feat: Allow postgres connections that require ssl mode (#409)

Closes #261

docker-compose.yml

@@ -23,6 +23,14 @@ services:
       - TRUST_PROXY=0
       - DATABASE_URL=postgresql://postgres@postgres/planka
       - SECRET_KEY=notsecretkey
+
+      # related: https://github.com/knex/knex/issues/2354
+      # As knex does not pass query parameters from the connection string we
+      # have to use environment variables in order to pass the desired values, e.g.
+      # - PGSSLMODE=<value>
+
+      # Configure knex to accept SSL certificates
+      # - KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false
     depends_on:
       - postgres
 

server/.env.sample

@@ -9,6 +9,14 @@ SECRET_KEY=notsecretkey
 # TRUST_PROXY=0
 # TOKEN_EXPIRES_IN=365 # In days
 
+# related: https://github.com/knex/knex/issues/2354
+# As knex does not pass query parameters from the connection string we
+# have to use environment variables in order to pass the desired values, e.g.
+# PGSSLMODE=<value>
+
+# Configure knex to accept SSL certificates
+# KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE=false
+
 ## Do not edit this
 
 TZ=UTC

server/db/knexfile.js

@@ -6,9 +6,22 @@ dotenv.config({
   path: path.resolve(__dirname, '../.env'),
 });
 
+function buildSSLConfig() {
+  if (process.env.KNEX_REJECT_UNAUTHORIZED_SSL_CERTIFICATE === 'false') {
+    return {
+      rejectUnauthorized: false,
+    };
+  }
+
+  return false;
+}
+
 module.exports = {
   client: 'pg',
-  connection: process.env.DATABASE_URL,
+  connection: {
+    connectionString: process.env.DATABASE_URL,
+    ssl: buildSSLConfig(),
+  },
   migrations: {
     tableName: 'migration',
     directory: path.join(__dirname, 'migrations'),