diff --git a/config/runtime.exs b/config/runtime.exs index 4e34b4e..86aa09a 100644 --- a/config/runtime.exs +++ b/config/runtime.exs @@ -34,6 +34,8 @@ maybe_ipv6 = if System.get_env("ECTO_IPV6"), do: [:inet6], else: [] # disable on prod, because logger_json will take care of this. set to :debug for test and dev ecto_log_level = if config_env() == :prod, do: false, else: :debug +ssl_config = if System.get_env("DATABASE_SSL", "true") == "true", do: [cacerts: :public_key.cacerts_get()], else: nil + config :qrstorage, Qrstorage.Repo, url: System.get_env("DATABASE_URL"), username: System.get_env("DATABASE_USER"), @@ -44,15 +46,7 @@ config :qrstorage, Qrstorage.Repo, pool_size: String.to_integer(System.get_env("POOL_SIZE", "15")), socket_options: maybe_ipv6, log: ecto_log_level, - ssl: System.get_env("DATABASE_SSL", "true") == "true", - ssl_opts: [ - verify: :verify_peer, - cacerts: :public_key.cacerts_get(), - server_name_indication: String.to_charlist(System.get_env("DATABASE_HOST")), - customize_hostname_check: [ - match_fun: :public_key.pkix_verify_hostname_match_fun(:https) - ] - ] + ssl: ssl_config # This is what will be used for the calculation on the client side. We add a buffer to account for deltas # and overhead in the endpoint configuration, so the server actually allows for a bit more: diff --git a/mix.exs b/mix.exs index f9c3bb4..7fac987 100644 --- a/mix.exs +++ b/mix.exs @@ -35,7 +35,7 @@ defmodule Qrstorage.MixProject do {:phoenix, "1.7.12"}, {:phoenix_ecto, "4.6.1"}, {:ecto_sql, "3.11.2"}, - {:postgrex, "0.17.5"}, + {:postgrex, "0.18.0"}, {:phoenix_html, "4.1.1"}, {:phoenix_html_helpers, "1.0.1"}, {:phoenix_view, "2.0.3"}, diff --git a/mix.lock b/mix.lock index ef62ddb..43f4dfe 100644 --- a/mix.lock +++ b/mix.lock @@ -56,7 +56,7 @@ "plug_cowboy": {:hex, :plug_cowboy, "2.7.1", "87677ffe3b765bc96a89be7960f81703223fe2e21efa42c125fcd0127dd9d6b2", [:mix], [{:cowboy, "~> 2.7", [hex: :cowboy, repo: "hexpm", optional: false]}, {:cowboy_telemetry, "~> 0.3", [hex: :cowboy_telemetry, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "02dbd5f9ab571b864ae39418db7811618506256f6d13b4a45037e5fe78dc5de3"}, "plug_crypto": {:hex, :plug_crypto, "2.1.0", "f44309c2b06d249c27c8d3f65cfe08158ade08418cf540fd4f72d4d6863abb7b", [:mix], [], "hexpm", "131216a4b030b8f8ce0f26038bc4421ae60e4bb95c5cf5395e1421437824c4fa"}, "poison": {:hex, :poison, "4.0.1", "bcb755a16fac91cad79bfe9fc3585bb07b9331e50cfe3420a24bcc2d735709ae", [:mix], [], "hexpm", "ba8836feea4b394bb718a161fc59a288fe0109b5006d6bdf97b6badfcf6f0f25"}, - "postgrex": {:hex, :postgrex, "0.17.5", "0483d054938a8dc069b21bdd636bf56c487404c241ce6c319c1f43588246b281", [:mix], [{:db_connection, "~> 2.1", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:table, "~> 0.1.0", [hex: :table, repo: "hexpm", optional: true]}], "hexpm", "50b8b11afbb2c4095a3ba675b4f055c416d0f3d7de6633a595fc131a828a67eb"}, + "postgrex": {:hex, :postgrex, "0.18.0", "f34664101eaca11ff24481ed4c378492fed2ff416cd9b06c399e90f321867d7e", [:mix], [{:db_connection, "~> 2.1", [hex: :db_connection, repo: "hexpm", optional: false]}, {:decimal, "~> 1.5 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:table, "~> 0.1.0", [hex: :table, repo: "hexpm", optional: true]}], "hexpm", "a042989ba1bc1cca7383ebb9e461398e3f89f868c92ce6671feb7ef132a252d1"}, "ranch": {:hex, :ranch, "1.8.0", "8c7a100a139fd57f17327b6413e4167ac559fbc04ca7448e9be9057311597a1d", [:make, :rebar3], [], "hexpm", "49fbcfd3682fab1f5d109351b61257676da1a2fdbe295904176d5e521a2ddfe5"}, "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.7", "354c321cf377240c7b8716899e182ce4890c5938111a1296add3ec74cf1715df", [:make, :mix, :rebar3], [], "hexpm", "fe4c190e8f37401d30167c8c405eda19469f34577987c76dde613e838bbc67f8"}, "sweet_xml": {:hex, :sweet_xml, "0.7.4", "a8b7e1ce7ecd775c7e8a65d501bc2cd933bff3a9c41ab763f5105688ef485d08", [:mix], [], "hexpm", "e7c4b0bdbf460c928234951def54fe87edf1a170f6896675443279e2dbeba167"},