kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-15 16:57:09 +00:00
Code Issues Projects Releases Wiki Activity

Replace unnused MySQL SSL mode

Browse Source
This commit is contained in:
bpatath
2020-05-27 11:08:15 +02:00
parent f427267f5b
commit 8aa7776072
2 changed files with 19 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.env.example
View File

@@ -67,13 +67,14 @@ DB_PASSWORD=secret_firefly_password
# MySQL supports SSL. You can configure it here. # MySQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE # If you use Docker or similar, you can set these variables from a file by appending them with _FILE
MYSQL_SSL_MODE=prefer MYSQL_USE_SSL=false
MYSQL_SSL_ROOT_CERT_PATH= MYSQL_SSL_VERIFY_SERVER_CERT=true
MYSQL_SSL_ROOT_CERT= # You need to set at least of these options
MYSQL_SSL_CAPATH=/etc/ssl/certs/
MYSQL_SSL_CA=
MYSQL_SSL_CERT= MYSQL_SSL_CERT=
MYSQL_SSL_KEY= MYSQL_SSL_KEY=
MYSQL_SSL_CIPHER= MYSQL_SSL_CIPHER=
MYSQL_SSL_VERIFY=
# PostgreSQL supports SSL. You can configure it here. # PostgreSQL supports SSL. You can configure it here.
# If you use Docker or similar, you can set these variables from a file by appending them with _FILE # If you use Docker or similar, you can set these variables from a file by appending them with _FILE

27
config/database.php
View File

@@ -42,20 +42,22 @@ if (!(false === $databaseUrl)) {
/* /*
* Get SSL parameters from .env file. * Get SSL parameters from .env file.
*/ */
$mysql_ssl_ca_dir = envNonEmpty('MYSQL_SSL_ROOT_CERT_PATH', null); $mysql_ssl_ca_dir = envNonEmpty('MYSQL_SSL_CAPATH', null);
$mysql_ssl_ca_file = envNonEmpty('MYSQL_SSL_ROOT_CERT', null); $mysql_ssl_ca_file = envNonEmpty('MYSQL_SSL_CA', null);
$mysql_ssl_cert = envNonEmpty('MYSQL_SSL_CERT', null); $mysql_ssl_cert = envNonEmpty('MYSQL_SSL_CERT', null);
$mysql_ssl_key = envNonEmpty('MYSQL_SSL_KEY', null); $mysql_ssl_key = envNonEmpty('MYSQL_SSL_KEY', null);
$mysql_ssl_ciphers = envNonEmpty('MYSQL_SSL_CIPHER', null); $mysql_ssl_ciphers = envNonEmpty('MYSQL_SSL_CIPHER', null);
$mysql_ssl_verify = envNonEmpty('MYSQL_SSL_VERIFY', null); $mysql_ssl_verify = envNonEmpty('MYSQL_SSL_VERIFY_SERVER_CERT', null);
$mysql_ssl_options = []; $mysql_ssl_options = [];
if ($mysql_ssl_ca_dir !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CAPATH ] = $mysql_ssl_ca_dir; if (!(false === envNonEmpty('MYSQL_USE_SSL', false))) {
if ($mysql_ssl_ca_file !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CA ] = $mysql_ssl_ca_file; if ($mysql_ssl_ca_dir !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CAPATH ] = $mysql_ssl_ca_dir;
if ($mysql_ssl_cert !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CERT ] = $mysql_ssl_cert; if ($mysql_ssl_ca_file !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CA ] = $mysql_ssl_ca_file;
if ($mysql_ssl_key !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_KEY ] = $mysql_ssl_key; if ($mysql_ssl_cert !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CERT ] = $mysql_ssl_cert;
if ($mysql_ssl_ciphers !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CIPHER ] = $mysql_ssl_ciphers; if ($mysql_ssl_key !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_KEY ] = $mysql_ssl_key;
if ($mysql_ssl_verify !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $mysql_ssl_verify; if ($mysql_ssl_ciphers !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_CIPHER ] = $mysql_ssl_ciphers;
if ($mysql_ssl_verify !== null) $mysql_ssl_options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = $mysql_ssl_verify;
}
return [ return [
'default' => envNonEmpty('DB_CONNECTION', 'pgsql'), 'default' => envNonEmpty('DB_CONNECTION', 'pgsql'),
@@ -78,7 +80,6 @@ return [
'prefix' => '', 'prefix' => '',
'strict' => true, 'strict' => true,
'engine' => 'InnoDB', 'engine' => 'InnoDB',
'sslmode' => envNonEmpty('MYSQL_SSL_MODE', 'prefer'),
'options' => $mysql_ssl_options, 'options' => $mysql_ssl_options,
], ],
'pgsql' => [ 'pgsql' => [