mirrors/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/fox/tt-rss.git synced 2025-08-05 13:47:25 +02:00
Code Issues Projects Releases Wiki Activity

add support for PG sslmode and set it to prefer encrypted connections by default

Browse Source
This commit is contained in:
Andrew Dolgov 2025-07-03 19:04:32 +03:00
parent 18f8f55ce5
commit 4088636865
No known key found for this signature in database
GPG Key ID: 1A56B4FA25D4AF2A
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
classes/Config.php
View File

@ -45,6 +45,9 @@ class Config {
/** database server port */
const DB_PORT = "DB_PORT";
/** PostgreSQL SSL mode (prefer, require, disabled) */
const DB_SSLMODE = "DB_SSLMODE";
/** this is a fallback falue for the CLI SAPI, it should be set to a fully-qualified tt-rss URL */
const SELF_URL_PATH = "SELF_URL_PATH";
@ -219,6 +222,7 @@ class Config {
Config::DB_NAME => [ "", Config::T_STRING ],
Config::DB_PASS => [ "", Config::T_STRING ],
Config::DB_PORT => [ "5432", Config::T_STRING ],
Config::DB_SSLMODE => [ "prefer", Config::T_STRING ],
Config::SELF_URL_PATH => [ "https://example.com/tt-rss", Config::T_STRING ],
Config::SINGLE_USER_MODE => [ "", Config::T_BOOL ],
Config::PHP_EXECUTABLE => [ "/usr/bin/php", Config::T_STRING ],

4
classes/Db.php
View File

@ -26,8 +26,10 @@ class Db {
public static function get_dsn(): string {
$db_port = Config::get(Config::DB_PORT) ? ';port=' . Config::get(Config::DB_PORT) : '';
$db_host = Config::get(Config::DB_HOST) ? ';host=' . Config::get(Config::DB_HOST) : '';
$db_sslmode = Config::get(Config::DB_SSLMODE);
return 'pgsql:dbname=' . Config::get(Config::DB_NAME) . $db_host . $db_port;
return 'pgsql:dbname=' . Config::get(Config::DB_NAME) . $db_host . $db_port .
";sslmode=$db_sslmode";
}
// this really shouldn't be used unless a separate PDO connection is needed