diff --git a/README.md b/README.md index 257d1489..ae78660f 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,40 @@ _*On Jellyfin/Emby, ensure the `settings > Home > Automatically group content fr Check out our dockerhub for instructions on how to install and run Jellyseerr: https://hub.docker.com/r/fallenbagel/jellyseerr +### Database configuration + +Jellyseerr supports sqlite and postgres. The database connection can be configured using the following options: + +#### SQLite Options + +```dotenv +DB_TYPE="sqlite" # Which DB engine to use. The default is "sqlite" +CONFIG_DIRECTORY="config" # The path to the config directory where the db file is stored +DB_LOG_QUERIES="false" # Whether to log the DB queries for debugging +``` + +#### PostgreSQL Options + +```dotenv +DB_TYPE="postgres" # Which DB engine to use. The default is "sqlite". To use postgres, this needs to be set to "postgres" +DB_HOST= # The host (url) of the database +DB_PORT="5432" # The port to connect to +DB_USER= # Username used to connect to the database +DB_PASS= # Password of the user used to connect to the database +DB_NAME="jellyseerr" # The name of the database to connect to +DB_LOG_QUERIES="false" # Whether to log the DB queries for debugging +DB_USE_SSL="false" # Whether to enable ssl for database connection + +# The following options can be used to further configure ssl: +DB_SSL_REJECT_UNAUTHORIZED="true" # Whether to reject ssl connections with unverifiable certificates i.e. self-signed certificates without providing the below settings +DB_SSL_CA= # The CA certificate to verify the connection, provided as a string +DB_SSL_CA_FILE= # The path to a CA certificate to verify the connection +DB_SSL_KEY= # The private key for the connection in PEM format, provided as a string +DB_SSL_KEY_FILE= # Path to the private key for the connection in PEM format +DB_SSL_CERT= # Certificate chain in pem format for the private key, provided as a string +DB_SSL_CERT_FILE= # Path to certificate chain in pem format for the private key +``` + ### Building from source (ADVANCED): #### Windows diff --git a/server/datasource.ts b/server/datasource.ts index a8137bd9..4416b1f8 100644 --- a/server/datasource.ts +++ b/server/datasource.ts @@ -4,13 +4,19 @@ import type { TlsOptions } from 'tls'; import type { DataSourceOptions, EntityTarget, Repository } from 'typeorm'; import { DataSource } from 'typeorm'; -const DB_SSL_PREFIX = 'DB_SSL_CONF_'; +const DB_SSL_PREFIX = 'DB_SSL_'; -function boolFromEnv(envVar: string) { - return process.env[envVar]?.toLowerCase() === 'true'; +function boolFromEnv(envVar: string, defaultVal = false) { + console.log(envVar); + console.log(process.env[envVar]); + if (process.env[envVar]) { + return process.env[envVar]?.toLowerCase() === 'true'; + } + return defaultVal; } function stringOrReadFileFromEnv(envVar: string): Buffer | string | undefined { + console.log(envVar); if (process.env[envVar]) { return process.env[envVar]; } @@ -22,11 +28,15 @@ function stringOrReadFileFromEnv(envVar: string): Buffer | string | undefined { } function buildSslConfig(): TlsOptions | undefined { + console.log(process.env.DB_USE_SSL); if (process.env.DB_USE_SSL?.toLowerCase() !== 'true') { return undefined; } return { - rejectUnauthorized: boolFromEnv(`${DB_SSL_PREFIX}REJECT_UNAUTHORIZED`), + rejectUnauthorized: boolFromEnv( + `${DB_SSL_PREFIX}REJECT_UNAUTHORIZED`, + true + ), ca: stringOrReadFileFromEnv(`${DB_SSL_PREFIX}CA`), key: stringOrReadFileFromEnv(`${DB_SSL_PREFIX}KEY`), cert: stringOrReadFileFromEnv(`${DB_SSL_PREFIX}CERT`), @@ -68,6 +78,7 @@ const postgresDevConfig: DataSourceOptions = { username: process.env.DB_USER, password: process.env.DB_PASS, database: process.env.DB_NAME ?? 'jellyseerr', + ssl: buildSslConfig(), synchronize: true, migrationsRun: false, logging: boolFromEnv('DB_LOG_QUERIES'),