BreizhHardware/Jellystat
1
0
Fork 0
mirror of https://github.com/BreizhHardware/Jellystat.git synced 2026-01-18 16:27:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #444 from gunanr/postgres-ssl-verify-toggle

Browse Source 
POSTGRES_SSL_ENABLED and POSTGRES_SSL_REJECT_UNAUTHORIZED environment variable support
This commit is contained in:
Thegan Govender
2025-09-24 18:38:10 +02:00
committed by GitHub
parent e940ffec97 5b293d55bf
commit e978a2d3ac
5 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -30,6 +30,8 @@
| POSTGRES_PASSWORD `REQUIRED` | `null` | `postgres` | Password that will be used in postgres database | | POSTGRES_PASSWORD `REQUIRED` | `null` | `postgres` | Password that will be used in postgres database |
| POSTGRES_IP `REQUIRED` | `null` | `jellystat-db` or `192.168.0.5` | Hostname/IP of postgres instance | | POSTGRES_IP `REQUIRED` | `null` | `jellystat-db` or `192.168.0.5` | Hostname/IP of postgres instance |
| POSTGRES_PORT `REQUIRED` | `null` | `5432` | Port Postgres is running on | | POSTGRES_PORT `REQUIRED` | `null` | `5432` | Port Postgres is running on |
| POSTGRES_SSL_ENABLED | `null` | `true` | Enable SSL connections to Postgres
| POSTGRES_SSL_REJECT_UNAUTHORIZED | `null` | `false` | Verify Postgres SSL certificates when POSTGRES_SSL_ENABLED=true
| JS_LISTEN_IP | `0.0.0.0`| `0.0.0.0` or `::` | Enable listening on specific IP or `::` for IPv6 | | JS_LISTEN_IP | `0.0.0.0`| `0.0.0.0` or `::` | Enable listening on specific IP or `::` for IPv6 |
| JWT_SECRET `REQUIRED` | `null` | `my-secret-jwt-key` | JWT Key to be used to encrypt JWT tokens for authentication | | JWT_SECRET `REQUIRED` | `null` | `my-secret-jwt-key` | JWT Key to be used to encrypt JWT tokens for authentication |
| TZ `REQUIRED` | `null` | `Etc/UTC` | Server timezone (Can be found at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List) | | TZ `REQUIRED` | `null` | `Etc/UTC` | Server timezone (Can be found at https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List) |

4
backend/create_database.js
View File

@@ -5,12 +5,16 @@ const _POSTGRES_PASSWORD = process.env.POSTGRES_PASSWORD;
const _POSTGRES_IP = process.env.POSTGRES_IP; const _POSTGRES_IP = process.env.POSTGRES_IP;
const _POSTGRES_PORT = process.env.POSTGRES_PORT; const _POSTGRES_PORT = process.env.POSTGRES_PORT;
const _POSTGRES_DATABASE = process.env.POSTGRES_DB || 'jfstat'; const _POSTGRES_DATABASE = process.env.POSTGRES_DB || 'jfstat';
const _POSTGRES_SSL_REJECT_UNAUTHORIZED = process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === undefined ? true : process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === "true";
const client = new Client({ const client = new Client({
host: _POSTGRES_IP, host: _POSTGRES_IP,
user: _POSTGRES_USER, user: _POSTGRES_USER,
password: _POSTGRES_PASSWORD, password: _POSTGRES_PASSWORD,
port: _POSTGRES_PORT, port: _POSTGRES_PORT,
...(process.env.POSTGRES_SSL_ENABLED === "true"
? { ssl: { rejectUnauthorized: _POSTGRES_SSL_REJECT_UNAUTHORIZED } }
: {})
}); });
const createDatabase = async () => { const createDatabase = async () => {

4
backend/db.js
View File

@@ -7,6 +7,7 @@ const _POSTGRES_PASSWORD = process.env.POSTGRES_PASSWORD;
const _POSTGRES_IP = process.env.POSTGRES_IP; const _POSTGRES_IP = process.env.POSTGRES_IP;
const _POSTGRES_PORT = process.env.POSTGRES_PORT; const _POSTGRES_PORT = process.env.POSTGRES_PORT;
const _POSTGRES_DATABASE = process.env.POSTGRES_DB || "jfstat"; const _POSTGRES_DATABASE = process.env.POSTGRES_DB || "jfstat";
const _POSTGRES_SSL_REJECT_UNAUTHORIZED = process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === undefined ? true : process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === "true";
if ([_POSTGRES_USER, _POSTGRES_PASSWORD, _POSTGRES_IP, _POSTGRES_PORT].includes(undefined)) { if ([_POSTGRES_USER, _POSTGRES_PASSWORD, _POSTGRES_IP, _POSTGRES_PORT].includes(undefined)) {
console.log("Error: Postgres details not defined"); console.log("Error: Postgres details not defined");
@@ -22,6 +23,9 @@ const pool = new Pool({
max: 20, // Maximum number of connections in the pool max: 20, // Maximum number of connections in the pool
idleTimeoutMillis: 30000, // Close idle clients after 30 seconds idleTimeoutMillis: 30000, // Close idle clients after 30 seconds
connectionTimeoutMillis: 2000, // Return an error after 2 seconds if connection could not be established connectionTimeoutMillis: 2000, // Return an error after 2 seconds if connection could not be established
...(process.env.POSTGRES_SSL_ENABLED === "true"
? { ssl: { rejectUnauthorized: _POSTGRES_SSL_REJECT_UNAUTHORIZED } }
: {})
}); });
pool.on("error", (err, client) => { pool.on("error", (err, client) => {

6
backend/migrations.js
View File

@@ -12,6 +12,9 @@ module.exports = {
port:process.env.POSTGRES_PORT, port:process.env.POSTGRES_PORT,
database: process.env.POSTGRES_DB || 'jfstat', database: process.env.POSTGRES_DB || 'jfstat',
createDatabase: true, createDatabase: true,
...(process.env.POSTGRES_SSL_ENABLED === "true"
? { ssl: { rejectUnauthorized: process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === undefined ? true : process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === "true" } }
: {})
}, },
migrations: { migrations: {
directory: __dirname + '/migrations', directory: __dirname + '/migrations',
@@ -39,6 +42,9 @@ module.exports = {
port:process.env.POSTGRES_PORT, port:process.env.POSTGRES_PORT,
database: process.env.POSTGRES_DB || 'jfstat', database: process.env.POSTGRES_DB || 'jfstat',
createDatabase: true, createDatabase: true,
...(process.env.POSTGRES_SSL_ENABLED === "true"
? { ssl: { rejectUnauthorized: process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === undefined ? true : process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === "true" } }
: {})
}, },
migrations: { migrations: {
directory: __dirname + '/migrations', directory: __dirname + '/migrations',

5
backend/routes/backup.js
View File

@@ -23,6 +23,8 @@ const postgresPassword = process.env.POSTGRES_PASSWORD;
const postgresIp = process.env.POSTGRES_IP; const postgresIp = process.env.POSTGRES_IP;
const postgresPort = process.env.POSTGRES_PORT; const postgresPort = process.env.POSTGRES_PORT;
const postgresDatabase = process.env.POSTGRES_DB || "jfstat"; const postgresDatabase = process.env.POSTGRES_DB || "jfstat";
const postgresSslRejectUnauthorized = process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === undefined ? true : process.env.POSTGRES_SSL_REJECT_UNAUTHORIZED === "true";
const backupfolder = "backup-data"; const backupfolder = "backup-data";
// Restore function // Restore function
@@ -52,6 +54,9 @@ async function restore(file, refLog) {
host: postgresIp, host: postgresIp,
port: postgresPort, port: postgresPort,
database: postgresDatabase, database: postgresDatabase,
...(process.env.POSTGRES_SSL_ENABLED === "true"
? { ssl: { rejectUnauthorized: postgresSslRejectUnauthorized } }
: {}),
}); });
const backupPath = file; const backupPath = file;