fix: remove SSL for internal Docker DB connections — fixes 500 on projects API

Made-with: Cursor

lib/db-postgres.ts

@@ -10,13 +10,28 @@ const DATABASE_URL = process.env.DATABASE_URL ||
 
 let pool: Pool | null = null;
 
+// Internal Docker network connections (Coolify) don't use SSL.
+// Only enable SSL for external/RDS/cloud DB connections.
+function getSslConfig() {
+  const url = DATABASE_URL;
+  if (!url) return undefined;
+  // Internal Docker hostnames never use SSL
+  if (url.includes('localhost') || url.includes('127.0.0.1') || 
+      /postgresql:\/\/[^@]+@[a-z0-9_-]+:\d+\//.test(url)) {
+    return undefined;
+  }
+  // External cloud DBs (RDS, AlloyDB, etc.) need SSL
+  if (process.env.DB_SSL === 'true') {
+    return { rejectUnauthorized: false };
+  }
+  return undefined;
+}
+
 export function getPool() {
   if (!pool) {
     pool = new Pool({
       connectionString: DATABASE_URL,
-      ssl: process.env.NODE_ENV === 'production' ? {
+      ssl: getSslConfig(),
-        rejectUnauthorized: false,
-      } : undefined,
       max: 20,
       idleTimeoutMillis: 30000,
       connectionTimeoutMillis: 2000,