From 53406831994ba6c58efa527b11cafee4dc656e24 Mon Sep 17 00:00:00 2001 From: Hammer <9199049+monotok@users.noreply.github.com> Date: Fri, 20 Jan 2023 20:27:01 +0000 Subject: [PATCH] Allow the use of SSL connections to the postgres database. (#1256) * Allow the use of SSL connections to the postgres database. * Add default SSL false when no env set * Add commented out example of DB_SSL env * Refactor add SSL option into PostgresConnectionOptions * Refactor the database connection to optionally use a URL string instead of the env variables * Refactor the database connection based on feedback * Add dynamic validation around the DB envs * Remove DB_URL from example * Fix rebase * Add back the optional database port in the example * Formatted file correctly * change types to a const to fix tests --- server/libs/common/src/config/app.config.ts | 13 +++++++++--- .../infra/src/db/config/database.config.ts | 20 +++++++++++++------ 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/server/libs/common/src/config/app.config.ts b/server/libs/common/src/config/app.config.ts index 5e79c4260b..7f2ab30459 100644 --- a/server/libs/common/src/config/app.config.ts +++ b/server/libs/common/src/config/app.config.ts @@ -16,14 +16,21 @@ const jwtSecretValidator: Joi.CustomValidator = (value) => { return value; }; +const WHEN_DB_URL_SET = Joi.when('DB_URL', { + is: Joi.exist(), + then: Joi.string().optional(), + otherwise: Joi.string().required(), +}); + export const immichAppConfig: ConfigModuleOptions = { envFilePath: '.env', isGlobal: true, validationSchema: Joi.object({ NODE_ENV: Joi.string().required().valid('development', 'production', 'staging').default('development'), - DB_USERNAME: Joi.string().required(), - DB_PASSWORD: Joi.string().required(), - DB_DATABASE_NAME: Joi.string().required(), + DB_USERNAME: WHEN_DB_URL_SET, + DB_PASSWORD: WHEN_DB_URL_SET, + DB_DATABASE_NAME: WHEN_DB_URL_SET, + DB_URL: Joi.string().optional(), JWT_SECRET: Joi.string().required().custom(jwtSecretValidator), DISABLE_REVERSE_GEOCODING: Joi.boolean().optional().valid(true, false).default(false), REVERSE_GEOCODING_PRECISION: Joi.number().optional().valid(0, 1, 2, 3).default(3), diff --git a/server/libs/infra/src/db/config/database.config.ts b/server/libs/infra/src/db/config/database.config.ts index 746b23c236..b98f16d71d 100644 --- a/server/libs/infra/src/db/config/database.config.ts +++ b/server/libs/infra/src/db/config/database.config.ts @@ -1,13 +1,8 @@ import { PostgresConnectionOptions } from 'typeorm/driver/postgres/PostgresConnectionOptions'; import { DataSource } from 'typeorm'; -export const databaseConfig: PostgresConnectionOptions = { +const baseDatabaseConfig: PostgresConnectionOptions = { type: 'postgres', - host: process.env.DB_HOSTNAME || 'immich_postgres', - port: parseInt(process.env.DB_PORT || '5432'), - username: process.env.DB_USERNAME, - password: process.env.DB_PASSWORD, - database: process.env.DB_DATABASE_NAME, entities: [__dirname + '/../**/*.entity.{js,ts}'], synchronize: false, migrations: [__dirname + '/../migrations/*.{js,ts}'], @@ -15,4 +10,17 @@ export const databaseConfig: PostgresConnectionOptions = { connectTimeoutMS: 10000, // 10 seconds }; +const envBasedDatabaseConfig = { + host: process.env.DB_HOSTNAME || 'immich_postgres', + port: parseInt(process.env.DB_PORT || '5432'), + username: process.env.DB_USERNAME, + password: process.env.DB_PASSWORD, + database: process.env.DB_DATABASE_NAME, +}; + +const url = process.env.DB_URL; +const additionalSSLDatabaseConfig = url ? { url } : envBasedDatabaseConfig; + +export const databaseConfig: PostgresConnectionOptions = { ...baseDatabaseConfig, ...additionalSSLDatabaseConfig }; + export const dataSource = new DataSource(databaseConfig);