Redis template no longer works for separate data container

bug
1

It seems that redis changed the default for protected mode so that if you’ve got a separate data container it no longer allows connections. My caveman solution is to add this to data.yml in the hooks section.

  after_redis:
    - replace:
        filename: "/etc/redis/redis.conf"
        from: /^protected-mode yes/
        to: "protected-mode no"

There’s probably a smarter way to allow only connections from the docker network or some such, so I’ll leave it to someone more clever than I to submit a PR.

EDIT: If you see errors that look like

Failed to report error: DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no auth
entication password is requested to clients. In this mode connections are only accepted from the loopback interface. If you want to connect
 from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no'

then this is the solution.

7 Likes
2

@dan can advise here.

3 Likes
3

Default protected mode is a bit overkill, especially since the container is not exposing any of this, I say we change the base image here to default not protected

4 Likes
4

I may not understand, but my take is that they changed the default upstream.

Someone decided that it was time to grow up and that wide open defaults was a bad idea. :slight_smile:

4 Likes
5

Awww you’re taking all my fun away by not letting me blame @dan :kissing_heart:

3 Likes
6

And FWIW, a standard single container install works fine.

1 Like
7

Sure which is fine, but we can ship our own default :blush:

https://github.com/discourse/discourse_docker/commit/281190efb367298f4134672ff25082a5a74fba9f

6 Likes
8

That’s the pr that I would have submitted!

5 Likes
9

This topic was automatically closed after 27 hours. New replies are no longer allowed.