MySQL TLS (#4642)
This commit is contained in:
Russell Aunger
techknowlogick
parent
0dac1ff677
commit
127f477056
3 changed files with 12 additions and 8 deletions
|
|
@ -223,7 +223,8 @@ NAME = gitea
|
||||||
USER = root
|
USER = root
|
||||||
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
; Use PASSWD = `your password` for quoting if you use special characters in the password.
|
||||||
PASSWD =
|
PASSWD =
|
||||||
; For "postgres" only, either "disable", "require" or "verify-full"
|
; For Postgres, either "disable" (default), "require", or "verify-full"
|
||||||
|
; For MySQL, either "false" (default), "true", or "skip-verify"
|
||||||
SSL_MODE = disable
|
SSL_MODE = disable
|
||||||
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
; For "sqlite3" and "tidb", use an absolute path when you start gitea as service
|
||||||
PATH = data/gitea.db
|
PATH = data/gitea.db
|
||||||
|
|
|
||||||
|
|
@ -138,7 +138,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
|
||||||
- `NAME`: **gitea**: Database name.
|
- `NAME`: **gitea**: Database name.
|
||||||
- `USER`: **root**: Database username.
|
- `USER`: **root**: Database username.
|
||||||
- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
|
- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
|
||||||
- `SSL_MODE`: **disable**: For PostgreSQL only.
|
- `SSL_MODE`: **disable**: For PostgreSQL and MySQL only.
|
||||||
- `PATH`: **data/gitea.db**: For SQLite3 only, the database file path.
|
- `PATH`: **data/gitea.db**: For SQLite3 only, the database file path.
|
||||||
- `LOG_SQL`: **true**: Log the executed SQL.
|
- `LOG_SQL`: **true**: Log the executed SQL.
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -155,7 +155,7 @@ func LoadConfigs() {
|
||||||
if len(DbCfg.Passwd) == 0 {
|
if len(DbCfg.Passwd) == 0 {
|
||||||
DbCfg.Passwd = sec.Key("PASSWD").String()
|
DbCfg.Passwd = sec.Key("PASSWD").String()
|
||||||
}
|
}
|
||||||
DbCfg.SSLMode = sec.Key("SSL_MODE").String()
|
DbCfg.SSLMode = sec.Key("SSL_MODE").MustString("disable")
|
||||||
DbCfg.Path = sec.Key("PATH").MustString("data/gitea.db")
|
DbCfg.Path = sec.Key("PATH").MustString("data/gitea.db")
|
||||||
DbCfg.Timeout = sec.Key("SQLITE_TIMEOUT").MustInt(500)
|
DbCfg.Timeout = sec.Key("SQLITE_TIMEOUT").MustInt(500)
|
||||||
|
|
||||||
|
|
@ -222,13 +222,16 @@ func getEngine() (*xorm.Engine, error) {
|
||||||
}
|
}
|
||||||
switch DbCfg.Type {
|
switch DbCfg.Type {
|
||||||
case "mysql":
|
case "mysql":
|
||||||
|
connType := "tcp"
|
||||||
if DbCfg.Host[0] == '/' { // looks like a unix socket
|
if DbCfg.Host[0] == '/' { // looks like a unix socket
|
||||||
connStr = fmt.Sprintf("%s:%s@unix(%s)/%s%scharset=utf8&parseTime=true",
|
connType = "unix"
|
||||||
DbCfg.User, DbCfg.Passwd, DbCfg.Host, DbCfg.Name, Param)
|
|
||||||
} else {
|
|
||||||
connStr = fmt.Sprintf("%s:%s@tcp(%s)/%s%scharset=utf8&parseTime=true",
|
|
||||||
DbCfg.User, DbCfg.Passwd, DbCfg.Host, DbCfg.Name, Param)
|
|
||||||
}
|
}
|
||||||
|
tls := DbCfg.SSLMode
|
||||||
|
if tls == "disable" { // allow (Postgres-inspired) default value to work in MySQL
|
||||||
|
tls = "false"
|
||||||
|
}
|
||||||
|
connStr = fmt.Sprintf("%s:%s@%s(%s)/%s%scharset=utf8&parseTime=true&tls=%s",
|
||||||
|
DbCfg.User, DbCfg.Passwd, connType, DbCfg.Host, DbCfg.Name, Param, tls)
|
||||||
case "postgres":
|
case "postgres":
|
||||||
connStr = getPostgreSQLConnectionString(DbCfg.Host, DbCfg.User, DbCfg.Passwd, DbCfg.Name, Param, DbCfg.SSLMode)
|
connStr = getPostgreSQLConnectionString(DbCfg.Host, DbCfg.User, DbCfg.Passwd, DbCfg.Name, Param, DbCfg.SSLMode)
|
||||||
case "mssql":
|
case "mssql":
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue