ensure pgpool connection work with ssl (#1525)

subquery · Feb 20, 2023 · dd008a7 · dd008a7
1 parent b2e5a40
commit dd008a7
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 10 deletions.
diff --git a/packages/common/src/constants.ts b/packages/common/src/constants.ts
@@ -45,3 +45,6 @@ export enum SUPPORT_DB {
   cockRoach = 'CockroachDB',
   postgres = 'PostgreSQL',
 }
+
+// DATABASE ERROR REGEX
+export const CONNECTION_SSL_ERROR_REGEX = 'not support SSL';
diff --git a/packages/query/src/configure/configure.module.ts b/packages/query/src/configure/configure.module.ts
@@ -3,17 +3,30 @@
 
 import {ConnectionOptions} from 'tls';
 import {DynamicModule, Global, Module} from '@nestjs/common';
-import {getFileContent} from '@subql/common';
-import {Pool} from 'pg';
+import {getFileContent, CONNECTION_SSL_ERROR_REGEX} from '@subql/common';
+import {Pool, PoolConfig} from 'pg';
 import {getLogger} from '../utils/logger';
 import {getYargsOption} from '../yargs';
 import {Config} from './config';
 import {debugPgClient} from './x-postgraphile/debugClient';
 
+async function ensurePool(poolConfig: PoolConfig): Promise<Pool> {
+  const pgPool = new Pool(poolConfig);
+  try {
+    await pgPool.connect();
+  } catch (e) {
+    if (JSON.stringify(e.message).includes(CONNECTION_SSL_ERROR_REGEX)) {
+      poolConfig.ssl = undefined;
+      return ensurePool(poolConfig);
+    }
+  }
+  return pgPool;
+}
+
 @Global()
 @Module({})
 export class ConfigureModule {
-  static register(): DynamicModule {
+  static async register(): Promise<DynamicModule> {
     const {argv: opts} = getYargsOption();
 
     const config = new Config({
@@ -23,12 +36,10 @@ export class ConfigureModule {
     });
 
     const dbSslOption = () => {
+      const sslConfig: ConnectionOptions = {rejectUnauthorized: false};
       if (opts['pg-ca']) {
         try {
-          const sslConfig: ConnectionOptions = {
-            ca: getFileContent(opts['pg-ca'], 'postgres ca cert'),
-          };
-
+          sslConfig.ca = getFileContent(opts['pg-ca'], 'postgres ca cert');
           if (opts['pg-key']) {
             sslConfig.key = getFileContent(opts['pg-key'], 'postgres client key');
           }
@@ -43,10 +54,10 @@ export class ConfigureModule {
           throw e;
         }
       }
-      return false;
+      return sslConfig;
     };
 
-    const pgPool = new Pool({
+    const poolConfig: PoolConfig = {
       user: config.get('DB_USER'),
       password: config.get('DB_PASS'),
       host: config.get('DB_HOST_READ') && !opts.subscription ? config.get('DB_HOST_READ') : config.get('DB_HOST'),
@@ -55,7 +66,10 @@ export class ConfigureModule {
       max: opts['max-connection'],
       statement_timeout: opts['query-timeout'],
       ssl: dbSslOption(),
-    });
+    };
+
+    const pgPool = await ensurePool(poolConfig);
+
     pgPool.on('error', (err) => {
       // tslint:disable-next-line no-console
       getLogger('db').error('PostgreSQL client generated error: ', err.message);