root: optional TLS support on redis connections (#1147)
* root: optional TLS support on redis connections * root: don't use f-strings when not interpolating variables * root: use f-string in redis protocol prefix interpolation * root: glaring typo * formatting * small formatting change I missed * root: swap around default redis protocol prefixes
This commit is contained in:
parent
212ff11b6d
commit
a5bb583268
|
@ -15,6 +15,7 @@ redis:
|
||||||
host: localhost
|
host: localhost
|
||||||
port: 6379
|
port: 6379
|
||||||
password: ''
|
password: ''
|
||||||
|
tls: false
|
||||||
cache_db: 0
|
cache_db: 0
|
||||||
message_queue_db: 1
|
message_queue_db: 1
|
||||||
ws_db: 2
|
ws_db: 2
|
||||||
|
|
|
@ -188,11 +188,16 @@ REST_FRAMEWORK = {
|
||||||
"DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
|
"DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
|
||||||
}
|
}
|
||||||
|
|
||||||
|
REDIS_PROTOCOL_PREFIX = "redis://"
|
||||||
|
if CONFIG.y_bool("redis.tls", False):
|
||||||
|
REDIS_PROTOCOL_PREFIX = "rediss://"
|
||||||
|
|
||||||
CACHES = {
|
CACHES = {
|
||||||
"default": {
|
"default": {
|
||||||
"BACKEND": "django_redis.cache.RedisCache",
|
"BACKEND": "django_redis.cache.RedisCache",
|
||||||
"LOCATION": (
|
"LOCATION": (
|
||||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||||
|
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.cache_db')}"
|
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.cache_db')}"
|
||||||
),
|
),
|
||||||
"TIMEOUT": int(CONFIG.y("redis.cache_timeout", 300)),
|
"TIMEOUT": int(CONFIG.y("redis.cache_timeout", 300)),
|
||||||
|
@ -252,7 +257,8 @@ CHANNEL_LAYERS = {
|
||||||
"BACKEND": "channels_redis.core.RedisChannelLayer",
|
"BACKEND": "channels_redis.core.RedisChannelLayer",
|
||||||
"CONFIG": {
|
"CONFIG": {
|
||||||
"hosts": [
|
"hosts": [
|
||||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||||
|
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.ws_db')}"
|
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.ws_db')}"
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
@ -331,12 +337,14 @@ CELERY_BEAT_SCHEDULE = {
|
||||||
CELERY_TASK_CREATE_MISSING_QUEUES = True
|
CELERY_TASK_CREATE_MISSING_QUEUES = True
|
||||||
CELERY_TASK_DEFAULT_QUEUE = "authentik"
|
CELERY_TASK_DEFAULT_QUEUE = "authentik"
|
||||||
CELERY_BROKER_URL = (
|
CELERY_BROKER_URL = (
|
||||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}"
|
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||||
f":{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||||
|
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
||||||
)
|
)
|
||||||
CELERY_RESULT_BACKEND = (
|
CELERY_RESULT_BACKEND = (
|
||||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}"
|
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||||
f":{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||||
|
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
||||||
)
|
)
|
||||||
|
|
||||||
# Database backup
|
# Database backup
|
||||||
|
|
|
@ -40,10 +40,14 @@ while True:
|
||||||
sleep(1)
|
sleep(1)
|
||||||
j_print(f"PostgreSQL Connection failed, retrying... ({exc})")
|
j_print(f"PostgreSQL Connection failed, retrying... ({exc})")
|
||||||
|
|
||||||
|
REDIS_PROTOCOL_PREFIX = "redis://"
|
||||||
|
if CONFIG.y_bool("redis.tls", False):
|
||||||
|
REDIS_PROTOCOL_PREFIX = "rediss://"
|
||||||
while True:
|
while True:
|
||||||
try:
|
try:
|
||||||
redis = Redis.from_url(
|
redis = Redis.from_url(
|
||||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||||
|
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.ws_db')}"
|
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.ws_db')}"
|
||||||
)
|
)
|
||||||
redis.ping()
|
redis.ping()
|
||||||
|
|
Reference in a new issue