From 4f53639c39faed4a157e93d79cf3d1bad7115200 Mon Sep 17 00:00:00 2001 From: Tom Udding Date: Wed, 23 Oct 2024 22:28:15 +0200 Subject: [PATCH] fix: MariaDB connection over SSL For local development, set `DOCKER_DB_SSL` to `false`. --- .env.dist | 2 ++ config/autoload/doctrine.local.development.php.dist | 4 ++++ config/autoload/doctrine.local.production.php.dist | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/.env.dist b/.env.dist index 5ebd7439a8..03223ab21b 100644 --- a/.env.dist +++ b/.env.dist @@ -59,6 +59,8 @@ DOCKER_DB_PORT=3306 DOCKER_DB_USERNAME=gewis DOCKER_DB_PASSWORD=gewis DOCKER_DB_DATABASE=gewis +# The following is only used for development +DOCKER_DB_SSL=false # These are the environment variabled for retrieving membership data (and others) from the gewisdb project DOCKER_DB2_HOST=postgres diff --git a/config/autoload/doctrine.local.development.php.dist b/config/autoload/doctrine.local.development.php.dist index 2d8b2ef695..dc6f9addf0 100644 --- a/config/autoload/doctrine.local.development.php.dist +++ b/config/autoload/doctrine.local.development.php.dist @@ -36,6 +36,10 @@ return [ 'dbname' => getenv('DOCKER_DB_DATABASE'), 'charset' => 'utf8mb4', 'collate' => 'utf8mb4_unicode_ci', + 'driverOptions' => filter_var(getenv('DOCKER_DB_SSL') ?? false, FILTER_VALIDATE_BOOLEAN) ? [ + PDO::MYSQL_ATTR_SSL_CAPATH => '/etc/ssl/certs/', + PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => true, + ] : [], ], ], ], diff --git a/config/autoload/doctrine.local.production.php.dist b/config/autoload/doctrine.local.production.php.dist index 64ad8735eb..32fd99d240 100644 --- a/config/autoload/doctrine.local.production.php.dist +++ b/config/autoload/doctrine.local.production.php.dist @@ -36,6 +36,10 @@ return [ 'dbname' => getenv('DOCKER_DB_DATABASE'), 'charset' => 'utf8mb4', 'collate' => 'utf8mb4_unicode_ci', + 'driverOptions' => [ + PDO::MYSQL_ATTR_SSL_CAPATH => '/etc/ssl/certs/', + PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => true, + ], ], ], ],