|
@@ -26,6 +26,8 @@ module.exports = {
|
|
|
init() {
|
|
init() {
|
|
|
let self = this
|
|
let self = this
|
|
|
|
|
|
|
|
|
|
+ // Fetch DB Config
|
|
|
|
|
+
|
|
|
let dbClient = null
|
|
let dbClient = null
|
|
|
let dbConfig = (!_.isEmpty(process.env.DATABASE_URL)) ? process.env.DATABASE_URL : {
|
|
let dbConfig = (!_.isEmpty(process.env.DATABASE_URL)) ? process.env.DATABASE_URL : {
|
|
|
host: WIKI.config.db.host.toString(),
|
|
host: WIKI.config.db.host.toString(),
|
|
@@ -35,12 +37,15 @@ module.exports = {
|
|
|
port: WIKI.config.db.port
|
|
port: WIKI.config.db.port
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- const dbUseSSL = (WIKI.config.db.ssl === true || WIKI.config.db.ssl === 'true' || WIKI.config.db.ssl === 1 || WIKI.config.db.ssl === '1')
|
|
|
|
|
|
|
+ // Handle SSL Options
|
|
|
|
|
+
|
|
|
|
|
+ let dbUseSSL = (WIKI.config.db.ssl === true || WIKI.config.db.ssl === 'true' || WIKI.config.db.ssl === 1 || WIKI.config.db.ssl === '1')
|
|
|
let sslOptions = null
|
|
let sslOptions = null
|
|
|
- if (dbUseSSL && _.isPlainObject(dbConfig) && _.get(dbConfig, 'sslOptions.auto', null) === false) {
|
|
|
|
|
- sslOptions = dbConfig.sslOptions
|
|
|
|
|
- sslOptions.rejectUnauthorized = _.get(sslOptions, 'rejectUnauthorized', true)
|
|
|
|
|
- if (sslOptions.ca) {
|
|
|
|
|
|
|
+ if (dbUseSSL && _.isPlainObject(dbConfig) && _.get(WIKI.config.db, 'sslOptions.auto', null) === false) {
|
|
|
|
|
+ sslOptions = WIKI.config.db.sslOptions
|
|
|
|
|
+ // eslint-disable-next-line no-unneeded-ternary
|
|
|
|
|
+ sslOptions.rejectUnauthorized = sslOptions.rejectUnauthorized === false ? false : true
|
|
|
|
|
+ if (sslOptions.ca && sslOptions.ca.indexOf('-----') !== 0) {
|
|
|
sslOptions.ca = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.ca))
|
|
sslOptions.ca = fs.readFileSync(path.resolve(WIKI.ROOTPATH, sslOptions.ca))
|
|
|
}
|
|
}
|
|
|
if (sslOptions.cert) {
|
|
if (sslOptions.cert) {
|
|
@@ -56,6 +61,16 @@ module.exports = {
|
|
|
sslOptions = true
|
|
sslOptions = true
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+ // Handle inline SSL CA Certificate mode
|
|
|
|
|
+ if (!_.isEmpty(process.env.DB_SSL_CA) && process.env.DB_SSL_CA) {
|
|
|
|
|
+ dbUseSSL = true
|
|
|
|
|
+ sslOptions = {
|
|
|
|
|
+ rejectUnauthorized: true,
|
|
|
|
|
+ ca: process.env.DB_SSL_CA
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ // Engine-specific config
|
|
|
switch (WIKI.config.db.type) {
|
|
switch (WIKI.config.db.type) {
|
|
|
case 'postgres':
|
|
case 'postgres':
|
|
|
dbClient = 'pg'
|
|
dbClient = 'pg'
|
|
@@ -100,6 +115,7 @@ module.exports = {
|
|
|
process.exit(1)
|
|
process.exit(1)
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+ // Initialize Knex
|
|
|
this.knex = Knex({
|
|
this.knex = Knex({
|
|
|
client: dbClient,
|
|
client: dbClient,
|
|
|
useNullAsDefault: true,
|
|
useNullAsDefault: true,
|
NGPixel