Redis session configuration #262
Description
After modifying Docker run user to avoid root exec, we lack permissions to write in /usr/local/etc/php/conf.d/ directory, so I had to change the method to generate our Redis config file. In my case, I am using an initContainer to create /usr/local/etc/php/conf.d/redis-session.ini file using custom env vars.
That file contains this code:
session.save_handler = redis
session.save_path = "tls://**GLPI_REDIS_HOST**:**GLPI_REDIS_PORT**?auth=**GLPI_REDIS_PASS**=&persistent=1&timeout=2.5&read_timeout=2.5&retry_interval=2&database=**GLPI_REDIS_DB**&prefix=glpi_sess:"
redis.session.locking_enabled = 1
redis.session.lock_expire = 60
redis.session.lock_wait_time = 50000
redis.session.lock_retries = 2000
As you can see, I am using some env vars for this approach (and more variables could be added to manage other properties):
- GLPI_REDIS_HOST
- GLPI_REDIS_PORT
- GLPI_REDIS_DB
- GLPI_REDIS_PASS
I am opening this issue because the GLPI docker image already includes the redis extension (#209), so it seems that it is an option to use Redis for auths. This way, maybe the Docker image might provide some strategy or variables to enable and setup Redis configuration. What do you think? Any idea to push Redis configuration by using Docker env vars?
Thanks!
P.D: one more thing... I saw this PR #222 and I am quite comfortable to set custom.ini file mapping it directly because it does not include any secret. Regarding Redis configuration, it needs the Redis user and password and from my understanding these vars should be protected as we want to avoid any secret data leakage.