File tree Expand file tree Collapse file tree 3 files changed +14
-2
lines changed
7.4/debian-12/rootfs/opt/bitnami/scripts Expand file tree Collapse file tree 3 files changed +14
-2
lines changed Original file line number Diff line number Diff line change @@ -103,7 +103,11 @@ redis_validate() {
103103 print_validation_error " The private key file in the specified path ${REDIS_SENTINEL_TLS_KEY_FILE} does not exist"
104104 fi
105105 if [[ -z " $REDIS_SENTINEL_TLS_CA_FILE " ; then
106- print_validation_error " You must provide a CA X.509 certificate in order to use TLS"
106+ if [[ -z " $REDIS_SENTINEL_TLS_CA_DIR " ; then
107+ print_validation_error " You must provide either a CA X.509 certificate or a CA certificates directory in order to use TLS"
108+ elif [[ ! -d " $REDIS_SENTINEL_TLS_CA_DIR " ; then
109+ print_validation_error " The CA certificates directory specified by path ${REDIS_SENTINEL_TLS_CA_DIR} does not exist"
110+ fi
107111 elif [[ ! -f " $REDIS_SENTINEL_TLS_CA_FILE " ; then
108112 print_validation_error " The CA X.509 certificate file in the specified path ${REDIS_SENTINEL_TLS_CA_FILE} does not exist"
109113 fi
@@ -247,7 +251,12 @@ redis_initialize() {
247251 fi
248252 redis_conf_set tls-cert-file " $REDIS_SENTINEL_TLS_CERT_FILE "
249253 redis_conf_set tls-key-file " $REDIS_SENTINEL_TLS_KEY_FILE "
250- redis_conf_set tls-ca-cert-file " $REDIS_SENTINEL_TLS_CA_FILE "
254+ if is_empty_value " $REDIS_SENTINEL_TLS_CA_FILE " ; then
255+ redis_conf_set tls-ca-cert-dir " $REDIS_SENTINEL_TLS_CA_DIR "
256+ else
257+ redis_conf_set tls-ca-cert-file " $REDIS_SENTINEL_TLS_CA_FILE "
258+ fi
259+
251260 [[ -n " $REDIS_SENTINEL_TLS_DH_PARAMS_FILE " && redis_conf_set tls-dh-params-file " $REDIS_SENTINEL_TLS_DH_PARAMS_FILE "
252261 redis_conf_set tls-auth-clients " $REDIS_SENTINEL_TLS_AUTH_CLIENTS "
253262 redis_conf_set tls-replication yes
Original file line number Diff line number Diff line change @@ -48,6 +48,7 @@ redis_sentinel_env_vars=(
4848 REDIS_SENTINEL_TLS_CERT_FILE
4949 REDIS_SENTINEL_TLS_KEY_FILE
5050 REDIS_SENTINEL_TLS_CA_FILE
51+ REDIS_SENTINEL_TLS_CA_DIR
5152 REDIS_SENTINEL_TLS_DH_PARAMS_FILE
5253 REDIS_SENTINEL_TLS_AUTH_CLIENTS
5354 REDIS_MASTER_HOST
@@ -112,6 +113,7 @@ export REDIS_SENTINEL_TLS_PORT_NUMBER="${REDIS_SENTINEL_TLS_PORT_NUMBER:-26379}"
112113export REDIS_SENTINEL_TLS_CERT_FILE=" ${REDIS_SENTINEL_TLS_CERT_FILE:- } "
113114export REDIS_SENTINEL_TLS_KEY_FILE=" ${REDIS_SENTINEL_TLS_KEY_FILE:- } "
114115export REDIS_SENTINEL_TLS_CA_FILE=" ${REDIS_SENTINEL_TLS_CA_FILE:- } "
116+ export REDIS_SENTINEL_TLS_CA_DIR=" ${REDIS_SENTINEL_TLS_CA_DIR:- } "
115117export REDIS_SENTINEL_TLS_DH_PARAMS_FILE=" ${REDIS_SENTINEL_TLS_DH_PARAMS_FILE:- } "
116118export REDIS_SENTINEL_TLS_AUTH_CLIENTS=" ${REDIS_SENTINEL_TLS_AUTH_CLIENTS:- yes} "
117119
Original file line number Diff line number Diff line change @@ -136,6 +136,7 @@ docker run -it --rm \
136136| ` REDIS_SENTINEL_TLS_CERT_FILE ` | Redis TLS certificate file | ` nil ` |
137137| ` REDIS_SENTINEL_TLS_KEY_FILE ` | Redis TLS key file | ` nil ` |
138138| ` REDIS_SENTINEL_TLS_CA_FILE ` | Redis TLS CA file | ` nil ` |
139+ | ` REDIS_SENTINEL_TLS_CA_DIR ` | Directory containing TLS CA certificates | ` nil ` |
139140| ` REDIS_SENTINEL_TLS_DH_PARAMS_FILE ` | Redis TLS DH parameter file | ` nil ` |
140141| ` REDIS_SENTINEL_TLS_AUTH_CLIENTS ` | Enable Redis TLS client authentication | ` yes ` |
141142| ` REDIS_MASTER_HOST ` | Redis master host (used by slaves) | ` redis ` |
You can’t perform that action at this time.
0 commit comments