0.8.114 merge (#147)

* feat: added db ssl support;

* feat: added command line arguments for db ssl;

README.md

@@ -102,6 +102,28 @@ You can configure how HotStaq starts by using the following environment variable
 	* Default: 10
 	* Accepted values:
 		* Any integer.
+* DATABASE_SSL_REJECT_UNAUTHORIZED
+	* Type: number
+	* Description: If set to 0, the database will not reject unauthorized SSL certificates.
+	* Default: 1
+	* Accepted values:
+		* 0
+		* 1
+* DATABASE_SSL_CA
+	* Type: string
+	* Description: The path to the CA certificate to use for connecting to the database using SSL.
+	* Accepted values:
+		* Any string.
+* DATABASE_SSL_CERT
+	* Type: string
+	* Description: The path to the certificate to use for connecting to the database using SSL.
+	* Accepted values:
+		* Any string.
+* DATABASE_SSL_KEY
+	* Type: string
+	* Description: The path to the key to use for connecting to the database using SSL.
+	* Accepted values:
+		* Any string.
 * JSON_LIMIT
 	* Type: string
 	* Description: The maximum amount of JSON that can be uploaded.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "hotstaq",
-  "version": "0.8.113",
+  "version": "0.8.114",
   "description": "A friendly web framework that fits nicely into devops and CI/CD pipelines.",
   "bin": {
     "hotstaq": "./bin/hotstaq"

src/HotCLI.ts

@@ -796,7 +796,7 @@ export class HotCLI
 					return;
 
 				dbinfo = {
-					"type": process.env["DATABASE_TYPE"] || "mysql",
+					"type": (<HotDBType>(process.env["DATABASE_TYPE"] || "mysql")),
 					"server": process.env["DATABASE_SERVER"] || "127.0.0.1",
 					"username": process.env["DATABASE_USERNAME"] || "",
 					"password": process.env["DATABASE_PASSWORD"] || "",
@@ -977,7 +977,7 @@ export class HotCLI
 					if (process.env["DATABASE_TYPE"] != null)
 					{
 						setupDB ();
-						dbinfo.type = process.env["DATABASE_TYPE"];
+						dbinfo.type = (<HotDBType>process.env["DATABASE_TYPE"]);
 					}
 
 					if (process.env["DATABASE_SERVER"] != null)
@@ -1030,6 +1030,44 @@ export class HotCLI
 						dbinfo.database = process.env["DATABASE_SCHEMA"];
 					}
 
+					let sslObj = null;
+
+					if ((process.env["DATABASE_SSL_REJECT_UNAUTHORIZED"] != null) || 
+						(process.env["DATABASE_SSL_CA"] != null) ||
+						(process.env["DATABASE_SSL_KEY"] != null) ||
+						(process.env["DATABASE_SSL_CERT"] != null))
+					{
+						setupDB ();
+						sslObj = {};
+					}
+
+					if (process.env["DATABASE_SSL_REJECT_UNAUTHORIZED"] != null)
+					{
+						if (process.env["DATABASE_SSL_REJECT_UNAUTHORIZED"] === "0")
+							dbinfo.ssl.rejectUnauthorized = false;
+					}
+
+					if (process.env["DATABASE_SSL_CA"] != null)
+					{
+						if (process.env["DATABASE_SSL_CA"] !== "")
+							dbinfo.ssl.ca = process.env["DATABASE_SSL_CA"];
+					}
+
+					if (process.env["DATABASE_SSL_KEY"] != null)
+					{
+						if (process.env["DATABASE_SSL_KEY"] !== "")
+							dbinfo.ssl.key = process.env["DATABASE_SSL_KEY"];
+					}
+
+					if (process.env["DATABASE_SSL_CERT"] != null)
+					{
+						if (process.env["DATABASE_SSL_CERT"] !== "")
+							dbinfo.ssl.cert = process.env["DATABASE_SSL_CERT"];
+					}
+
+					if (sslObj != null)
+						dbinfo.ssl = sslObj;
+
 					if (baseWebUrl === "")
 					{
 						let foundBaseUrl: string = HotStaq.getValueFromHotSiteObj (this.processor.hotSite, ["server", "url"]);
@@ -1801,11 +1839,11 @@ export class HotCLI
 			{
 				globalApi = api_name;
 			}, "");
-		runCmd.option ("--db-type <type>", "The type of database to use. Can be (none, mysql, influx)", 
+		runCmd.option ("--db-type <type>", "The type of database to use. Can be (none, mysql, mariadb, postgres, influx)", 
 			(type: string, previous: any) =>
 			{
 				setupDB ();
-				dbinfo.type = type;
+				dbinfo.type = (<HotDBType>type);
 			}, "mysql");
 		runCmd.option ("--db-server <address>", "The address to the database", 
 			(address: string, previous: any) =>
@@ -1825,6 +1863,12 @@ export class HotCLI
 				setupDB ();
 				dbinfo.password = password;
 			});
+		runCmd.option ("--db-token <password>", "The database's token. This is insecure to use on the command line!", 
+			(token: string, previous: any) =>
+			{
+				setupDB ();
+				dbinfo.token = token;
+			});
 		runCmd.option ("--db-port <port>", "The database's port", 
 			(port: string, previous: any) =>
 			{
@@ -1845,6 +1889,30 @@ export class HotCLI
 				setupDB ();
 				dbinfo.database = schema;
 			});
+		runCmd.option ("--db-ssl-accept-unauthorized-certs", "Accept database SSL connections with unauthorized certificates.", 
+			(schema: string, previous: any) =>
+			{
+				setupDB ();
+				dbinfo.ssl.rejectUnauthorized = false;
+			});
+		runCmd.option ("--db-ssl-ca", "The path to the ssl ca certificate.",
+			(path: string, previous: any) =>
+			{
+				setupDB ();
+				dbinfo.ssl.ca = path;
+			});
+		runCmd.option ("--db-ssl-key", "The path to the ssl key certificate.",
+			(path: string, previous: any) =>
+			{
+				setupDB ();
+				dbinfo.ssl.key = path;
+			});
+		runCmd.option ("--db-ssl-cert", "The path to the ssl certificate.",
+			(path: string, previous: any) =>
+			{
+				setupDB ();
+				dbinfo.ssl.cert = path;
+			});
 
 		return (runCmd);
 	}

src/HotDBConnectionInterface.ts

@@ -1,15 +1,14 @@
+import { HotDBType } from "./HotDB";
+
 /**
  * The database connection info.
  */
 export interface HotDBConnectionInterface
 {
     /**
-     * The type of database. Can be:
-     * * none
-     * * mysql
-     * * influx
+     * The type of database to connect to.
      */
-    type?: string;
+    type?: HotDBType;
     /**
      * The server's address.
      */

src/HotStaq.ts

@@ -172,7 +172,7 @@ export class HotStaq implements IHotStaq
 	/**
 	 * The current version of HotStaq.
 	 */
-	static version: string = "0.8.113";
+	static version: string = "0.8.114";
 	/**
 	 * Indicates if this is a web build.
 	 */