root: optional TLS support on redis connections (#1147)
* root: optional TLS support on redis connections * root: don't use f-strings when not interpolating variables * root: use f-string in redis protocol prefix interpolation * root: glaring typo * formatting * small formatting change I missed * root: swap around default redis protocol prefixes
This commit is contained in:
parent
212ff11b6d
commit
a5bb583268
|
@ -15,6 +15,7 @@ redis:
|
|||
host: localhost
|
||||
port: 6379
|
||||
password: ''
|
||||
tls: false
|
||||
cache_db: 0
|
||||
message_queue_db: 1
|
||||
ws_db: 2
|
||||
|
|
|
@ -188,11 +188,16 @@ REST_FRAMEWORK = {
|
|||
"DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
|
||||
}
|
||||
|
||||
REDIS_PROTOCOL_PREFIX = "redis://"
|
||||
if CONFIG.y_bool("redis.tls", False):
|
||||
REDIS_PROTOCOL_PREFIX = "rediss://"
|
||||
|
||||
CACHES = {
|
||||
"default": {
|
||||
"BACKEND": "django_redis.cache.RedisCache",
|
||||
"LOCATION": (
|
||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.cache_db')}"
|
||||
),
|
||||
"TIMEOUT": int(CONFIG.y("redis.cache_timeout", 300)),
|
||||
|
@ -252,7 +257,8 @@ CHANNEL_LAYERS = {
|
|||
"BACKEND": "channels_redis.core.RedisChannelLayer",
|
||||
"CONFIG": {
|
||||
"hosts": [
|
||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.ws_db')}"
|
||||
],
|
||||
},
|
||||
|
@ -331,12 +337,14 @@ CELERY_BEAT_SCHEDULE = {
|
|||
CELERY_TASK_CREATE_MISSING_QUEUES = True
|
||||
CELERY_TASK_DEFAULT_QUEUE = "authentik"
|
||||
CELERY_BROKER_URL = (
|
||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}"
|
||||
f":{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
||||
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
||||
)
|
||||
CELERY_RESULT_BACKEND = (
|
||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}"
|
||||
f":{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
||||
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.message_queue_db')}"
|
||||
)
|
||||
|
||||
# Database backup
|
||||
|
|
|
@ -40,10 +40,14 @@ while True:
|
|||
sleep(1)
|
||||
j_print(f"PostgreSQL Connection failed, retrying... ({exc})")
|
||||
|
||||
REDIS_PROTOCOL_PREFIX = "redis://"
|
||||
if CONFIG.y_bool("redis.tls", False):
|
||||
REDIS_PROTOCOL_PREFIX = "rediss://"
|
||||
while True:
|
||||
try:
|
||||
redis = Redis.from_url(
|
||||
f"redis://:{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{REDIS_PROTOCOL_PREFIX}:"
|
||||
f"{CONFIG.y('redis.password')}@{CONFIG.y('redis.host')}:"
|
||||
f"{int(CONFIG.y('redis.port'))}/{CONFIG.y('redis.ws_db')}"
|
||||
)
|
||||
redis.ping()
|
||||
|
|
Reference in a new issue