||
},
|
},
|
||||||
prefix: config.redis.prefix ? `${config.redis.prefix}:queue` : "queue",
|
prefix: config.redis.prefix ? `${config.redis.prefix}:queue` : "queue",
|
||||||
limiter:
|
limiter:
|
||||||
|
|
Loading…
Reference in a new issue