Add client-cert parameters of the Go pq driver to the Vikunja config (#1161)

Co-authored-by: tuxthepenguin <tux@saturnv.uphus-internal.de>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1161
Reviewed-by: konrad <k@knt.li>
Co-authored-by: tuxthepenguin <tuxthepenguin@noreply.kolaente.de>
Co-committed-by: tuxthepenguin <tuxthepenguin@noreply.kolaente.de>
This commit is contained in:
tuxthepenguin 2022-04-23 15:46:00 +00:00 committed by konrad
parent 96e519ea96
commit 4960a498ff
4 changed files with 51 additions and 7 deletions

View file

@ -60,11 +60,11 @@ database:
type: "sqlite" type: "sqlite"
# Database user which is used to connect to the database. # Database user which is used to connect to the database.
user: "vikunja" user: "vikunja"
# Databse password # Database password
password: "" password: ""
# Databse host # Database host
host: "localhost" host: "localhost"
# Databse to use # Database to use
database: "vikunja" database: "vikunja"
# When using sqlite, this is the path where to store the data # When using sqlite, this is the path where to store the data
path: "./vikunja.db" path: "./vikunja.db"
@ -77,6 +77,12 @@ database:
# Secure connection mode. Only used with postgres. # Secure connection mode. Only used with postgres.
# (see https://pkg.go.dev/github.com/lib/pq?tab=doc#hdr-Connection_String_Parameters) # (see https://pkg.go.dev/github.com/lib/pq?tab=doc#hdr-Connection_String_Parameters)
sslmode: disable sslmode: disable
# The path to the client cert. Only used with postgres.
sslcert: ""
# The path to the client key. Only used with postgres.
sslkey: ""
# The path to the ca cert. Only used with postgres.
sslrootcert: ""
# Enable SSL/TLS for mysql connections. Options: false, true, skip-verify, preferred # Enable SSL/TLS for mysql connections. Options: false, true, skip-verify, preferred
tls: false tls: false

View file

@ -340,7 +340,7 @@ Environment path: `VIKUNJA_DATABASE_USER`
### password ### password
Databse password Database password
Default: `<empty>` Default: `<empty>`
@ -351,7 +351,7 @@ Environment path: `VIKUNJA_DATABASE_PASSWORD`
### host ### host
Databse host Database host
Default: `localhost` Default: `localhost`
@ -362,7 +362,7 @@ Environment path: `VIKUNJA_DATABASE_HOST`
### database ### database
Databse to use Database to use
Default: `vikunja` Default: `vikunja`
@ -426,6 +426,35 @@ Full path: `database.sslmode`
Environment path: `VIKUNJA_DATABASE_SSLMODE` Environment path: `VIKUNJA_DATABASE_SSLMODE`
### sslcert
The path to the client cert. Only used with postgres.
Default: `<empty>`
Full path: `database.sslcert`
Environment path: `VIKUNJA_DATABASE_SSLCERT`
### sslkey
The path to the client key. Only used with postgres.
Default: `<empty>`
Full path: `database.sslkey`
Environment path: `VIKUNJA_DATABASE_SSLKEY`
### sslrootcert
The path to the ca cert. Only used with postgres.
Default: `<empty>`
Full path: `database.sslrootcert`
Environment path: `VIKUNJA_DATABASE_SSLROOTCERT`
### tls ### tls

View file

@ -78,6 +78,9 @@ const (
DatabaseMaxIdleConnections Key = `database.maxidleconnections` DatabaseMaxIdleConnections Key = `database.maxidleconnections`
DatabaseMaxConnectionLifetime Key = `database.maxconnectionlifetime` DatabaseMaxConnectionLifetime Key = `database.maxconnectionlifetime`
DatabaseSslMode Key = `database.sslmode` DatabaseSslMode Key = `database.sslmode`
DatabaseSslCert Key = `database.sslcert`
DatabaseSslKey Key = `database.sslkey`
DatabaseSslRootCert Key = `database.sslrootcert`
DatabaseTLS Key = `database.tls` DatabaseTLS Key = `database.tls`
CacheEnabled Key = `cache.enabled` CacheEnabled Key = `cache.enabled`
@ -268,6 +271,9 @@ func InitDefaultConfig() {
DatabaseMaxIdleConnections.setDefault(50) DatabaseMaxIdleConnections.setDefault(50)
DatabaseMaxConnectionLifetime.setDefault(10000) DatabaseMaxConnectionLifetime.setDefault(10000)
DatabaseSslMode.setDefault("disable") DatabaseSslMode.setDefault("disable")
DatabaseSslCert.setDefault("")
DatabaseSslKey.setDefault("")
DatabaseSslRootCert.setDefault("")
DatabaseTLS.setDefault("false") DatabaseTLS.setDefault("false")
// Cacher // Cacher

View file

@ -150,13 +150,16 @@ func parsePostgreSQLHostPort(info string) (string, string) {
func initPostgresEngine() (engine *xorm.Engine, err error) { func initPostgresEngine() (engine *xorm.Engine, err error) {
host, port := parsePostgreSQLHostPort(config.DatabaseHost.GetString()) host, port := parsePostgreSQLHostPort(config.DatabaseHost.GetString())
connStr := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s", connStr := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s sslcert=%s sslkey=%s sslrootcert=%s",
host, host,
port, port,
url.PathEscape(config.DatabaseUser.GetString()), url.PathEscape(config.DatabaseUser.GetString()),
url.PathEscape(config.DatabasePassword.GetString()), url.PathEscape(config.DatabasePassword.GetString()),
config.DatabaseDatabase.GetString(), config.DatabaseDatabase.GetString(),
config.DatabaseSslMode.GetString(), config.DatabaseSslMode.GetString(),
config.DatabaseSslCert.GetString(),
config.DatabaseSslKey.GetString(),
config.DatabaseSslRootCert.GetString(),
) )
engine, err = xorm.NewEngine("postgres", connStr) engine, err = xorm.NewEngine("postgres", connStr)