From f88ca74627eacd50d27809f95e363f6dfd3fb48b Mon Sep 17 00:00:00 2001
From: Nick Pappas <nick_pappas@mckinsey.com>
Date: Fri, 14 Mar 2025 16:21:17 -0500
Subject: [PATCH] fix(db): allow connections to backend dbs that require ssl

---
 server/database.js       | 4 ++++
 server/setup-database.js | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/server/database.js b/server/database.js
index 0e6a7405d..bf77081c7 100644
--- a/server/database.js
+++ b/server/database.js
@@ -264,6 +264,7 @@ class Database {
                 port: dbConfig.port,
                 user: dbConfig.username,
                 password: dbConfig.password,
+                ssl: dbConfig.useSSL ? { rejectUnauthorized: false } : false,
             });
 
             await connection.execute("CREATE DATABASE IF NOT EXISTS " + dbConfig.dbName + " CHARACTER SET utf8mb4");
@@ -277,6 +278,9 @@ class Database {
                     user: dbConfig.username,
                     password: dbConfig.password,
                     database: dbConfig.dbName,
+                    ssl: dbConfig.useSSL
+                        ? { rejectUnauthorized: false }
+                        : false,
                     timezone: "Z",
                     typeCast: function (field, next) {
                         if (field.type === "DATETIME") {
diff --git a/server/setup-database.js b/server/setup-database.js
index 483f2c9a4..288b55f9a 100644
--- a/server/setup-database.js
+++ b/server/setup-database.js
@@ -77,6 +77,9 @@ class SetupDatabase {
             dbConfig.dbName = process.env.UPTIME_KUMA_DB_NAME;
             dbConfig.username = process.env.UPTIME_KUMA_DB_USERNAME;
             dbConfig.password = process.env.UPTIME_KUMA_DB_PASSWORD;
+            dbConfig.useSSL = process.env.UPTIME_KUMA_DB_USESSL
+                ? process.env.UPTIME_KUMA_DB_USESSL !== "0"
+                : false;
             Database.writeDBConfig(dbConfig);
         }