storageredis

package module

v0.1.5 Latest Latest Go to latest Published: Dec 16, 2019 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/blattersturm/caddy-tlsredis

Links

Open Source Insights

README ¶

Caddy Cluster / Certmagic TLS cluster support for Redis

This plugin is based on similar plugin using Consul. Most of the aspect is also similar, I pretty much copy the crypto implementation. The reason I use Redis is because it easier to setup.

For now, this will support redis as single instance, or with replica, but NOT the cluster. This plugin utilize go-redis/redis for its client access and redislock for it's locking mechanism. See distlock for the lock algorithm.

This plugin currently work with versions of Caddy that use https://github.com/mholt/certmagic and its new storage interface (> 0.11.1)

Configuration

You enable Consul storage with Caddy by setting the CADDY_CLUSTERING environment variable to redis.

There are additional environment variable for this plugin:

CADDY_CLUSTERING_REDIS_HOST defines Redis Host, default is 127.0.0.1
CADDY_CLUSTERING_REDIS_PORT defines Redis Port, default is 6379
CADDY_CLUSTERING_REDIS_PASSWORD defines Redis Password, default is empty
CADDY_CLUSTERING_REDIS_DB defines Redis DB, default is 0
CADDY_CLUSTERING_REDIS_TIMEOUT defines Redis Dial,Read,Write timeout, default is set to 5 for 5 seconds
CADDY_CLUSTERING_REDIS_AESKEY defines your personal AES key to use when encrypting data. It needs to be 32 characters long.
CADDY_CLUSTERING_REDIS_KEYPREFIX defines the prefix for the keys. Default is caddytls
CADDY_CLUSTERING_REDIS_VALUEPREFIX defines the prefix for the values. Default is caddy-storage-redis
CADDY_CLUSTERING_REDIS_TLS defines whether use Redis TLS Connection or not
CADDY_CLUSTERING_REDIS_TLS_INSECURE defines whether verify Redis TLS Connection or not

TODO

Add Redis Cluster or Sentinel support (probably need to update the distlock implementation first)

Documentation ¶

Index ¶

Constants
type Options
- func GetOptions() *Options
- func (op *Options) GetAESKeyByte() []byte
type RedisStorage
- func GetRedisStorage() (*RedisStorage, error)
type StorageData

Constants ¶

View Source

const (

	// DefaultAESKey needs to be 32 bytes long
	DefaultAESKey = "redistls-01234567890-caddytls-32"

	// DefaultKeyPrefix defines the default prefix in KV store
	DefaultKeyPrefix = "caddytls"

	// DefaultValuePrefix sets a prefix to KV values to check validation
	DefaultValuePrefix = "caddy-storage-redis"

	// DefaultRedisHost define the Redis instance host
	DefaultRedisHost = "127.0.0.1"

	// DefaultRedisPort define the Redis instance port
	DefaultRedisPort = "6379"

	// DefaultRedisDB define the Redis DB number
	DefaultRedisDB = 0

	// DefaultRedisPassword define the Redis instance password, if any
	DefaultRedisPassword = ""

	// DefaultRedisTimeout define the Redis wait time in (s)
	DefaultRedisTimeout = 5

	// DefaultRedisTLS define the Redis TLS connection
	DefaultRedisTLS = false

	// DefaultRedisTLSInsecure define the Redis TLS connection
	DefaultRedisTLSInsecure = true

	// EnvNameRedisHost defines the env variable name to override Redis host
	EnvNameRedisHost = "CADDY_CLUSTERING_REDIS_HOST"

	// EnvNameRedisPort defines the env variable name to override Redis port
	EnvNameRedisPort = "CADDY_CLUSTERING_REDIS_PORT"

	// EnvNameRedisDB defines the env variable name to override Redis db number
	EnvNameRedisDB = "CADDY_CLUSTERING_REDIS_DB"

	// EnvNameRedisPassword defines the env variable name to override Redis password
	EnvNameRedisPassword = "CADDY_CLUSTERING_REDIS_PASSWORD"

	// EnvNameRedisTimeout defines the env variable name to override Redis wait timeout for dial, read, write
	EnvNameRedisTimeout = "CADDY_CLUSTERING_REDIS_TIMEOUT"

	// EnvNameAESKey defines the env variable name to override AES key
	EnvNameAESKey = "CADDY_CLUSTERING_REDIS_AESKEY"

	// EnvNameKeyPrefix defines the env variable name to override KV key prefix
	EnvNameKeyPrefix = "CADDY_CLUSTERING_REDIS_KEYPREFIX"

	// EnvNameValuePrefix defines the env variable name to override KV value prefix
	EnvNameValuePrefix = "CADDY_CLUSTERING_REDIS_VALUEPREFIX"

	// EnvNameTLSEnabled defines the env variable name to whether enable Redis TLS Connection or not
	EnvNameTLSEnabled = "CADDY_CLUSTERING_REDIS_TLS"

	// EnvNameTLSInsecure defines the env variable name to whether verify Redis TLS Connection or not
	EnvNameTLSInsecure = "CADDY_CLUSTERING_REDIS_TLS_INSECURE"
)

View Source

const (
	// InactiveLockDuration is when the lock is considered as stale and need to be refreshed
	InactiveLockDuration = 4 * time.Hour

	// LockDuration is lock time duration
	LockDuration = 8 * time.Hour

	// ScanCount is how many scan command might return
	ScanCount int64 = 100
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Options ¶

type Options struct {
	Host        string
	Port        string
	DB          int
	Password    string
	Timeout     int
	KeyPrefix   string
	ValuePrefix string
	AESKey      string
	TLSEnabled  bool
	TLSInsecure bool
}

Options is option to set plugin configuration

func GetOptions ¶

func GetOptions() *Options

GetOptions generate options from env or default

func (*Options) GetAESKeyByte ¶

func (op *Options) GetAESKeyByte() []byte

GetAESKey get aes key as byte

type RedisStorage ¶

type RedisStorage struct {
	Client       redis.UniversalClient
	ClientLocker *redislock.Client
	Options      *Options
	// contains filtered or unexported fields
}

RedisStorage contain Redis client, and plugin option

func GetRedisStorage ¶

func GetRedisStorage() (*RedisStorage, error)

GetRedisStorage build RedisStorage

func (*RedisStorage) DecryptStorageData ¶

func (rd *RedisStorage) DecryptStorageData(bytes []byte) (*StorageData, error)

DecryptStorageData decrypt storage data, so we can read it

func (RedisStorage) Delete ¶

func (rd RedisStorage) Delete(key string) error

Delete deletes key.

func (*RedisStorage) EncryptStorageData ¶

func (rd *RedisStorage) EncryptStorageData(data *StorageData) ([]byte, error)

EncryptStorageData encrypt storage data, so it won't be plain data

func (RedisStorage) Exists ¶

func (rd RedisStorage) Exists(key string) bool

Exists returns true if the key exists

func (RedisStorage) List ¶

func (rd RedisStorage) List(prefix string, recursive bool) ([]string, error)

List returns all keys that match prefix.

func (RedisStorage) Load ¶

func (rd RedisStorage) Load(key string) ([]byte, error)

Load retrieves the value at key.

func (RedisStorage) Lock ¶

func (rd RedisStorage) Lock(key string) error

Lock is to lock value

func (RedisStorage) Stat ¶

func (rd RedisStorage) Stat(key string) (certmagic.KeyInfo, error)

Stat returns information about key.

func (RedisStorage) Store ¶

func (rd RedisStorage) Store(key string, value []byte) error

Store values at key

func (RedisStorage) Unlock ¶

func (rd RedisStorage) Unlock(key string) error

Unlock is to unlock value

type StorageData ¶

type StorageData struct {
	Value    []byte    `json:"value"`
	Modified time.Time `json:"modified"`
}

StorageData describe the data that is stored in KV storage

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL