MySQL TLS (#4642)
This commit is contained in:
Russell Aunger
techknowlogick
parent
0dac1ff677
commit
127f477056
3 changed files with 12 additions and 8 deletions
|
|
@ -223,7 +223,8 @@ NAME = gitea
|
|||
USER = root
|
||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||
PASSWD =
|
||||
; For "postgres" only, either "disable", "require" or "verify-full"
|
||||
; For Postgres, either "disable" (default), "require", or "verify-full"
|
||||
; For MySQL, either "false" (default), "true", or "skip-verify"
|
||||
SSL_MODE = disable
|
||||
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
||||
PATH = data/gitea.db
|
||||
|
|
|
|||
|
|
@ -138,7 +138,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
|||
- `NAME`: **gitea**: Database name.
|
||||
- `USER`: **root**: Database username.
|
||||
- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
|
||||
- `SSL_MODE`: **disable**: For PostgreSQL only.
|
||||
- `SSL_MODE`: **disable**: For PostgreSQL and MySQL only.
|
||||
- `PATH`: **data/gitea.db**: For SQLite3 only, the database file path.
|
||||
- `LOG_SQL`: **true**: Log the executed SQL.
|
||||
|
||||
|
|
|
|||
|
|
@ -155,7 +155,7 @@ func LoadConfigs() {
|
|||
if len(DbCfg.Passwd) == 0 {
|
||||
DbCfg.Passwd = sec.Key("PASSWD").String()
|
||||
}
|
||||
DbCfg.SSLMode = sec.Key("SSL_MODE").String()
|
||||
DbCfg.SSLMode = sec.Key("SSL_MODE").MustString("disable")
|
||||
DbCfg.Path = sec.Key("PATH").MustString("data/gitea.db")
|
||||
DbCfg.Timeout = sec.Key("SQLITE_TIMEOUT").MustInt(500)
|
||||
|
||||
|
|
@ -222,13 +222,16 @@ func getEngine() (*xorm.Engine, error) {
|
|||
}
|
||||
switch DbCfg.Type {
|
||||
case "mysql":
|
||||
connType := "tcp"
|
||||
if DbCfg.Host[0] == '/' { // looks like a unix socket
|
||||
connStr = fmt.Sprintf("%s:%s@unix(%s)/%s%scharset=utf8&parseTime=true",
|
||||
DbCfg.User, DbCfg.Passwd, DbCfg.Host, DbCfg.Name, Param)
|
||||
} else {
|
||||
connStr = fmt.Sprintf("%s:%s@tcp(%s)/%s%scharset=utf8&parseTime=true",
|
||||
DbCfg.User, DbCfg.Passwd, DbCfg.Host, DbCfg.Name, Param)
|
||||
connType = "unix"
|
||||
}
|
||||
tls := DbCfg.SSLMode
|
||||
if tls == "disable" { // allow (Postgres-inspired) default value to work in MySQL
|
||||
tls = "false"
|
||||
}
|
||||
connStr = fmt.Sprintf("%s:%s@%s(%s)/%s%scharset=utf8&parseTime=true&tls=%s",
|
||||
DbCfg.User, DbCfg.Passwd, connType, DbCfg.Host, DbCfg.Name, Param, tls)
|
||||
case "postgres":
|
||||
connStr = getPostgreSQLConnectionString(DbCfg.Host, DbCfg.User, DbCfg.Passwd, DbCfg.Name, Param, DbCfg.SSLMode)
|
||||
case "mssql":
|
||||
|
|
|
|||
Loading…
Reference in a new issue