Fix docker-compose redis replication (#4566)

supersven · web-flow · commit 166c2158e6bb · 2025-05-12T11:28:39.000+02:00
We allow only TLS connections to the Redis nodes. Thus we replication has to use TLS as well (by default it doesn't.) See https://redis.io/docs/latest/operate/oss_and_stack/management/security/encryption/#replication * Add missing newlines These files are interpreted as "POSIX text files". And, thus should adhere to their standards. See https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_206 * Add changelog entry
diff --git a/changelog.d/5-internal/docker-compose-redis-replication b/changelog.d/5-internal/docker-compose-redis-replication
@@ -0,0 +1,3 @@
+Fix Redis replication in our docker-compose env (used to run integration tests
+locally): We allow only TLS connections to the Redis nodes. Thus, replication
+has to use TLS as well (by default it doesn't.)
diff --git a/deploy/dockerephemeral/docker/redis-node-1.conf b/deploy/dockerephemeral/docker/redis-node-1.conf
@@ -5,6 +5,7 @@ tls-key-file /usr/local/etc/redis/key.pem
 tls-ca-cert-file /usr/local/etc/redis/ca.pem
 tls-auth-clients no
 tls-cluster yes
+tls-replication yes
 
 cluster-enabled yes
 cluster-config-file nodes.conf
@@ -13,4 +14,4 @@ cluster-node-timeout 5000
 appendonly yes
 
 requirepass very-secure-redis-cluster-password
-masterauth very-secure-redis-cluster-password
+masterauth very-secure-redis-cluster-password
diff --git a/deploy/dockerephemeral/docker/redis-node-2.conf b/deploy/dockerephemeral/docker/redis-node-2.conf
@@ -5,6 +5,7 @@ tls-key-file /usr/local/etc/redis/key.pem
 tls-ca-cert-file /usr/local/etc/redis/ca.pem
 tls-auth-clients no
 tls-cluster yes
+tls-replication yes
 
 cluster-enabled yes
 cluster-config-file nodes.conf
@@ -13,4 +14,4 @@ cluster-node-timeout 5000
 appendonly yes
 
 requirepass very-secure-redis-cluster-password
-masterauth very-secure-redis-cluster-password
+masterauth very-secure-redis-cluster-password
diff --git a/deploy/dockerephemeral/docker/redis-node-3.conf b/deploy/dockerephemeral/docker/redis-node-3.conf
@@ -5,6 +5,7 @@ tls-key-file /usr/local/etc/redis/key.pem
 tls-ca-cert-file /usr/local/etc/redis/ca.pem
 tls-auth-clients no
 tls-cluster yes
+tls-replication yes
 
 cluster-enabled yes
 cluster-config-file nodes.conf
diff --git a/deploy/dockerephemeral/docker/redis-node-4.conf b/deploy/dockerephemeral/docker/redis-node-4.conf
@@ -5,6 +5,7 @@ tls-key-file /usr/local/etc/redis/key.pem
 tls-ca-cert-file /usr/local/etc/redis/ca.pem
 tls-auth-clients no
 tls-cluster yes
+tls-replication yes
 
 cluster-enabled yes
 cluster-config-file nodes.conf
diff --git a/deploy/dockerephemeral/docker/redis-node-5.conf b/deploy/dockerephemeral/docker/redis-node-5.conf
@@ -5,6 +5,7 @@ tls-key-file /usr/local/etc/redis/key.pem
 tls-ca-cert-file /usr/local/etc/redis/ca.pem
 tls-auth-clients no
 tls-cluster yes
+tls-replication yes
 
 cluster-enabled yes
 cluster-config-file nodes.conf
diff --git a/deploy/dockerephemeral/docker/redis-node-6.conf b/deploy/dockerephemeral/docker/redis-node-6.conf
@@ -5,6 +5,7 @@ tls-key-file /usr/local/etc/redis/key.pem
 tls-ca-cert-file /usr/local/etc/redis/ca.pem
 tls-auth-clients no
 tls-cluster yes
+tls-replication yes
 
 cluster-enabled yes
 cluster-config-file nodes.conf
@@ -13,4 +14,4 @@ cluster-node-timeout 5000
 appendonly yes
 
 requirepass very-secure-redis-cluster-password
-masterauth very-secure-redis-cluster-password
+masterauth very-secure-redis-cluster-password

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+Fix Redis replication in our docker-compose env (used to run integration tests`
	`2`	`+locally): We allow only TLS connections to the Redis nodes. Thus, replication`
	`3`	`+has to use TLS as well (by default it doesn't.)`