IntenseFinance/firefly-iii
3
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add SSL configuration for MySQL

Browse Source
This commit is contained in:
bpatath 2020-05-22 00:22:31 +02:00
parent 1c9c380c8c
commit 3195dd0db0
2 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.env.example
View File

@ -65,6 +65,16 @@ DB_DATABASE=firefly
DB_USERNAME=firefly
DB_PASSWORD=secret_firefly_password
# MySQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MYSQL_SSL_MODE=prefer
MYSQL_SSL_ROOT_CERT_PATH=
MYSQL_SSL_ROOT_CERT=
MYSQL_SSL_CERT=
MYSQL_SSL_KEY=
MYSQL_SSL_CIPHER=
MYSQL_SSL_VERIFY=
# PostgreSQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE
PGSQL_SSL_MODE=prefer

20
config/database.php
View File

@ -39,6 +39,24 @@ if (!(false === $databaseUrl)) {
$database = substr($options['path'] ?? '/firefly', 1);
}
/*
* Get SSL parameters from .env file.
*/
$mysql_ssl_ca_dir = envNonEmpty('MYSQL_SSL_ROOT_CERT_PATH', null);
$mysql_ssl_ca_file = envNonEmpty('MYSQL_SSL_ROOT_CERT', null);
$mysql_ssl_cert = envNonEmpty('MYSQL_SSL_CERT', null);
$mysql_ssl_key = envNonEmpty('MYSQL_SSL_KEY', null);
$mysql_ssl_ciphers = envNonEmpty('MYSQL_SSL_CIPHER', null);
$mysql_ssl_verify = envNonEmpty('MYSQL_SSL_VERIFY', null);
$mysql_ssl_options = [];
if ($mysql_ssl_ca_dir !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CAPATH ] = $mysql_ssl_ca_dir;
if ($mysql_ssl_ca_file !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CA ] = $mysql_ssl_ca_file;
if ($mysql_ssl_cert !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CERT ] = $mysql_ssl_cert;
if ($mysql_ssl_key !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_KEY ] = $mysql_ssl_key;
if ($mysql_ssl_ciphers !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CIPHER ] = $mysql_ssl_ciphers;
if ($mysql_ssl_verify !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $mysql_ssl_verify;
return [
'default' => envNonEmpty('DB_CONNECTION', 'pgsql'),
'connections' => [
@ -60,6 +78,8 @@ return [
'prefix' => '',
'strict' => true,
'engine' => 'InnoDB',
'sslmode' => envNonEmpty('MYSQL_SSL_MODE', 'prefer'),
'options' => $mysql_ssl_options,
],
'pgsql' => [
'driver' => 'pgsql',