From 4def8df3fe2e1ca43b339f4c465d194be3dead17 Mon Sep 17 00:00:00 2001 From: ahmadk953 <103906421+ahmadk953@users.noreply.github.com> Date: Sat, 19 Apr 2025 01:56:24 -0400 Subject: [PATCH] chore: added TLS error handling to database and cache --- drizzle.config.ts | 20 +++++++++++++++----- src/db/db.ts | 20 +++++++++++++++----- src/db/redis.ts | 20 +++++++++++++++----- src/util/helpers.ts | 3 ++- 4 files changed, 47 insertions(+), 16 deletions(-) diff --git a/drizzle.config.ts b/drizzle.config.ts index c9cd7d4..eb5083a 100644 --- a/drizzle.config.ts +++ b/drizzle.config.ts @@ -11,10 +11,20 @@ export default defineConfig({ dialect: 'postgresql', dbCredentials: { url: database.dbConnectionString, - ssl: { - ca: fs.readFileSync(path.resolve('./certs/psql-ca.crt')), - cert: fs.readFileSync(path.resolve('./certs/psql-server.crt')), - key: fs.readFileSync(path.resolve('./certs/psql-client.key')), - }, + ssl: (() => { + try { + return { + ca: fs.readFileSync(path.resolve('./certs/psql-ca.crt')), + key: fs.readFileSync(path.resolve('./certs/psql-client.key')), + cert: fs.readFileSync(path.resolve('./certs/psql-server.crt')), + }; + } catch (error) { + console.warn( + 'Failed to load certificates for database, using insecure connection:', + error, + ); + return undefined; + } + })(), }, }); diff --git a/src/db/db.ts b/src/db/db.ts index 69552b1..bc5005f 100644 --- a/src/db/db.ts +++ b/src/db/db.ts @@ -100,11 +100,21 @@ export async function initializeDatabaseConnection(): Promise { // Create new connection pool dbPool = new Pool({ connectionString: config.database.dbConnectionString, - ssl: { - ca: fs.readFileSync(path.resolve('./certs/psql-ca.crt')), - cert: fs.readFileSync(path.resolve('./certs/psql-server.crt')), - key: fs.readFileSync(path.resolve('./certs/psql-client.key')), - }, + ssl: (() => { + try { + return { + ca: fs.readFileSync(path.resolve('./certs/psql-ca.crt')), + key: fs.readFileSync(path.resolve('./certs/psql-client.key')), + cert: fs.readFileSync(path.resolve('./certs/psql-server.crt')), + }; + } catch (error) { + console.warn( + 'Failed to load certificates for database, using insecure connection:', + error, + ); + return undefined; + } + })(), connectionTimeoutMillis: 10000, }); diff --git a/src/db/redis.ts b/src/db/redis.ts index d120dff..8348190 100644 --- a/src/db/redis.ts +++ b/src/db/redis.ts @@ -93,11 +93,21 @@ async function initializeRedisConnection() { }, maxRetriesPerRequest: 3, enableOfflineQueue: true, - tls: { - ca: fs.readFileSync(path.resolve('./certs/cache-ca.crt')), - cert: fs.readFileSync(path.resolve('./certs/cache-server.crt')), - key: fs.readFileSync(path.resolve('./certs/cache-client.key')), - }, + tls: (() => { + try { + return { + ca: fs.readFileSync(path.resolve('./certs/cache-ca.crt')), + key: fs.readFileSync(path.resolve('./certs/cache-client.key')), + cert: fs.readFileSync(path.resolve('./certs/cache-server.crt')), + }; + } catch (error) { + console.warn( + 'Failed to load certificates for cache, using insecure connection:', + error, + ); + return undefined; + } + })(), }); // ======================== diff --git a/src/util/helpers.ts b/src/util/helpers.ts index 6279d22..2154c19 100644 --- a/src/util/helpers.ts +++ b/src/util/helpers.ts @@ -1,5 +1,6 @@ import Canvas from '@napi-rs/canvas'; -import path from 'path'; +import fs from 'node:fs'; +import path from 'node:path'; import { AttachmentBuilder,