import fs from "fs";

type Return =
    | string
    | (import("tls").SecureContextOptions & {
          rejectUnauthorized?: boolean | undefined;
      })
    | undefined;

/**
 * # Grall SSL
 */
export default function grabDbSSL(): Return {
    const SSL_DIR = process.env.DSQL_SSL_DIR;
    if (!SSL_DIR?.match(/./)) {
        return undefined;
    }

    const caFilePath = `${SSL_DIR}/ca-cert.pem`;

    if (!fs.existsSync(caFilePath)) {
        console.log(`${caFilePath} does not exist`);
        return undefined;
    }

    return {
        ca: fs.readFileSync(`${SSL_DIR}/ca-cert.pem`),
        // key: fs.readFileSync(`${SSL_DIR}/client-key.pem`),
        // cert: fs.readFileSync(`${SSL_DIR}/client-cert.pem`),
        rejectUnauthorized: false,
    };
}