From b88816337f4329e931af3a834bb0dd0b05300144 Mon Sep 17 00:00:00 2001 From: Dave Conroy Date: Tue, 21 Jan 2025 09:29:29 -0800 Subject: [PATCH] Seperate TLS configuration for MariaDB and MySQL --- LICENSE | 2 +- install/assets/functions/10-db-backup | 26 ++++++++++++++++++++++++-- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/LICENSE b/LICENSE index 35e8726..1282ff0 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2023 Dave Conroy +Copyright (c) 2025 Dave Conroy Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/install/assets/functions/10-db-backup b/install/assets/functions/10-db-backup index a42f6da..0bc21c4 100644 --- a/install/assets/functions/10-db-backup +++ b/install/assets/functions/10-db-backup @@ -429,6 +429,14 @@ EOF if [ -n "${backup_job_db_pass}" ] ; then export MYSQL_PWD=${backup_job_db_pass} ; fi if var_true "${backup_job_mysql_enable_tls}" ; then + case "${backup_job_mysql_client,,}" in + mariadb ) + mysql_tls_args="--ssl" + ;; + mysql ) + mysql_tls_args="--ssl-mode=REQUIRED" + ;; + esac if [ -n "${backup_job_mysql_tls_ca_file}" ] ; then mysql_tls_args="--ssl_ca=${backup_job_mysql_tls_ca_file}" fi @@ -440,14 +448,28 @@ EOF fi if var_true "${backup_job_mysql_tls_verify}" ; then - mysql_tls_args="${mysql_tls_args} --sslverify-server-cert" + case "${backup_job_mysql_client,,}" in + mariadb ) + mysql_tls_args="${mysql_tls_args} --sslverify-server-cert" + ;; + mysql ) + mysql_tls_args="${mysql_tls_args} --ssl-mode=VERIFY_CA" + ;; + esac fi if [ -n "${backup_job_mysql_tls_version}" ] ; then mysql_tls_args="${mysql_tls_args} --tls_version=${backup_job_mysql_tls_version}" fi else - mysql_tls_args="--disable-ssl" + case "${backup_job_mysql_client,,}" in + mariadb ) + mysql_tls_args="--disable-ssl" + ;; + mysql ) + mysql_tls_args="--ssl-mode=DISABLED" + ;; + esac fi ;; "mssql" | "microsoftsql" )