From 8182009a141ba6c201daa12c2e8774327b15bf5b Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sat, 19 Jan 2019 15:37:45 +0100
Subject: [PATCH] add path to ssl rootcert for postgres connections

---
 defaults/main.yml                             | 1 +
 templates/opt/matrix/config/homeserver.yml.j2 | 1 +
 2 files changed, 2 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 02717c9..8b31fb6 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -52,6 +52,7 @@ matrix_https_bind_port: 8448
 
 matrix_postgres_enabled: False
 matrix_postgres_ssl_mode: disable
+matrix_postgres_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt
 matrix_postgres_server: postgres.example.com
 matrix_postgres_port: 5432
 matrix_postgres_superuser: postgres
diff --git a/templates/opt/matrix/config/homeserver.yml.j2 b/templates/opt/matrix/config/homeserver.yml.j2
index cc51c5f..4c654a2 100644
--- a/templates/opt/matrix/config/homeserver.yml.j2
+++ b/templates/opt/matrix/config/homeserver.yml.j2
@@ -218,6 +218,7 @@ database:
     host: {{ matrix_postgres_server }}
     port: {{ matrix_postgres_port }}
     sslmode: {{ matrix_postgres_ssl_mode }}
+    sslrootcert: {{ matrix_postgres_ssl_root_cert }}
     cp_min: 5
     cp_max: 10
   {% else %}