From 7fc33c2a23bd162fd027ff3a9de7f24844fb8742 Mon Sep 17 00:00:00 2001 From: qwerrrqw Date: Thu, 21 Nov 2024 21:54:50 +0900 Subject: [PATCH] Add support for secure Redis (TLS support) (#5526) --- docs/3-deployment/deployment-on-heroku.rst | 1 + uv.lock | 6 +++--- {{cookiecutter.project_slug}}/config/settings/base.py | 8 ++++++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/docs/3-deployment/deployment-on-heroku.rst b/docs/3-deployment/deployment-on-heroku.rst index 75bf769365..292946ba37 100644 --- a/docs/3-deployment/deployment-on-heroku.rst +++ b/docs/3-deployment/deployment-on-heroku.rst @@ -14,6 +14,7 @@ Run these commands to deploy the project to Heroku: # Note: this is not a free plan heroku addons:create heroku-postgresql:essential-0 + # On Windows use double quotes for the time zone, e.g. # heroku pg:backups schedule --at "02:00 America/Los_Angeles" DATABASE_URL heroku pg:backups schedule --at '02:00 America/Los_Angeles' DATABASE_URL diff --git a/uv.lock b/uv.lock index c6944c41d5..cbd2fe272b 100644 --- a/uv.lock +++ b/uv.lock @@ -181,7 +181,7 @@ wheels = [ [[package]] name = "cookiecutter-django" -version = "2024.10.24" +version = "2024.11.20" source = { virtual = "." } dependencies = [ { name = "binaryornot" }, @@ -204,7 +204,7 @@ dependencies = [ { name = "tox-uv" }, ] -[package.dependency-groups] +[package.dev-dependencies] docs = [ { name = "myst-parser" }, { name = "sphinx" }, @@ -234,7 +234,7 @@ requires-dist = [ { name = "tox-uv", specifier = ">=1.11.2" }, ] -[package.metadata.dependency-groups] +[package.metadata.requires-dev] docs = [ { name = "myst-parser", specifier = ">=4" }, { name = "sphinx", specifier = ">=8.0.2" }, diff --git a/{{cookiecutter.project_slug}}/config/settings/base.py b/{{cookiecutter.project_slug}}/config/settings/base.py index 97a4c42b9e..ed34a90ea8 100644 --- a/{{cookiecutter.project_slug}}/config/settings/base.py +++ b/{{cookiecutter.project_slug}}/config/settings/base.py @@ -1,6 +1,9 @@ # ruff: noqa: ERA001, E501 """Base settings to build other settings files upon.""" +{% if cookiecutter.use_celery == 'y' -%} +import ssl +{%- endif %} from pathlib import Path import environ @@ -283,6 +286,7 @@ } REDIS_URL = env("REDIS_URL", default="redis://{% if cookiecutter.use_docker == 'y' %}redis{%else%}localhost{% endif %}:6379/0") +REDIS_SSL = REDIS_URL.startswith("rediss://") {% if cookiecutter.use_celery == 'y' -%} # Celery @@ -292,8 +296,12 @@ CELERY_TIMEZONE = TIME_ZONE # https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-broker_url CELERY_BROKER_URL = REDIS_URL +# https://docs.celeryq.dev/en/stable/userguide/configuration.html#redis-backend-use-ssl +CELERY_BROKER_USE_SSL = {"ssl_cert_reqs": ssl.CERT_NONE} if REDIS_SSL else None # https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-result_backend CELERY_RESULT_BACKEND = REDIS_URL +# https://docs.celeryq.dev/en/stable/userguide/configuration.html#redis-backend-use-ssl +CELERY_REDIS_BACKEND_USE_SSL = CELERY_BROKER_USE_SSL # https://docs.celeryq.dev/en/stable/userguide/configuration.html#result-extended CELERY_RESULT_EXTENDED = True # https://docs.celeryq.dev/en/stable/userguide/configuration.html#result-backend-always-retry