feat(setup-database): Add SSL authentication method for database setup (#6671)
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Frank Elsinga <frank@elsinga.de>
This commit is contained in:
Nilanjan Debnath
GitHub
parent
e90b982687
commit
c5675ae9eb
2
.github/workflows/new_contributor_pr.yml
vendored
2
.github/workflows/new_contributor_pr.yml
vendored
@ -5,7 +5,7 @@ on:
|
|||||||
# This workflow uses pull_request_target so it can run with write permissions on first-time contributor PRs.
|
# This workflow uses pull_request_target so it can run with write permissions on first-time contributor PRs.
|
||||||
# It is safe because it does not check out or execute any code from the pull request and
|
# It is safe because it does not check out or execute any code from the pull request and
|
||||||
# only uses the pinned, trusted actions/first-interaction action
|
# only uses the pinned, trusted actions/first-interaction action
|
||||||
pull_request_target: # zizmor: ignore[dangerous-triggers]
|
pull_request_target: # zizmor: ignore[dangerous-triggers]
|
||||||
types: [opened]
|
types: [opened]
|
||||||
branches:
|
branches:
|
||||||
- master
|
- master
|
||||||
|
|||||||
@ -284,6 +284,14 @@ class Database {
|
|||||||
port: dbConfig.port,
|
port: dbConfig.port,
|
||||||
user: dbConfig.username,
|
user: dbConfig.username,
|
||||||
password: dbConfig.password,
|
password: dbConfig.password,
|
||||||
|
...(dbConfig.ssl
|
||||||
|
? {
|
||||||
|
ssl: {
|
||||||
|
rejectUnauthorized: true,
|
||||||
|
...(dbConfig.ca && dbConfig.ca.trim() !== "" ? { ca: [dbConfig.ca] } : {}),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
: {}),
|
||||||
});
|
});
|
||||||
|
|
||||||
// Set to true, so for example "uptime.kuma", becomes `uptime.kuma`, not `uptime`.`kuma`
|
// Set to true, so for example "uptime.kuma", becomes `uptime.kuma`, not `uptime`.`kuma`
|
||||||
@ -309,6 +317,14 @@ class Database {
|
|||||||
}
|
}
|
||||||
return next();
|
return next();
|
||||||
},
|
},
|
||||||
|
...(dbConfig.ssl
|
||||||
|
? {
|
||||||
|
ssl: {
|
||||||
|
rejectUnauthorized: true,
|
||||||
|
...(dbConfig.ca && dbConfig.ca.trim() !== "" ? { ca: [dbConfig.ca] } : {}),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
: {}),
|
||||||
},
|
},
|
||||||
pool: mariadbPoolConfig,
|
pool: mariadbPoolConfig,
|
||||||
};
|
};
|
||||||
|
|||||||
@ -102,6 +102,8 @@ class SetupDatabase {
|
|||||||
dbConfig.dbName = process.env.UPTIME_KUMA_DB_NAME;
|
dbConfig.dbName = process.env.UPTIME_KUMA_DB_NAME;
|
||||||
dbConfig.username = getEnvOrFile("UPTIME_KUMA_DB_USERNAME");
|
dbConfig.username = getEnvOrFile("UPTIME_KUMA_DB_USERNAME");
|
||||||
dbConfig.password = getEnvOrFile("UPTIME_KUMA_DB_PASSWORD");
|
dbConfig.password = getEnvOrFile("UPTIME_KUMA_DB_PASSWORD");
|
||||||
|
dbConfig.ssl = getEnvOrFile("UPTIME_KUMA_DB_SSL")?.toLowerCase() === "true";
|
||||||
|
dbConfig.ca = getEnvOrFile("UPTIME_KUMA_DB_CA");
|
||||||
Database.writeDBConfig(dbConfig);
|
Database.writeDBConfig(dbConfig);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -239,6 +241,14 @@ class SetupDatabase {
|
|||||||
user: dbConfig.username,
|
user: dbConfig.username,
|
||||||
password: dbConfig.password,
|
password: dbConfig.password,
|
||||||
database: dbConfig.dbName,
|
database: dbConfig.dbName,
|
||||||
|
...(dbConfig.ssl
|
||||||
|
? {
|
||||||
|
ssl: {
|
||||||
|
rejectUnauthorized: true,
|
||||||
|
...(dbConfig.ca && dbConfig.ca.trim() !== "" ? { ca: [dbConfig.ca] } : {}),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
: {}),
|
||||||
});
|
});
|
||||||
await connection.execute("SELECT 1");
|
await connection.execute("SELECT 1");
|
||||||
connection.end();
|
connection.end();
|
||||||
|
|||||||
@ -6,6 +6,10 @@
|
|||||||
"setupDatabaseSQLite": "A simple database file, recommended for small-scale deployments. Prior to v2.0.0, Uptime Kuma used SQLite as the default database.",
|
"setupDatabaseSQLite": "A simple database file, recommended for small-scale deployments. Prior to v2.0.0, Uptime Kuma used SQLite as the default database.",
|
||||||
"settingUpDatabaseMSG": "Setting up the database. It may take a while, please be patient.",
|
"settingUpDatabaseMSG": "Setting up the database. It may take a while, please be patient.",
|
||||||
"dbName": "Database Name",
|
"dbName": "Database Name",
|
||||||
|
"enableSSL": "Enable SSL/TLS",
|
||||||
|
"mariadbUseSSLHelptext": "Enable to use a encrypted connection to your database. Required for most cloud databases.",
|
||||||
|
"mariadbCaCertificateLabel": "CA Certificate",
|
||||||
|
"mariadbCaCertificateHelptext": "Paste the CA Cert in PEM format to use with self-signed certificates. Leave blank if your database uses a certificate signed by a public CA.",
|
||||||
"Settings": "Settings",
|
"Settings": "Settings",
|
||||||
"Dashboard": "Dashboard",
|
"Dashboard": "Dashboard",
|
||||||
"Help": "Help",
|
"Help": "Help",
|
||||||
|
|||||||
@ -121,6 +121,42 @@
|
|||||||
<input id="floatingInput" v-model="dbConfig.dbName" type="text" class="form-control" required />
|
<input id="floatingInput" v-model="dbConfig.dbName" type="text" class="form-control" required />
|
||||||
<label for="floatingInput">{{ $t("dbName") }}</label>
|
<label for="floatingInput">{{ $t("dbName") }}</label>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<div class="mt-3 short text-start">
|
||||||
|
<div class="form-check form-switch ps-0" style="height: auto; display: block; padding: 0">
|
||||||
|
<div class="d-flex align-items-center">
|
||||||
|
<input
|
||||||
|
id="sslCheck"
|
||||||
|
v-model="dbConfig.ssl"
|
||||||
|
type="checkbox"
|
||||||
|
role="switch"
|
||||||
|
class="form-check-input ms-0 me-2"
|
||||||
|
style="float: none"
|
||||||
|
/>
|
||||||
|
<label class="form-check-label fw-bold" for="sslCheck">
|
||||||
|
{{ $t("enableSSL") }}
|
||||||
|
<span class="fw-normal text-muted" style="font-size: 0.9em">
|
||||||
|
({{ $t("Optional") }})
|
||||||
|
</span>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="form-text mt-1">
|
||||||
|
{{ $t("mariadbUseSSLHelptext") }}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div v-if="dbConfig.ssl" class="form-floating mt-3 short">
|
||||||
|
<textarea
|
||||||
|
id="caInput"
|
||||||
|
v-model="dbConfig.ca"
|
||||||
|
class="form-control"
|
||||||
|
placeholder="-----BEGIN CERTIFICATE-----"
|
||||||
|
style="height: 120px"
|
||||||
|
></textarea>
|
||||||
|
<label for="caInput">{{ $t("mariadbCaCertificateLabel") }}</label>
|
||||||
|
<div class="form-text">{{ $t("mariadbCaCertificateHelptext") }}</div>
|
||||||
|
</div>
|
||||||
</template>
|
</template>
|
||||||
|
|
||||||
<button class="btn btn-primary mt-4 short" type="submit" :disabled="disabledButton">
|
<button class="btn btn-primary mt-4 short" type="submit" :disabled="disabledButton">
|
||||||
@ -148,6 +184,8 @@ export default {
|
|||||||
username: "",
|
username: "",
|
||||||
password: "",
|
password: "",
|
||||||
dbName: "kuma",
|
dbName: "kuma",
|
||||||
|
ssl: false,
|
||||||
|
ca: "",
|
||||||
},
|
},
|
||||||
info: {
|
info: {
|
||||||
needSetup: false,
|
needSetup: false,
|
||||||
@ -253,6 +291,14 @@ export default {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.form-check {
|
||||||
|
height: calc(3.5rem + 2px);
|
||||||
|
padding: 0;
|
||||||
|
display: flex;
|
||||||
|
align-items: center;
|
||||||
|
justify-content: space-around;
|
||||||
|
}
|
||||||
|
|
||||||
.short {
|
.short {
|
||||||
width: 300px;
|
width: 300px;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user