Categorygithub.com/blattersturm/caddy-tlsredis
modulepackage
0.1.5
Repository: https://github.com/blattersturm/caddy-tlsredis.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
14
Dependents
0
Files
512 SLOC

# README

Caddy Cluster / Certmagic TLS cluster support for Redis

This plugin is based on similar plugin using Consul. Most of the aspect is also similar, I pretty much copy the crypto implementation. The reason I use Redis is because it easier to setup.

For now, this will support redis as single instance, or with replica, but NOT the cluster. This plugin utilize go-redis/redis for its client access and redislock for it's locking mechanism. See distlock for the lock algorithm.

This plugin currently work with versions of Caddy that use https://github.com/mholt/certmagic and its new storage interface (> 0.11.1)

Configuration

You enable Consul storage with Caddy by setting the CADDY_CLUSTERING environment variable to redis.

There are additional environment variable for this plugin:

  • CADDY_CLUSTERING_REDIS_HOST defines Redis Host, default is 127.0.0.1
  • CADDY_CLUSTERING_REDIS_PORT defines Redis Port, default is 6379
  • CADDY_CLUSTERING_REDIS_PASSWORD defines Redis Password, default is empty
  • CADDY_CLUSTERING_REDIS_DB defines Redis DB, default is 0
  • CADDY_CLUSTERING_REDIS_TIMEOUT defines Redis Dial,Read,Write timeout, default is set to 5 for 5 seconds
  • CADDY_CLUSTERING_REDIS_AESKEY defines your personal AES key to use when encrypting data. It needs to be 32 characters long.
  • CADDY_CLUSTERING_REDIS_KEYPREFIX defines the prefix for the keys. Default is caddytls
  • CADDY_CLUSTERING_REDIS_VALUEPREFIX defines the prefix for the values. Default is caddy-storage-redis
  • CADDY_CLUSTERING_REDIS_TLS defines whether use Redis TLS Connection or not
  • CADDY_CLUSTERING_REDIS_TLS_INSECURE defines whether verify Redis TLS Connection or not

TODO

  • Add Redis Cluster or Sentinel support (probably need to update the distlock implementation first)

# Functions

GetOptions generate options from env or default.
GetRedisStorage build RedisStorage.

# Constants

DefaultAESKey needs to be 32 bytes long.
DefaultKeyPrefix defines the default prefix in KV store.
DefaultRedisDB define the Redis DB number.
DefaultRedisHost define the Redis instance host.
DefaultRedisPassword define the Redis instance password, if any.
DefaultRedisPort define the Redis instance port.
DefaultRedisTimeout define the Redis wait time in (s).
DefaultRedisTLS define the Redis TLS connection.
DefaultRedisTLSInsecure define the Redis TLS connection.
DefaultValuePrefix sets a prefix to KV values to check validation.
EnvNameAESKey defines the env variable name to override AES key.
EnvNameKeyPrefix defines the env variable name to override KV key prefix.
EnvNameRedisDB defines the env variable name to override Redis db number.
EnvNameRedisHost defines the env variable name to override Redis host.
EnvNameRedisPassword defines the env variable name to override Redis password.
EnvNameRedisPort defines the env variable name to override Redis port.
EnvNameRedisTimeout defines the env variable name to override Redis wait timeout for dial, read, write.
EnvNameTLSEnabled defines the env variable name to whether enable Redis TLS Connection or not.
EnvNameTLSInsecure defines the env variable name to whether verify Redis TLS Connection or not.
EnvNameValuePrefix defines the env variable name to override KV value prefix.
InactiveLockDuration is when the lock is considered as stale and need to be refreshed.
LockDuration is lock time duration.
ScanCount is how many scan command might return.

# Structs

Options is option to set plugin configuration.
RedisStorage contain Redis client, and plugin option.
StorageData describe the data that is stored in KV storage.