38 lines
1.2 KiB
Python
38 lines
1.2 KiB
Python
|
from django.db.backends.postgresql import base
|
||
|
|
import os
|
||
|
|
|
||
|
|
|
||
|
|
def maybe_write_ssl_files():
|
||
|
|
# Need to pass ssl keys to as filepaths - but they are stored as env variables
|
||
|
|
# So write them from env vars to ssl dir
|
||
|
|
# Only write if they don't already exist or if the keys in the files are different
|
||
|
|
|
||
|
|
base_path = os.path.dirname(os.path.abspath(os.environ.get('PGSSLKEY')))
|
||
|
|
|
||
|
|
if not os.path.exists(base_path):
|
||
|
|
os.mkdir(base_path)
|
||
|
|
for env_var, filename in [
|
||
|
|
("SSL_CA_PEM", "ca.pem"),
|
||
|
|
("SSL_CLIENT_PEM", "client.pem"),
|
||
|
|
("SSL_CLIENT_KEY_PEM", "client-key.pem"),
|
||
|
|
]:
|
||
|
|
filepath = os.path.join(base_path, filename)
|
||
|
|
write_file = False
|
||
|
|
if os.path.exists(filepath):
|
||
|
|
with open(filepath, "r") as f:
|
||
|
|
existing_file = f.read()
|
||
|
|
if existing_file != os.environ[env_var]:
|
||
|
|
write_file = True
|
||
|
|
else:
|
||
|
|
write_file = True
|
||
|
|
|
||
|
|
if write_file:
|
||
|
|
with open(filepath, "w") as f:
|
||
|
|
f.write(os.environ[env_var])
|
||
|
|
|
||
|
|
|
||
|
|
class DatabaseWrapper(base.DatabaseWrapper):
|
||
|
|
def get_new_connection(self, conn_params):
|
||
|
|
maybe_write_ssl_files()
|
||
|
|
return super().get_new_connection(conn_params)
|