Skip to content

Commit

Permalink
Add password to redis (#107)
Browse files Browse the repository at this point in the history
  • Loading branch information
ostefano authored Aug 13, 2024
1 parent a8ea7e0 commit 8197b9b
Show file tree
Hide file tree
Showing 6 changed files with 19 additions and 2 deletions.
2 changes: 1 addition & 1 deletion core/files/entrypoint_fpm.sh
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ change_php_vars() {
sed -i "s/upload_max_filesize = .*/upload_max_filesize = 50M/" "$FILE"
sed -i "s/post_max_size = .*/post_max_size = 50M/" "$FILE"
sed -i "s/session.save_handler = .*/session.save_handler = redis/" "$FILE"
sed -i "s|.*session.save_path = .*|session.save_path = '$(echo $REDIS_FQDN | grep -E '^\w+://' || echo tcp://$REDIS_FQDN):6379'|" "$FILE"
sed -i "s|.*session.save_path = .*|session.save_path = '$(echo $REDIS_FQDN | grep -E '^\w+://' || echo tcp://$REDIS_FQDN):6379${REDIS_PASSWORD:+?auth=${REDIS_PASSWORD}}'|" "$FILE"
sed -i "s/session.sid_length = .*/session.sid_length = 64/" "$FILE"
sed -i "s/session.use_strict_mode = .*/session.use_strict_mode = 1/" "$FILE"
done
Expand Down
1 change: 1 addition & 0 deletions core/files/entrypoint_nginx.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ trap term_proc SIGTERM
[ -z "$MYSQL_PASSWORD" ] && MYSQL_PASSWORD=example
[ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp
[ -z "$MYSQLCMD" ] && export MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE"
[ -z "$REDIS_PASSWORD" ] && REDIS_PASSWORD=redispassword
[ -z "$CRON_USER_ID" ] && export CRON_USER_ID="1"
[ -z "$BASE_URL" ] && export BASE_URL="https://localhost"
[ -z "$DISABLE_IPV6" ] && export DISABLE_IPV6=false
Expand Down
3 changes: 3 additions & 0 deletions core/files/etc/misp-docker/initialisation.envars.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,9 @@
"Plugin.ZeroMQ_redis_host": {
"default_value": "${REDIS_FQDN}"
},
"Plugin.ZeroMQ_redis_password": {
"default_value": "${REDIS_PASSWORD}"
},
"Plugin.Enrichment_services_url": {
"default_value": "${MISP_MODULES_FQDN}"
},
Expand Down
6 changes: 6 additions & 0 deletions core/files/etc/misp-docker/minimum_config.envars.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,16 @@
"MISP.redis_host": {
"default_value": "${REDIS_FQDN}"
},
"MISP.redis_password": {
"default_value": "${REDIS_PASSWORD}"
},
"GnuPG.binary": {
"default_value": "${GPG_BINARY}"
},
"SimpleBackgroundJobs.redis_host": {
"default_value": "${REDIS_FQDN}"
},
"SimpleBackgroundJobs.redis_password": {
"default_value": "${REDIS_PASSWORD}"
}
}
6 changes: 5 additions & 1 deletion docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,9 @@ services:

redis:
image: valkey/valkey:7.2
command: "--requirepass ${REDIS_PASSWORD:-redispassword}"
healthcheck:
test: valkey-cli ping || exit 1
test: "valkey-cli -a ${REDIS_PASSWORD:-redispassword} ping || exit 1"
interval: 2s
timeout: 1s
retries: 3
Expand Down Expand Up @@ -158,6 +159,8 @@ services:
- "MYSQL_USER=${MYSQL_USER:-misp}"
- "MYSQL_PASSWORD=${MYSQL_PASSWORD:-example}"
- "MYSQL_DATABASE=${MYSQL_DATABASE:-misp}"
# redis settings
- "REDIS_PASSWORD=${REDIS_PASSWORD:-redispassword}"
# Debug setting
- "DEBUG=${DEBUG}"
# SMTP setting
Expand All @@ -173,6 +176,7 @@ services:
- LIBFAUP_COMMIT=${LIBFAUP_COMMIT:?Missing .env file, see README.md for instructions}
environment:
- "REDIS_BACKEND=redis"
- "REDIS_PW=${REDIS_PASSWORD:-redispassword}"
depends_on:
redis:
condition: service_healthy
Expand Down
3 changes: 3 additions & 0 deletions template.env
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,9 @@ SYNCSERVERS_1_PULL_RULES=
# MYSQL_ROOT_PASSWORD=
# MYSQL_DATABASE=

# optional and used to set redis password
# REDIS_PASSWORD=

# These variables allows overriding some MISP email values.
# They all default to ADMIN_EMAIL.

Expand Down

0 comments on commit 8197b9b

Please sign in to comment.