Add password to redis (#107)

pull/116/head
Stefano Ortolani 2024-08-13 14:23:45 +01:00 committed by GitHub
parent a8ea7e0923
commit 8197b9b1d0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 19 additions and 2 deletions

View File

@ -19,7 +19,7 @@ change_php_vars() {
sed -i "s/upload_max_filesize = .*/upload_max_filesize = 50M/" "$FILE"
sed -i "s/post_max_size = .*/post_max_size = 50M/" "$FILE"
sed -i "s/session.save_handler = .*/session.save_handler = redis/" "$FILE"
sed -i "s|.*session.save_path = .*|session.save_path = '$(echo $REDIS_FQDN | grep -E '^\w+://' || echo tcp://$REDIS_FQDN):6379'|" "$FILE"
sed -i "s|.*session.save_path = .*|session.save_path = '$(echo $REDIS_FQDN | grep -E '^\w+://' || echo tcp://$REDIS_FQDN):6379${REDIS_PASSWORD:+?auth=${REDIS_PASSWORD}}'|" "$FILE"
sed -i "s/session.sid_length = .*/session.sid_length = 64/" "$FILE"
sed -i "s/session.use_strict_mode = .*/session.use_strict_mode = 1/" "$FILE"
done

View File

@ -14,6 +14,7 @@ trap term_proc SIGTERM
[ -z "$MYSQL_PASSWORD" ] && MYSQL_PASSWORD=example
[ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp
[ -z "$MYSQLCMD" ] && export MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE"
[ -z "$REDIS_PASSWORD" ] && REDIS_PASSWORD=redispassword
[ -z "$CRON_USER_ID" ] && export CRON_USER_ID="1"
[ -z "$BASE_URL" ] && export BASE_URL="https://localhost"
[ -z "$DISABLE_IPV6" ] && export DISABLE_IPV6=false

View File

@ -15,6 +15,9 @@
"Plugin.ZeroMQ_redis_host": {
"default_value": "${REDIS_FQDN}"
},
"Plugin.ZeroMQ_redis_password": {
"default_value": "${REDIS_PASSWORD}"
},
"Plugin.Enrichment_services_url": {
"default_value": "${MISP_MODULES_FQDN}"
},

View File

@ -5,10 +5,16 @@
"MISP.redis_host": {
"default_value": "${REDIS_FQDN}"
},
"MISP.redis_password": {
"default_value": "${REDIS_PASSWORD}"
},
"GnuPG.binary": {
"default_value": "${GPG_BINARY}"
},
"SimpleBackgroundJobs.redis_host": {
"default_value": "${REDIS_FQDN}"
},
"SimpleBackgroundJobs.redis_password": {
"default_value": "${REDIS_PASSWORD}"
}
}

View File

@ -13,8 +13,9 @@ services:
redis:
image: valkey/valkey:7.2
command: "--requirepass ${REDIS_PASSWORD:-redispassword}"
healthcheck:
test: valkey-cli ping || exit 1
test: "valkey-cli -a ${REDIS_PASSWORD:-redispassword} ping || exit 1"
interval: 2s
timeout: 1s
retries: 3
@ -158,6 +159,8 @@ services:
- "MYSQL_USER=${MYSQL_USER:-misp}"
- "MYSQL_PASSWORD=${MYSQL_PASSWORD:-example}"
- "MYSQL_DATABASE=${MYSQL_DATABASE:-misp}"
# redis settings
- "REDIS_PASSWORD=${REDIS_PASSWORD:-redispassword}"
# Debug setting
- "DEBUG=${DEBUG}"
# SMTP setting
@ -173,6 +176,7 @@ services:
- LIBFAUP_COMMIT=${LIBFAUP_COMMIT:?Missing .env file, see README.md for instructions}
environment:
- "REDIS_BACKEND=redis"
- "REDIS_PW=${REDIS_PASSWORD:-redispassword}"
depends_on:
redis:
condition: service_healthy

View File

@ -78,6 +78,9 @@ SYNCSERVERS_1_PULL_RULES=
# MYSQL_ROOT_PASSWORD=
# MYSQL_DATABASE=
# optional and used to set redis password
# REDIS_PASSWORD=
# These variables allows overriding some MISP email values.
# They all default to ADMIN_EMAIL.