mirror of
https://github.com/paperless-ngx/paperless-ngx.git
synced 2025-04-02 13:45:10 -05:00
Add SSL Support for MariaDB (#3444)
* Add ssl options for mariadb * Add ssl mode for mariadb Add ssl mode as documented in https://mysqlclient.readthedocs.io/user_guide.html#functions-and-attributes * run linting over settings.py * Add docs for SSL mode with MariaDB --------- Co-authored-by: shamoon <4887959+shamoon@users.noreply.github.com>
This commit is contained in:
parent
07e07fc7e8
commit
30f73f39a0
@ -83,21 +83,29 @@ changed here.
|
||||
|
||||
`PAPERLESS_DBSSLMODE=<mode>`
|
||||
|
||||
: SSL mode to use when connecting to PostgreSQL.
|
||||
: SSL mode to use when connecting to PostgreSQL or MariaDB.
|
||||
|
||||
See [the official documentation about
|
||||
sslmode](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
sslmode for PostgreSQL](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
|
||||
Default is `prefer`.
|
||||
See [the official documentation about
|
||||
sslmode for MySQL and MariaDB](https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_ssl-mode).
|
||||
|
||||
*Note*: SSL mode values differ between PostgreSQL and MariaDB.
|
||||
|
||||
Default is `prefer` for PostgreSQL and `PREFERRED` for MariaDB.
|
||||
|
||||
`PAPERLESS_DBSSLROOTCERT=<ca-path>`
|
||||
|
||||
: SSL root certificate path
|
||||
|
||||
See [the official documentation about
|
||||
sslmode](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
sslmode for PostgreSQL](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
Changes path of `root.crt`.
|
||||
|
||||
See [the official documentation about
|
||||
sslmode for MySQL and MariaDB](https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_ssl-ca).
|
||||
|
||||
Defaults to unset, using the documented path in the home directory.
|
||||
|
||||
`PAPERLESS_DBSSLCERT=<client-cert-path>`
|
||||
@ -105,7 +113,11 @@ changed here.
|
||||
: SSL client certificate path
|
||||
|
||||
See [the official documentation about
|
||||
sslmode](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
sslmode for PostgreSQL](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
|
||||
See [the official documentation about
|
||||
sslmode for MySQL and MariaDB](https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_ssl-cert).
|
||||
|
||||
Changes path of `postgresql.crt`.
|
||||
|
||||
Defaults to unset, using the documented path in the home directory.
|
||||
@ -115,7 +127,11 @@ changed here.
|
||||
: SSL client key path
|
||||
|
||||
See [the official documentation about
|
||||
sslmode](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
sslmode for PostgreSQL](https://www.postgresql.org/docs/current/libpq-ssl.html).
|
||||
|
||||
See [the official documentation about
|
||||
sslmode for MySQL and MariaDB](https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_ssl-key).
|
||||
|
||||
Changes path of `postgresql.key`.
|
||||
|
||||
Defaults to unset, using the documented path in the home directory.
|
||||
|
@ -506,7 +506,16 @@ if os.getenv("PAPERLESS_DBHOST"):
|
||||
# Leave room for future extensibility
|
||||
if os.getenv("PAPERLESS_DBENGINE") == "mariadb":
|
||||
engine = "django.db.backends.mysql"
|
||||
options = {"read_default_file": "/etc/mysql/my.cnf", "charset": "utf8mb4"}
|
||||
options = {
|
||||
"read_default_file": "/etc/mysql/my.cnf",
|
||||
"charset": "utf8mb4",
|
||||
"ssl": {
|
||||
"ssl_mode": os.getenv("PAPERLESS_DBSSLMODE", "PREFERRED"),
|
||||
"ca": os.getenv("PAPERLESS_DBSSLROOTCERT", None),
|
||||
"cert": os.getenv("PAPERLESS_DBSSLCERT", None),
|
||||
"key": os.getenv("PAPERLESS_DBSSLKEY", None),
|
||||
},
|
||||
}
|
||||
|
||||
# Silence Django error on old MariaDB versions.
|
||||
# VARCHAR can support > 255 in modern versions
|
||||
|
Loading…
x
Reference in New Issue
Block a user