feat: support CA_CERT env var override

[conorsch]

When connecting to remote databases that are SSL-required, the app will sometimes report cert errors. First, I tried to resolve this by pulling in ca-certificates in the container environment, but that wasn't sufficient. Turns out node-postgres in v8.x updated the ssl logic and that broke setups for many managed databases. As a workaround, one can now:

1. set the CA_CERT env var with the string contents of the db's CA
2. remove the sslmode=require from the connection auth starting

The fact that 2 is necessary is a bit scary, but it's caused by the fact that the connectionString setting clobbers any manual ssl opts in the db config.

Refs #193.

[conorsch]

Built a container from this branch, and was able to connect to a DO pg database, provided both were true:

1. the CA_CERT env var was declared with the correct cert info
2. the ?sslmode=require param was removed from the DATABASE_URL env var

My intent in the diff was to add support for this setup, but it's important that the existing behavior not change. @ejmg I'd appreciate if you could take this branch for a spin locally, and ensure it still works just fine for you in your normal workflows. Otherwise, we should edit it.

Also open to constructive criticism on the overall approach here.

[JasonMHasperhoven]

In js/ts you can do in-place conditionals in objects like this:

Suggested change

	ssl: {},
	...(process.env.CA_CERT && {
	ssl: {
	rejectUnauthorized: true,
	ca: process.env.CA_CERT,
	},
	}),

[JasonMHasperhoven]

Just a style preference, your code works perfectly fine as is.

[conorsch]

TIL! Great suggestion, added. (I also tested with a new ad-hoc container build to confirm I didn't break anything with my clumsy TS.)

[conorsch]

Thanks for review!