rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(database): update MongoDB SSL configuration for improved security

Browse source
This commit is contained in:
Andras Bacsai 2025-03-26 12:25:58 +01:00
parent 637c3982d1
commit 5693b59874
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
app/Models/StandaloneMongodb.php
View file

@ -248,9 +248,9 @@ protected function internalDbUrl(): Attribute
$encodedPass = rawurlencode($this->mongo_initdb_root_password);
$url = "mongodb://{$encodedUser}:{$encodedPass}@{$this->uuid}:27017/?directConnection=true";
if ($this->enable_ssl) {
$url .= '&tls=true';
$url .= '&tls=true&tlsCAFile=/etc/mongo/certs/ca.pem';
if (in_array($this->ssl_mode, ['verify-full'])) {
$url .= '&tlsCAFile=/etc/ssl/certs/coolify-ca.crt';
$url .= '&tlsCertificateKeyFile=/etc/mongo/certs/server.pem';
}
}
@ -268,9 +268,9 @@ protected function externalDbUrl(): Attribute
$encodedPass = rawurlencode($this->mongo_initdb_root_password);
$url = "mongodb://{$encodedUser}:{$encodedPass}@{$this->destination->server->getIp}:{$this->public_port}/?directConnection=true";
if ($this->enable_ssl) {
$url .= '&tls=true';
$url .= '&tls=true&tlsCAFile=/etc/mongo/certs/ca.pem';
if (in_array($this->ssl_mode, ['verify-full'])) {
$url .= '&tlsCAFile=/etc/ssl/certs/coolify-ca.crt';
$url .= '&tlsCertificateKeyFile=/etc/mongo/certs/server.pem';
}
}