[Feature](database): Add Support for SSL Connections and Database URL Configuration (#2540)

* feat(database): add support for SSL connections and database URL configuration * feat(config): update Redis configuration to use TLS in configurre name instead of SSL * fix(database): remove default values for DatabaseURL and SSLMode in DatabaseConfig * chore(.gitignore): add cloudreve built binary to ignore list
2025-06-23 10:12:20 +01:00
parent fec549f5ec
commit 1bd62e8feb
6 changed files with 85 additions and 62 deletions
--- a/pkg/cache/redis.go
+++ b/pkg/cache/redis.go
@@ -3,10 +3,12 @@ package cache
 import (
 	"bytes"
 	"encoding/gob"
-	"github.com/cloudreve/Cloudreve/v4/pkg/logging"
 	"strconv"
 	"time"

+	"github.com/cloudreve/Cloudreve/v4/pkg/conf"
+	"github.com/cloudreve/Cloudreve/v4/pkg/logging"
+
 	"github.com/gomodule/redigo/redis"
 )

@@ -44,7 +46,7 @@ func deserializer(value []byte) (any, error) {
 }

 // NewRedisStore 创建新的redis存储
-func NewRedisStore(l logging.Logger, size int, network, address, user, password, database string) *RedisStore {
+func NewRedisStore(l logging.Logger, size int, redisConfig *conf.Redis) *RedisStore {
 	return &RedisStore{
 		pool: &redis.Pool{
 			MaxIdle:     size,
@@ -54,17 +56,19 @@ func NewRedisStore(l logging.Logger, size int, network, address, user, password,
 				return err
 			},
 			Dial: func() (redis.Conn, error) {
-				db, err := strconv.Atoi(database)
+				db, err := strconv.Atoi(redisConfig.DB)
 				if err != nil {
 					return nil, err
 				}

 				c, err := redis.Dial(
-					network,
-					address,
+					redisConfig.Network,
+					redisConfig.Server,
 					redis.DialDatabase(db),
-					redis.DialPassword(password),
-					redis.DialUsername(user),
+					redis.DialPassword(redisConfig.Password),
+					redis.DialUsername(redisConfig.User),
+					redis.DialUseTLS(redisConfig.UseTLS),
+					redis.DialTLSSkipVerify(redisConfig.TLSSkipVerify),
 				)
 				if err != nil {
 					l.Panic("Failed to create Redis connection: %s", err)
--- a/pkg/conf/conf.go
+++ b/pkg/conf/conf.go
@@ -2,12 +2,13 @@ package conf

 import (
 	"fmt"
+	"os"
+	"strings"
+
 	"github.com/cloudreve/Cloudreve/v4/pkg/logging"
 	"github.com/cloudreve/Cloudreve/v4/pkg/util"
 	"github.com/go-ini/ini"
 	"github.com/go-playground/validator/v10"
-	"os"
-	"strings"
 )

 const (
--- a/pkg/conf/types.go
+++ b/pkg/conf/types.go
@@ -24,6 +24,10 @@ type Database struct {
 	Port        int
 	Charset     string
 	UnixSocket  bool
+	// 允许直接使用DATABASE_URL来配置数据库连接
+	DatabaseURL string
+	// SSLMode 允许使用SSL连接数据库, 用户可以在sslmode string中添加证书等配置
+	SSLMode string
 }

 type SysMode string
@@ -65,11 +69,13 @@ type Slave struct {

 // Redis 配置
 type Redis struct {
-	Network  string
-	Server   string
-	User     string
-	Password string
-	DB       string
+	Network       string
+	Server        string
+	User          string
+	Password      string
+	DB            string
+	UseTLS        bool
+	TLSSkipVerify bool
 }

 // 跨域配置
@@ -85,18 +91,21 @@ type Cors struct {

 // RedisConfig Redis服务器配置
 var RedisConfig = &Redis{
-	Network:  "tcp",
-	Server:   "",
-	Password: "",
-	DB:       "0",
+	Network:       "tcp",
+	Server:        "",
+	Password:      "",
+	DB:            "0",
+	UseTLS:        false,
+	TLSSkipVerify: true,
 }

 // DatabaseConfig 数据库配置
 var DatabaseConfig = &Database{
-	Charset:    "utf8mb4",
-	DBFile:     util.DataPath("cloudreve.db"),
-	Port:       3306,
-	UnixSocket: false,
+	Charset:     "utf8mb4",
+	DBFile:      util.DataPath("cloudreve.db"),
+	Port:        3306,
+	UnixSocket:  false,
+	DatabaseURL: "",
 }

 // SystemConfig 系统公用配置