Allow the use of SSL connections to the postgres database. (#1256)

* Allow the use of SSL connections to the postgres database. * Add default SSL false when no env set * Add commented out example of DB_SSL env * Refactor add SSL option into PostgresConnectionOptions * Refactor the database connection to optionally use a URL string instead of the env variables * Refactor the database connection based on feedback * Add dynamic validation around the DB envs * Remove DB_URL from example * Fix rebase * Add back the optional database port in the example * Formatted file correctly * change types to a const to fix tests
immich-app · Jan 20, 2023 · 5340683 · 5340683 · vercel · Jan 20, 2023
1 parent 652f5cb
commit 5340683
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 9 deletions.
diff --git a/server/libs/common/src/config/app.config.ts b/server/libs/common/src/config/app.config.ts
@@ -16,14 +16,21 @@ const jwtSecretValidator: Joi.CustomValidator<string> = (value) => {
   return value;
 };
 
+const WHEN_DB_URL_SET = Joi.when('DB_URL', {
+  is: Joi.exist(),
+  then: Joi.string().optional(),
+  otherwise: Joi.string().required(),
+});
+
 export const immichAppConfig: ConfigModuleOptions = {
   envFilePath: '.env',
   isGlobal: true,
   validationSchema: Joi.object({
     NODE_ENV: Joi.string().required().valid('development', 'production', 'staging').default('development'),
-    DB_USERNAME: Joi.string().required(),
-    DB_PASSWORD: Joi.string().required(),
-    DB_DATABASE_NAME: Joi.string().required(),
+    DB_USERNAME: WHEN_DB_URL_SET,
+    DB_PASSWORD: WHEN_DB_URL_SET,
+    DB_DATABASE_NAME: WHEN_DB_URL_SET,
+    DB_URL: Joi.string().optional(),
     JWT_SECRET: Joi.string().required().custom(jwtSecretValidator),
     DISABLE_REVERSE_GEOCODING: Joi.boolean().optional().valid(true, false).default(false),
     REVERSE_GEOCODING_PRECISION: Joi.number().optional().valid(0, 1, 2, 3).default(3),

diff --git a/server/libs/infra/src/db/config/database.config.ts b/server/libs/infra/src/db/config/database.config.ts
@@ -1,18 +1,26 @@
 import { PostgresConnectionOptions } from 'typeorm/driver/postgres/PostgresConnectionOptions';
 import { DataSource } from 'typeorm';
 
-export const databaseConfig: PostgresConnectionOptions = {
+const baseDatabaseConfig: PostgresConnectionOptions = {
   type: 'postgres',
-  host: process.env.DB_HOSTNAME || 'immich_postgres',
-  port: parseInt(process.env.DB_PORT || '5432'),
-  username: process.env.DB_USERNAME,
-  password: process.env.DB_PASSWORD,
-  database: process.env.DB_DATABASE_NAME,
   entities: [__dirname + '/../**/*.entity.{js,ts}'],
   synchronize: false,
   migrations: [__dirname + '/../migrations/*.{js,ts}'],
   migrationsRun: true,
   connectTimeoutMS: 10000, // 10 seconds
 };
 
+const envBasedDatabaseConfig = {
+  host: process.env.DB_HOSTNAME || 'immich_postgres',
+  port: parseInt(process.env.DB_PORT || '5432'),
+  username: process.env.DB_USERNAME,
+  password: process.env.DB_PASSWORD,
+  database: process.env.DB_DATABASE_NAME,
+};
+
+const url = process.env.DB_URL;
+const additionalSSLDatabaseConfig = url ? { url } : envBasedDatabaseConfig;
+
+export const databaseConfig: PostgresConnectionOptions = { ...baseDatabaseConfig, ...additionalSSLDatabaseConfig };
+
 export const dataSource = new DataSource(databaseConfig);