Add ssl ca

0xslipk · 0xslipk · commit 2e913c0bd744 · 2022-11-09T08:10:17.000-04:00
diff --git a/.env.sample b/.env.sample
@@ -12,6 +12,8 @@ DATABASE_HOST=postgres
 DATABASE_NAME=ink
 DATABASE_USERNAME=root
 DATABASE_PASSWORD=password
+DATABASE_PORT=5432
+DATABASE_SSL_CA=""
 DATABASE_RETRY_ATTEMPTS=5
 DATABASE_RETRY_DELAY=3000
 
diff --git a/src/db/db.module.ts b/src/db/db.module.ts
@@ -1,5 +1,5 @@
 import { Module } from '@nestjs/common'
-import { TypeOrmModule } from '@nestjs/typeorm'
+import { TypeOrmModule, TypeOrmModuleOptions } from '@nestjs/typeorm'
 import { Block } from '../blocks/entity/block.entity'
 import { Contract } from '../contracts/entity/contract.entity'
 import { EnvModule } from '../env/env.module'
@@ -13,7 +13,7 @@ import { Transaction } from '../transactions/entity/transaction.entity'
       imports: [EnvModule],
       inject: [EnvService],
       useFactory: async (env: EnvService) => {
-        return {
+        const config: TypeOrmModuleOptions = {
           type: 'postgres',
           host: env.DATABASE_HOST,
           port: env.DATABASE_PORT,
@@ -26,6 +26,18 @@ import { Transaction } from '../transactions/entity/transaction.entity'
           autoLoadEntities: true,
           keepConnectionAlive: false,
         }
+
+        if (!env.isProduction()) {
+          return config
+        }
+
+        return {
+          ...config,
+          ssl: {
+            ca: env.DATABASE_SSL_CA,
+            rejectUnauthorized: false,
+          },
+        }
       },
     }),
     TypeOrmModule.forFeature([Block, Transaction, Event, Contract]),
diff --git a/src/env/env.service.ts b/src/env/env.service.ts
@@ -23,6 +23,7 @@ export class EnvService {
   public readonly DATABASE_PASSWORD: string
   public readonly DATABASE_RETRY_ATTEMPTS: number
   public readonly DATABASE_RETRY_DELAY: number
+  public readonly DATABASE_SSL_CA: string
 
   constructor(private readonly config: ConfigService) {
     // public env variables
@@ -42,6 +43,7 @@ export class EnvService {
     this.DATABASE_PASSWORD = this.config.get<string>('DATABASE_PASSWORD', 'password')
     this.DATABASE_RETRY_ATTEMPTS = parseInt(this.config.get<string>('DATABASE_RETRY_ATTEMPTS', '20'), 10)
     this.DATABASE_RETRY_DELAY = parseInt(this.config.get<string>('DATABASE_RETRY_DELAY', '6000'), 10)
+    this.DATABASE_SSL_CA = this.config.get<string>('DATABASE_SSL_CA', '')
   }
 
   public isProduction(): boolean {
diff --git a/src/env/env.validation.ts b/src/env/env.validation.ts
@@ -54,6 +54,9 @@ export class EnvironmentVariables {
 
   @IsNumberString()
   DATABASE_RETRY_DELAY: string | undefined
+
+  @IsString()
+  DATABASE_SSL_CA: string | undefined
 }
 
 export function validate(config: Record<string, unknown>) {

Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,9 @@ export class EnvironmentVariables {`
`54`	`54`
`55`	`55`	`@IsNumberString()`
`56`	`56`	`DATABASE_RETRY_DELAY: string \| undefined`
	`57`	`+`
	`58`	`+ @IsString()`
	`59`	`+ DATABASE_SSL_CA: string \| undefined`
`57`	`60`	`}`
`58`	`61`
`59`	`62`	`export function validate(config: Record<string, unknown>) {`