From b2598e3d822a2fa4fb3be0caa756432c940f4431 Mon Sep 17 00:00:00 2001
From: qtchaos <72168435+qtchaos@users.noreply.github.com>
Date: Sat, 30 Dec 2023 01:09:04 +0200
Subject: [PATCH] Add SSL support for PostgreSQL connection

---
 src/config/orm.ts          |  2 ++
 src/config/schema.ts       |  3 +++
 src/mikro-orm.config.ts    |  2 +-
 src/modules/mikro/index.ts |  1 +
 src/modules/mikro/orm.ts   | 13 +++++++++++--
 5 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/config/orm.ts b/src/config/orm.ts
index 7412ee7..bfbe038 100644
--- a/src/config/orm.ts
+++ b/src/config/orm.ts
@@ -12,6 +12,8 @@ export const ormConfigSchema = z.object({
   postgres: z.object({
     // connection URL for postgres database
     connection: z.string(),
+    // whether to use SSL for the connection
+    ssl: z.coerce.boolean().default(false),
   }),
 });
 
diff --git a/src/config/schema.ts b/src/config/schema.ts
index b4ad626..d42327e 100644
--- a/src/config/schema.ts
+++ b/src/config/schema.ts
@@ -48,6 +48,9 @@ export const configSchema = z.object({
     // Enable debug logging for MikroORM - Outputs queries and entity management logs
     // Do NOT use in production, leaks all sensitive data
     debugLogging: z.coerce.boolean().default(false),
+
+    // Enable SSL for the postgres connection
+    ssl: z.coerce.boolean().default(false),
   }),
   crypto: z.object({
     // session secret. used for signing session tokens
diff --git a/src/mikro-orm.config.ts b/src/mikro-orm.config.ts
index e27bb97..1fd778f 100644
--- a/src/mikro-orm.config.ts
+++ b/src/mikro-orm.config.ts
@@ -1,4 +1,4 @@
 import { ormConf } from '@/config/orm';
 import { makeOrmConfig } from '@/modules/mikro/orm';
 
-export default makeOrmConfig(ormConf.postgres.connection);
+export default makeOrmConfig(ormConf.postgres.connection, ormConf.postgres.ssl);
diff --git a/src/modules/mikro/index.ts b/src/modules/mikro/index.ts
index 415b835..7ff89c7 100644
--- a/src/modules/mikro/index.ts
+++ b/src/modules/mikro/index.ts
@@ -18,6 +18,7 @@ export async function setupMikroORM() {
     conf.postgres.connection,
     conf.postgres.debugLogging,
     (msg) => log.info(msg),
+    conf.postgres.ssl,
   );
 
   if (conf.postgres.syncSchema) {
diff --git a/src/modules/mikro/orm.ts b/src/modules/mikro/orm.ts
index 3987b46..a0d0d3c 100644
--- a/src/modules/mikro/orm.ts
+++ b/src/modules/mikro/orm.ts
@@ -2,7 +2,10 @@ import { Options } from '@mikro-orm/core';
 import { MikroORM, PostgreSqlDriver } from '@mikro-orm/postgresql';
 import path from 'path';
 
-export function makeOrmConfig(url: string): Options<PostgreSqlDriver> {
+export function makeOrmConfig(
+  url: string,
+  ssl: boolean,
+): Options<PostgreSqlDriver> {
   return {
     type: 'postgresql',
     clientUrl: url,
@@ -13,6 +16,11 @@ export function makeOrmConfig(url: string): Options<PostgreSqlDriver> {
       pathTs: './migrations',
       path: './migrations',
     },
+    driverOptions: {
+      connection: {
+        ssl,
+      },
+    },
   };
 }
 
@@ -20,9 +28,10 @@ export async function createORM(
   url: string,
   debug: boolean,
   log: (msg: string) => void,
+  ssl: boolean,
 ) {
   return await MikroORM.init<PostgreSqlDriver>({
-    ...makeOrmConfig(url),
+    ...makeOrmConfig(url, ssl),
     logger: log,
     debug,
   });