Postgresql support

backend/app.js

@@ -29,6 +29,7 @@ if (config.debug()) {
 	app.set('json spaces', 2);
 }
 
+
 // CORS for everything
 app.use(require('./lib/express/cors'));
 

backend/db.js

@@ -9,6 +9,22 @@ function generateDbConfig() {
 	if (cfg.engine === 'knex-native') {
 		return cfg.knex;
 	}
+	if (cfg.engine === 'pg') {
+
+		return {
+			client:     cfg.engine,
+			connection: {
+				host:     cfg.host,
+				user:     cfg.user,
+				password: cfg.password,
+				database: cfg.name,
+				port:     cfg.port
+			},
+			migrations: {
+				tableName: 'migrations'
+			}
+		};
+	}
 	return {
 		client:     cfg.engine,
 		connection: {

backend/internal/access-list.js

@@ -252,10 +252,14 @@ const internalAccessList = {
 				let query = accessListModel
 					.query()
 					.select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count'))
-					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
+					.leftJoin('proxy_host', function() {
+						this.on('proxy_host.access_list_id', '=', 'access_list.id')
+							.andOn('proxy_host.is_deleted', '=', 0);
+					})
 					.where('access_list.is_deleted', 0)
 					.andWhere('access_list.id', data.id)
 					.allowGraph('[owner,items,clients,proxy_hosts.[certificate,access_list.[clients,items]]]')
+					.groupBy('access_list.id')
 					.first();
 
 				if (access_data.permission_visibility !== 'all') {
@@ -373,7 +377,10 @@ const internalAccessList = {
 				let query = accessListModel
 					.query()
 					.select('access_list.*', accessListModel.raw('COUNT(proxy_host.id) as proxy_host_count'))
-					.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
+					.leftJoin('proxy_host', function() {
+						this.on('proxy_host.access_list_id', '=', 'access_list.id')
+							.andOn('proxy_host.is_deleted', '=', 0);
+					})
 					.where('access_list.is_deleted', 0)
 					.groupBy('access_list.id')
 					.allowGraph('[owner,items,clients]')

backend/internal/audit-log.js

@@ -22,9 +22,9 @@ const internalAuditLog = {
 					.allowGraph('[user]');
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('meta', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(meta AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' + search_query + '%');
 					});
 				}
 

backend/internal/dead-host.js

@@ -409,16 +409,16 @@ const internalDeadHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderBy('domain_names', 'ASC');
+					.orderByRaw('CAST(domain_names AS VARCHAR(65535)) ASC');
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('domain_names', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' + search_query + '%');
 					});
 				}
 

backend/internal/host.js

@@ -129,15 +129,15 @@ const internalHost = {
 			proxyHostModel
 				.query()
 				.where('is_deleted', 0)
-				.andWhere('domain_names', 'like', '%' + hostname + '%'),
+				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
 			redirectionHostModel
 				.query()
 				.where('is_deleted', 0)
-				.andWhere('domain_names', 'like', '%' + hostname + '%'),
+				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
 			deadHostModel
 				.query()
 				.where('is_deleted', 0)
-				.andWhere('domain_names', 'like', '%' + hostname + '%')
+				.whereRaw('CAST(domain_names AS VARCHAR(65535)) like ? ESCAPE \'\'', '%'+hostname + '%'),
 		];
 
 		return Promise.all(promises)

backend/internal/proxy-host.js

@@ -409,23 +409,25 @@ const internalProxyHost = {
 	 * @returns {Promise}
 	 */
 	getAll: (access, expand, search_query) => {
+
 		return access.can('proxy_hosts:list')
 			.then((access_data) => {
 				let query = proxyHostModel
 					.query()
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,access_list,certificate]')
-					.orderBy('domain_names', 'ASC');
+					.orderByRaw('CAST(domain_names AS VARCHAR(65535) ) ASC')
+				;
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('domain_names', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(domain_names AS VARCHAR(65535) ) like ? ESCAPE \'\'', '%'+search_query + '%');
 					});
 				}
 
@@ -436,6 +438,7 @@ const internalProxyHost = {
 				return query.then(utils.omitRows(omissions()));
 			})
 			.then((rows) => {
+
 				if (typeof expand !== 'undefined' && expand !== null && expand.indexOf('certificate') !== -1) {
 					return internalHost.cleanAllRowsCertificateMeta(rows);
 				}

backend/internal/redirection-host.js

@@ -20,7 +20,6 @@ const internalRedirectionHost = {
 	 */
 	create: (access, data) => {
 		let create_certificate = data.certificate_id === 'new';
-
 		if (create_certificate) {
 			delete data.certificate_id;
 		}
@@ -409,16 +408,16 @@ const internalRedirectionHost = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner,certificate]')
-					.orderBy('domain_names', 'ASC');
+					.orderByRaw('CAST(domain_names AS VARCHAR(65535) ) ASC');
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('domain_names', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(domain_names AS VARCHAR(65535) ) like ? ESCAPE \'\'', '%' + search_query + '%');
 					});
 				}
 

backend/internal/stream.js

@@ -298,16 +298,18 @@ const internalStream = {
 					.where('is_deleted', 0)
 					.groupBy('id')
 					.allowGraph('[owner]')
-					.orderBy('incoming_port', 'ASC');
+					//.orderBy('incoming_port', 'ASC')
+					.orderByRaw('CAST(incoming_port AS INTEGER) ASC')
+				;
 
 				if (access_data.permission_visibility !== 'all') {
 					query.andWhere('owner_user_id', access.token.getUserId(1));
 				}
 
 				// Query is used for searching
-				if (typeof search_query === 'string') {
+				if (typeof search_query === 'string' && search_query.length > 0) {
 					query.where(function () {
-						this.where('incoming_port', 'like', '%' + search_query + '%');
+						this.whereRaw('CAST(incoming_port AS VARCHAR(65535)) like ? ESCAPE \'\'', '%' +  search_query+ '%');
 					});
 				}
 

backend/lib/config.js

@@ -45,6 +45,25 @@ const configure = () => {
 		};
 		return;
 	}
+	const envPostgresqlHost = process.env.DB_POSTGRESQL_HOST || null;
+	const envPostgresqlUser = process.env.DB_POSTGRESQL_USER || null;
+	const envPostgresqlName = process.env.DB_POSTGRESQL_NAME || null;
+	if (envPostgresqlHost && envPostgresqlUser && envPostgresqlName) {
+		// we have enough mysql creds to go with mysql
+		logger.info('Using POSTGRESQL configuration');
+		instance = {
+			database: {
+				engine:   'pg',
+				host:     envPostgresqlHost,
+				port:     process.env.DB_POSTGRESQL_PORT || 5432,
+				user:     envPostgresqlUser,
+				password: process.env.DB_POSTGRESQL_PASSWORD,
+				name:     envPostgresqlName,
+			},
+			keys: getKeys(),
+		};
+		return;
+	}
 
 	const envSqliteFile = process.env.DB_SQLITE_FILE || '/data/database.sqlite';
 	logger.info(`Using Sqlite: ${envSqliteFile}`);

backend/models/redirection_host.js

@@ -17,6 +17,9 @@ const boolFields = [
 	'preserve_path',
 	'ssl_forced',
 	'block_exploits',
+	'hsts_enabled',
+	'hsts_subdomains',
+	'http2_support',
 ];
 
 class RedirectionHost extends Model {

backend/package.json

@@ -21,8 +21,9 @@
 		"moment": "^2.29.4",
 		"mysql2": "^3.11.1",
 		"node-rsa": "^1.0.8",
-		"objection": "3.0.1",
+		"objection": "^3.0.1",
 		"path": "^0.12.7",
+		"pg": "^8.13.0",
 		"signale": "1.4.0",
 		"sqlite3": "5.1.6",
 		"temp-write": "^4.0.0"

backend/setup.js

@@ -15,11 +15,11 @@ const certbot             = require('./lib/certbot');
 const setupDefaultUser = () => {
 	return userModel
 		.query()
-		.select(userModel.raw('COUNT(`id`) as `count`'))
+		.select('id')
 		.where('is_deleted', 0)
-		.first()
 		.then((row) => {
-			if (!row.count) {
+			if (row.length === 0) {
+
 				// Create a new user and set password
 				let email    = process.env.INITIAL_ADMIN_EMAIL || '[email protected]';
 				let password = process.env.INITIAL_ADMIN_PASSWORD || 'changeme';
@@ -77,11 +77,10 @@ const setupDefaultUser = () => {
 const setupDefaultSettings = () => {
 	return settingModel
 		.query()
-		.select(settingModel.raw('COUNT(`id`) as `count`'))
+		.select('id')
 		.where({id: 'default-site'})
-		.first()
 		.then((row) => {
-			if (!row.count) {
+			if (!row.length || !row[0].id) {
 				settingModel
 					.query()
 					.insert({