- Issue created by @pcambra
- 🇩🇪Germany jurgenhaas Gottmadingen
I don't know anyone who has done that. Maybe you want to ask upstream if the CrowdSec PHP library is able to handle that?
- Merge request !11Issue #3522049 by pcambra, jurgenhaas: ElasticCache Redis issue → (Open) created by jurgenhaas
- 🇪🇸Spain pcambra Asturies
As we've closed the issue upstream, this is now related to what we do with this in relation to ✨ Support TLS for Predis Needs review as it is the patch that enables the redis contrib module to separate host and scheme. Without including a scheme/host separation, the PR in this issue doesn't really fix anything, it does though in combination. So I'm unsure where we should solve the issue because symfony/cache is going to handle it in a different way anyways.
I've added a separated issue to handle this redis connection issue so the site doesn't break/WSOD due to crowdsec failing to connect to Redis. 📌 Fail gracefully when Redis not available Active
And ✨ Could Drupal\crowdsec\Client::cache be protected instead of private? Active allows for service decoration which can be handy to alter the dsn for special cases. - 🇩🇪Germany jurgenhaas Gottmadingen
The design of the Redis cache handling in this module is to allow zero-config when the Redis module is available.
Therefore, before we can move this issue forward, we need to wait for the final implementation of TLS support in the Redis module. And there it would be important to get the Redis maintainers to also support `rediss://`, if that's the only schema that is supported by Symfony cache in this context. Then this should also work for the Redis module.
- 🇪🇸Spain pcambra Asturies
And that's precisely why the client method should be protected rather than private, so it can be decorated while the Redis module fixes the issue (which is 4+ years old IIRC).
- 🇩🇪Germany jurgenhaas Gottmadingen
As for the comments in #9 please see my comments in ✨ Could Drupal\crowdsec\Client::cache be protected instead of private? Active .
To help finding the best proposal and solution, could you please give it a try if your Redis module would also work if you used
rediss://
as the schema for it? - 🇪🇸Spain pcambra Asturies
It doesn't:
Unable to find the socket transport "rediss" - did you forget to enable it when you configured PHP?
- 🇩🇪Germany jurgenhaas Gottmadingen
OK, so once ✨ Support TLS for Predis Needs review has landed where you can configure
$settings['redis.connection']['scheme'] = 'tls';
for the Redis module, the updated MR in this issue here will then automatically work such that it usesrediss
instead oftls
.You can apply both MRs from here and the Redis issue to your site and it should work for both use cases ootb.
This can be reviewed and can be merged into the crowdsec module, even if the other issue doesn't get committed.