Add postgres sslmode option (#772)

Co-authored-by: aleksandr.drozdin <aleksandr.drozdin@karuna.group>

docs/v1.X/docs/references/crowdsec-config.md

@@ -37,7 +37,7 @@ db_config:
   db_path: /var/lib/crowdsec/data/crowdsec.db
   #user:
   #password:
-  #db_name: 
+  #db_name:
   #host:
   #port:
   flush:
@@ -76,10 +76,10 @@ For example, if you don't want to store your database password in the configurat
 db_config:
   type:     mysql
   user:     database_user
-  password: ${DB_PASSWORD}  
+  password: ${DB_PASSWORD}
   db_name:  db_name
-  host:     192.168.0.2   
-  port:     3306 
+  host:     192.168.0.2
+  port:     3306
 ```
 
 And export the environment variable such as:
@@ -88,7 +88,7 @@ And export the environment variable such as:
 export DB_PASSWORD="<db_password>"
 ```
 
-!!! warning 
+!!! warning
     **Note**: you need to be `root` or put the environment variable in `/etc/environement`
 
 ## Configuration format
@@ -118,12 +118,13 @@ cscli:
   hub_branch: <hub_branch>
 db_config:
   type:     <db_type>
-  db_path:  <path_to_database_file>  
+  db_path:  <path_to_database_file>
   user:     <db_user>      # for mysql/pgsql
   password: <db_password>  # for mysql/pgsql
   db_name:  <db_name>      # for mysql/pgsql
   host:     <db_host_ip>   # for mysql/pgsql
   port:     <db_host_port> # for mysql/pgsql
+  sslmode:  <required/disable> # for pgsql
   flush:
     max_items: <max_alerts_in_db>
     max_age: <max_age_of_alerts_in_db>
@@ -256,7 +257,7 @@ crowdsec_service:
 
 Number of dedicated goroutines for parsing files.
 
-#### `buckets_routines` 
+#### `buckets_routines`
 > int
 
 Number of dedicated goroutines for managing live buckets.
@@ -414,7 +415,7 @@ Path to certificate file.
 
 Path to certficate key file.
 
-### `prometheus` 
+### `prometheus`
 
 This section is used by local API and crowdsec.
 

docs/v1.X/docs/references/database.md

@@ -60,10 +60,11 @@ db_config:
   password: crowdsecpassword
   db_name: crowdsec
   host: "127.0.0.1"
-  port: 3306
+  port: 5432
+  sslmode: disable
   flush:
     max_items: 5000
-    max_age: 7d  
+    max_age: 7d
 ```
 
 </details>
@@ -76,14 +77,15 @@ db_config:
 ```yaml
 db_config:
   type:     <db_type>
-  
+
   db_path:  <path_to_database_file>  # for sqlite
-  
+
   user:     <db_user>      # for mysql/pgsql
   password: <db_password>  # for mysql/pgsql
   db_name:  <db_name>      # for mysql/pgsql
   host:     <db_host_ip>   # for mysql/pgsql
   port:     <db_host_port> # for mysql/pgsql
+  sslmode:  <required/disable> # for pgsql
   flush:
     max_items: <max_alerts_in_db>
 	max_age: <max_age_of_alerts_in_db>
@@ -165,6 +167,14 @@ db_config:
 ```
 The port to connect to (only if the type of database is `mysql` or `postgresql`)
 
+```yaml
+db_config:
+  type: postgresql
+
+  sslmode: required
+```
+Required or disable ssl connection to database (only if the type of database is `postgresql`)
+
 ### `flush`
 
 ```yaml
@@ -237,7 +247,7 @@ Alert:
 	| events    | Event    | false   |         | O2M      | false  | true     |
 	| metas     | Meta     | false   |         | O2M      | false  | true     |
 	+-----------+----------+---------+---------+----------+--------+----------+
-	
+
 Bouncer:
 	+------------+-----------+--------+----------+----------+---------+---------------+-----------+-----------------------------+------------+
 	|   Field    |   Type    | Unique | Optional | Nillable | Default | UpdateDefault | Immutable |          StructTag          | Validators |
@@ -254,7 +264,7 @@ Bouncer:
 	| until      | time.Time | false  | true     | false    | true    | false         | false     | json:"until,omitempty"      |          0 |
 	| last_pull  | time.Time | false  | false    | false    | true    | false         | false     | json:"last_pull,omitempty"  |          0 |
 	+------------+-----------+--------+----------+----------+---------+---------------+-----------+-----------------------------+------------+
-	
+
 Decision:
 	+--------------+-----------+--------+----------+----------+---------+---------------+-----------+-------------------------------+------------+
 	|    Field     |   Type    | Unique | Optional | Nillable | Default | UpdateDefault | Immutable |           StructTag           | Validators |
@@ -280,7 +290,7 @@ Decision:
 	+-------+-------+---------+-----------+----------+--------+----------+
 	| owner | Alert | true    | decisions | M2O      | true   | true     |
 	+-------+-------+---------+-----------+----------+--------+----------+
-	
+
 Event:
 	+------------+-----------+--------+----------+----------+---------+---------------+-----------+-----------------------------+------------+
 	|   Field    |   Type    | Unique | Optional | Nillable | Default | UpdateDefault | Immutable |          StructTag          | Validators |
@@ -296,7 +306,7 @@ Event:
 	+-------+-------+---------+---------+----------+--------+----------+
 	| owner | Alert | true    | events  | M2O      | true   | true     |
 	+-------+-------+---------+---------+----------+--------+----------+
-	
+
 Machine:
 	+-------------+-----------+--------+----------+----------+---------+---------------+-----------+------------------------------+------------+
 	|    Field    |   Type    | Unique | Optional | Nillable | Default | UpdateDefault | Immutable |          StructTag           | Validators |
@@ -317,7 +327,7 @@ Machine:
 	+--------+-------+---------+---------+----------+--------+----------+
 	| alerts | Alert | false   |         | O2M      | false  | true     |
 	+--------+-------+---------+---------+----------+--------+----------+
-	
+
 Meta:
 	+------------+-----------+--------+----------+----------+---------+---------------+-----------+-----------------------------+------------+
 	|   Field    |   Type    | Unique | Optional | Nillable | Default | UpdateDefault | Immutable |          StructTag          | Validators |

pkg/csconfig/database.go

@@ -10,6 +10,7 @@ type DatabaseCfg struct {
 	User     string      `yaml:"user"`
 	Password string      `yaml:"password"`
 	DbName   string      `yaml:"db_name"`
+	Sslmode  string      `yaml:"sslmode"`
 	Host     string      `yaml:"host"`
 	Port     int         `yaml:"port"`
 	DbPath   string      `yaml:"db_path"`

pkg/database/database.go

@@ -56,7 +56,7 @@ func NewClient(config *csconfig.DatabaseCfg) (*Client, error) {
 			return &Client{}, fmt.Errorf("failed opening connection to mysql: %v", err)
 		}
 	case "postgres", "postgresql":
-		client, err = ent.Open("postgres", fmt.Sprintf("host=%s port=%d user=%s dbname=%s password=%s", config.Host, config.Port, config.User, config.DbName, config.Password))
+		client, err = ent.Open("postgres", fmt.Sprintf("host=%s port=%d user=%s dbname=%s password=%s sslmode=%s", config.Host, config.Port, config.User, config.DbName, config.Password, config.Sslmode))
 		if err != nil {
 			return &Client{}, fmt.Errorf("failed opening connection to postgres: %v", err)
 		}