From d627a5660a1504b9fc3e169c8db2d31b6cc4c4a3 Mon Sep 17 00:00:00 2001
From: orbatschow <nils@orbat.sh>
Date: Mon, 27 Feb 2023 17:16:51 +0100
Subject: [PATCH] feat: Allow postgres connections that require ssl mode (#404)

Closes #261
---
 docker-compose.yml    | 5 +++++
 server/.env.sample    | 5 +++++
 server/db/knexfile.js | 7 ++++++-
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index bbe31759..c09bb9e1 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -23,6 +23,11 @@ services:
       - TRUST_PROXY=0
       - DATABASE_URL=postgresql://postgres@postgres/planka
       - SECRET_KEY=notsecretkey
+      # related: https://github.com/knex/knex/issues/2354
+      # As knex does not pass query parameters from the connection string we
+      # have to use environment variables in order to pass the desired values, e.g.
+      # note: this is optional
+      # PGSSLMODE=require
     depends_on:
       - postgres
 
diff --git a/server/.env.sample b/server/.env.sample
index b9b6f2e9..aac41a0d 100644
--- a/server/.env.sample
+++ b/server/.env.sample
@@ -9,6 +9,11 @@ SECRET_KEY=notsecretkey
 # TRUST_PROXY=0
 # TOKEN_EXPIRES_IN=365 # In days
 
+# related: https://github.com/knex/knex/issues/2354
+# As knex does not pass query parameters from the connection string we
+# have to use environment variables in order to pass the desired values, e.g.
+# PGSSLMODE=<value>
+
 ## Do not edit this
 
 TZ=UTC
diff --git a/server/db/knexfile.js b/server/db/knexfile.js
index ef294733..7ba13d94 100755
--- a/server/db/knexfile.js
+++ b/server/db/knexfile.js
@@ -8,7 +8,12 @@ dotenv.config({
 
 module.exports = {
   client: 'pg',
-  connection: process.env.DATABASE_URL,
+  connection: {
+    connectionString: process.env.DATABASE_URL,
+    ssl: {
+      rejectUnauthorized: false,
+    },
+  },
   migrations: {
     tableName: 'migration',
     directory: path.join(__dirname, 'migrations'),