From 42e733681aef45c9e6224aed288e4c845782c173 Mon Sep 17 00:00:00 2001 From: Sascha Date: Fri, 8 Mar 2019 14:36:28 +0100 Subject: config: add DB_SSLMODE for managed/remote PG (#10210) * config: add DB_SSLMODE for managed/remote PG * streaming: set PG sslmode, defaults to prefer --- streaming/index.js | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'streaming') diff --git a/streaming/index.js b/streaming/index.js index b4d09d0ad..21a1d47ef 100644 --- a/streaming/index.js +++ b/streaming/index.js @@ -89,6 +89,9 @@ const startWorker = (workerId) => { host: process.env.DB_HOST || pg.defaults.host, port: process.env.DB_PORT || pg.defaults.port, max: 10, + ssl: { + sslmode: process.env.DB_SSLMODE || 'prefer', + }, }, production: { @@ -98,6 +101,9 @@ const startWorker = (workerId) => { host: process.env.DB_HOST || 'localhost', port: process.env.DB_PORT || 5432, max: 10, + ssl: { + sslmode: process.env.DB_SSLMODE || 'prefer', + }, }, }; -- cgit From dbeab5a0360e24fd13e90da609d06134c727b7ca Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 10 Mar 2019 16:00:54 +0100 Subject: Fix SSL configuration regression in streaming API (#10225) * Fix SSL configuration regression in streaming API Fix #10223 * Fix code style issues and integrate #10219 * Fix dumb thing --- streaming/index.js | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) (limited to 'streaming') diff --git a/streaming/index.js b/streaming/index.js index 21a1d47ef..86a91d12b 100644 --- a/streaming/index.js +++ b/streaming/index.js @@ -24,7 +24,7 @@ const dbUrlToConfig = (dbUrl) => { return {}; } - const params = url.parse(dbUrl); + const params = url.parse(dbUrl, true); const config = {}; if (params.auth) { @@ -45,8 +45,8 @@ const dbUrlToConfig = (dbUrl) => { const ssl = params.query && params.query.ssl; - if (ssl) { - config.ssl = ssl === 'true' || ssl === '1'; + if (ssl && ssl === 'true' || ssl === '1') { + config.ssl = true; } return config; @@ -89,9 +89,7 @@ const startWorker = (workerId) => { host: process.env.DB_HOST || pg.defaults.host, port: process.env.DB_PORT || pg.defaults.port, max: 10, - ssl: { - sslmode: process.env.DB_SSLMODE || 'prefer', - }, + ssl: !!process.env.DB_SSLMODE && process.env.DB_SSLMODE !== 'disable' ? true : undefined, }, production: { @@ -101,9 +99,7 @@ const startWorker = (workerId) => { host: process.env.DB_HOST || 'localhost', port: process.env.DB_PORT || 5432, max: 10, - ssl: { - sslmode: process.env.DB_SSLMODE || 'prefer', - }, + ssl: !!process.env.DB_SSLMODE && process.env.DB_SSLMODE !== 'disable' ? true : undefined, }, }; -- cgit