dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

fix(ssl): fix MariaDB and MySQL need CA cert

Browse Source
This commit is contained in:
peaklabs-dev
2025-02-06 15:14:57 +01:00
parent 6eabfd5c8e
commit 1a4c2c3dc9
2 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/Actions/Database/StartMariadb.php
View File

@@ -143,6 +143,7 @@ class StartMariadb
$persistent_storages $persistent_storages
); );
} }
if (count($persistent_file_volumes) > 0) { if (count($persistent_file_volumes) > 0) {
$docker_compose['services'][$container_name]['volumes'] = array_merge( $docker_compose['services'][$container_name]['volumes'] = array_merge(
$docker_compose['services'][$container_name]['volumes'], $docker_compose['services'][$container_name]['volumes'],
@@ -151,6 +152,21 @@ class StartMariadb
})->toArray() })->toArray()
); );
} }
if ($this->database->enable_ssl) {
$docker_compose['services'][$container_name]['volumes'] = array_merge(
$docker_compose['services'][$container_name]['volumes'] ?? [],
[
[
'type' => 'bind',
'source' => '/data/coolify/ssl/coolify-ca.crt',
'target' => '/etc/mysql/certs/ca.crt',
'read_only' => true,
],
]
);
}
if (! is_null($this->database->mariadb_conf) || ! empty($this->database->mariadb_conf)) { if (! is_null($this->database->mariadb_conf) || ! empty($this->database->mariadb_conf)) {
$docker_compose['services'][$container_name]['volumes'] = array_merge( $docker_compose['services'][$container_name]['volumes'] = array_merge(
$docker_compose['services'][$container_name]['volumes'], $docker_compose['services'][$container_name]['volumes'],
@@ -173,6 +189,7 @@ class StartMariadb
'mysqld', 'mysqld',
'--ssl-cert=/etc/mysql/certs/server.crt', '--ssl-cert=/etc/mysql/certs/server.crt',
'--ssl-key=/etc/mysql/certs/server.key', '--ssl-key=/etc/mysql/certs/server.key',
'--ssl-ca=/etc/mysql/certs/ca.crt',
'--require-secure-transport=1', '--require-secure-transport=1',
]; ];
} }

19
app/Actions/Database/StartMysql.php
View File

@@ -118,6 +118,7 @@ class StartMysql
], ],
], ],
]; ];
if (! is_null($this->database->limits_cpuset)) { if (! is_null($this->database->limits_cpuset)) {
data_set($docker_compose, "services.{$container_name}.cpuset", $this->database->limits_cpuset); data_set($docker_compose, "services.{$container_name}.cpuset", $this->database->limits_cpuset);
} }
@@ -138,6 +139,7 @@ class StartMysql
$persistent_storages $persistent_storages
); );
} }
if (count($persistent_file_volumes) > 0) { if (count($persistent_file_volumes) > 0) {
$docker_compose['services'][$container_name]['volumes'] = array_merge( $docker_compose['services'][$container_name]['volumes'] = array_merge(
$docker_compose['services'][$container_name]['volumes'] ?? [], $docker_compose['services'][$container_name]['volumes'] ?? [],
@@ -146,9 +148,25 @@ class StartMysql
})->toArray() })->toArray()
); );
} }
if (count($volume_names) > 0) { if (count($volume_names) > 0) {
$docker_compose['volumes'] = $volume_names; $docker_compose['volumes'] = $volume_names;
} }
if ($this->database->enable_ssl) {
$docker_compose['services'][$container_name]['volumes'] = array_merge(
$docker_compose['services'][$container_name]['volumes'] ?? [],
[
[
'type' => 'bind',
'source' => '/data/coolify/ssl/coolify-ca.crt',
'target' => '/etc/mysql/certs/ca.crt',
'read_only' => true,
],
]
);
}
if (! is_null($this->database->mysql_conf) || ! empty($this->database->mysql_conf)) { if (! is_null($this->database->mysql_conf) || ! empty($this->database->mysql_conf)) {
$docker_compose['services'][$container_name]['volumes'] = array_merge( $docker_compose['services'][$container_name]['volumes'] = array_merge(
$docker_compose['services'][$container_name]['volumes'] ?? [], $docker_compose['services'][$container_name]['volumes'] ?? [],
@@ -172,6 +190,7 @@ class StartMysql
'mysqld', 'mysqld',
'--ssl-cert=/etc/mysql/certs/server.crt', '--ssl-cert=/etc/mysql/certs/server.crt',
'--ssl-key=/etc/mysql/certs/server.key', '--ssl-key=/etc/mysql/certs/server.key',
'--ssl-ca=/etc/mysql/certs/ca.crt',
'--require-secure-transport=1', '--require-secure-transport=1',
]; ];
} }