fix: disable automatic fallback from SSL to non-SSL DB connection

[icehaunter]

Postgrex connector we're using now doesn't support fallback behavior like this, so we're disabling it for epgsql connections as well. This commit also fixes application of the default value for requiring SSL, which was erroneously "false" before. This means that if your DB doesn't support SSL, you need to explicitly specify it via DATABASE_REQUIRE_SSL=false env variable or ?sslmode=disable in the connection string.

[linear]

VAX-1832 v0.11 fails to start if DB requires an SSL connection but it wasn't specified

[icehaunter]

@alco match order made it so {nil, nil} case never matched before this change

[alco]

Addressed in #1261.

[samwillis]

@icehaunter
Does this require a docs change and calling out in the release notes as it changes the default. Whats the impact on existing setups?

[icehaunter]

@samwillis
This impacts any setups where the DB does not support SSL - docker-compose, same-cluster k8s, or local dev. Probably does warrant a callout in release notes, yeah. Without this change any setups without an explicit flag but with DBs expecting SSL are broken until it's set. With this change setups without an explicit flag but with DBs not supporting SSL are broken, but broken better with explicit error on startup instead of a hidden one later on.

We can also change the default to NOT use ssl - so that we break setups expecting SSL but with a better explicit error on startup stating "hey set this flag probably"

[samwillis]

Approved, but don't merge until there is a docs PR please.