Skip to content

Commit 1ae6f9b

Browse files
committed
Add TLS support to install from source
Signed-off-by: Hans Rakers <[email protected]>
1 parent e1927b2 commit 1ae6f9b

File tree

14 files changed

+124
-9
lines changed

14 files changed

+124
-9
lines changed

Berksfile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ source 'https://supermarket.chef.io'
33
metadata
44

55
group :integration do
6+
cookbook 'test', path: './test/cookbooks/test'
67
cookbook 'yum-epel'
78
cookbook 'yum-remi-chef'
89
end

CHANGELOG.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,8 @@ This file is used to list changes made in each version of the redisio cookbook.
55

66
## Unreleased
77

8-
Standardise files with files in sous-chefs/repo-management
8+
- Standardise files with files in sous-chefs/repo-management
9+
- Add ability to enable TLS support when installing from source
910

1011
## 7.2.4 - *2025-09-04*
1112

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -303,6 +303,7 @@ Configuration options, each option corresponds to the same-named configuration o
303303
* `redisio['base_piddir']` - This is the directory that redis pidfile directories and pidfiles will be placed in. Since redis can run as non root, it needs to have proper
304304
permissions to the directory to create its pid. Since each instance can run as a different user, these directories will all be nested inside this base one.
305305
* `redisio['bypass_setup']` - This attribute allows users to prevent the default recipe from calling the install and configure recipes.
306+
* `redisio['enable_tls']` - When building from source, enable TLS support.
306307
* `redisio['job_control']` - This deteremines what job control type will be used. Currently supports 'initd' or 'upstart' options. Defaults to 'initd'.
307308

308309
Default settings is a hash of default settings to be applied to to ALL instances. These can be overridden for each individual server in the servers attribute. If you are going to set logfile to a specific file, make sure to set syslog-enabled to no.
@@ -477,6 +478,7 @@ Attribute Parameters
477478
* `artifact_type` - the file extension of the package
478479
* `base_name` - the name of the package minus the extension and version number
479480
* `safe_install` - a true or false value which determines if a version of redis will be installed if one already exists, defaults to true
481+
* `enable_tls` - enable TLS support when building from source
480482

481483
This resource expects the following naming conventions:
482484

attributes/default.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
default['redisio']['package_install'] = default_package_install
3434
default['redisio']['package_name'] = package_name
3535
default['redisio']['bypass_setup'] = false
36+
default['redisio']['enable_tls'] = false
3637

3738
# Tarball and download related defaults
3839
default['redisio']['mirror'] = 'http://download.redis.io/releases/'

kitchen.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,23 @@ suites:
4141
save: "3600 1\n300 100\n60 10000"
4242
logfile: '/var/log/redis/redis-16379.log'
4343

44+
- name: default_tls
45+
run_list:
46+
- recipe[redisio::default]
47+
- recipe[test::default_tls]
48+
- recipe[redisio::enable]
49+
attributes:
50+
redisio:
51+
version: "<%= ENV['REDIS_VERSION'] || '6.2.3' %>"
52+
enable_tls: true
53+
servers:
54+
- name: '6379-tls'
55+
port: 0
56+
tlsport: 6379
57+
tlscertfile: '/etc/redis/ssl/redis.crt'
58+
tlskeyfile: '/etc/redis/ssl/redis.key'
59+
tlscacertfile: '/etc/redis/ssl/redis-ca.crt'
60+
4461
- name: sentinel
4562
run_list:
4663
- recipe[redisio::default]

providers/install.rb

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,12 @@ def unpack
4646
end
4747

4848
def build
49-
execute "cd #{new_resource.download_dir}/#{new_resource.base_name}#{new_resource.version} && make clean && make"
49+
build_tls = if new_resource.enable_tls
50+
'BUILD_TLS=yes'
51+
else
52+
'BUILD_TLS=no'
53+
end
54+
execute "cd #{new_resource.download_dir}/#{new_resource.base_name}#{new_resource.version} && make clean && make #{build_tls}"
5055
end
5156

5257
def install

recipes/_install_prereqs.rb

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
packages_to_install = case node['platform_family']
22
when 'debian'
33
%w(
4-
tar
4+
libssl-dev tar
55
)
66
when 'rhel', 'fedora'
77
%w(
8-
tar
8+
openssl-devel tar
99
)
1010
else
1111
%w()

recipes/enable.rb

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,11 @@
33
redis['servers'].each do |current_server|
44
server_name = current_server['name'] || current_server['port']
55
resource_name = if node['redisio']['job_control'] == 'systemd'
6-
"service[redis@#{server_name}]"
6+
"redis@#{server_name}"
77
else
8-
"service[redis#{server_name}]"
8+
"redis#{server_name}"
99
end
10-
resource = resources(resource_name)
11-
resource.action Array(resource.action)
12-
resource.action.concat [:start, :enable]
10+
service resource_name do
11+
action [:start, :enable]
12+
end
1313
end

recipes/install.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
download_url location
1717
safe_install redis['safe_install']
1818
install_dir redis['install_dir'] if redis['install_dir']
19+
enable_tls redis['enable_tls']
1920
end
2021
end
2122

resources/install.rb

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,5 +9,6 @@
99
attribute :artifact_type, kind_of: String, default: 'tar.gz'
1010
attribute :base_name, kind_of: String, default: 'redis-'
1111
attribute :safe_install, kind_of: [TrueClass, FalseClass], default: true
12+
attribute :enable_tls, kind_of: [TrueClass, FalseClass], default: false
1213

1314
attribute :install_dir, kind_of: String, default: nil

0 commit comments

Comments
 (0)