pieter/eveAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Correcting SSL Certificate error in celery @startup

Browse Source
This commit is contained in:
Josako
2025-09-05 14:03:07 +02:00
parent a6edd5c663
commit d6ea3ba46c
1 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
common/utils/cache/regions.py vendored
View File

@@ -3,13 +3,12 @@ import time
from dogpile.cache import make_region from dogpile.cache import make_region
from urllib.parse import urlparse from urllib.parse import urlparse
import os
def get_redis_config(app): def get_redis_config(app):
""" """
Create Redis configuration dict based on app config Create Redis configuration dict based on app config.
Handles both authenticated and non-authenticated setups Handles both authenticated and non-authenticated setups.
""" """
# Parse the REDIS_BASE_URI to get all components # Parse the REDIS_BASE_URI to get all components
redis_uri = urlparse(app.config['REDIS_BASE_URI']) redis_uri = urlparse(app.config['REDIS_BASE_URI'])
@@ -21,7 +20,7 @@ def get_redis_config(app):
'redis_expiration_time': 3600, 'redis_expiration_time': 3600,
'distributed_lock': True, 'distributed_lock': True,
'thread_local_lock': False, 'thread_local_lock': False,
# Ingebouwde connection pooling parameters # Built-in connection pooling parameters
'connection_pool_class': 'redis.BlockingConnectionPool', 'connection_pool_class': 'redis.BlockingConnectionPool',
'connection_pool_class_kwargs': { 'connection_pool_class_kwargs': {
'max_connections': 20, 'max_connections': 20,
@@ -31,7 +30,7 @@ def get_redis_config(app):
'socket_timeout': 5, 'socket_timeout': 5,
}, },
# Key prefix voor namespace isolation # Key prefix for namespace isolation
'key_mangler': lambda key: f"cache:workers:{key}" 'key_mangler': lambda key: f"cache:workers:{key}"
} }
@@ -42,23 +41,29 @@ def get_redis_config(app):
'password': redis_uri.password 'password': redis_uri.password
}) })
# SSL support using centralized config # SSL support using centralised config
cert_path = app.config.get('REDIS_CA_CERT_PATH') cert_path = app.config.get('REDIS_CA_CERT_PATH')
if cert_path and redis_uri.scheme == 'rediss': if cert_path and redis_uri.scheme == 'rediss':
import ssl import ssl
# Create SSL context # Create SSL context
ssl_context = ssl.create_default_context() ssl_context = ssl.create_default_context()
ssl_context.load_verify_locations(cert_path)
ssl_context.verify_mode = ssl.CERT_REQUIRED ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.check_hostname = app.config.get('REDIS_SSL_CHECK_HOSTNAME', True) ssl_context.check_hostname = app.config.get('REDIS_SSL_CHECK_HOSTNAME', True)
ssl_context.load_verify_locations(cert_path)
# Add SSL to connection pool kwargs # Add SSL to connection pool kwargs (correct for redis-py)
config['connection_pool_class_kwargs']['ssl'] = ssl_context config['connection_pool_class_kwargs']['ssl'] = True
config['connection_pool_class_kwargs']['ssl_cert_reqs'] = ssl.CERT_REQUIRED
config['connection_pool_class_kwargs']['ssl_ca_certs'] = cert_path
config['connection_pool_class_kwargs']['ssl_check_hostname'] = app.config.get('REDIS_SSL_CHECK_HOSTNAME', True)
# Also pass explicit context (preferred when available)
config['connection_pool_class_kwargs']['ssl_context'] = ssl_context
return config return config
def create_cache_regions(app): def create_cache_regions(app):
"""Initialize all cache regions with app config""" """Initialise all cache regions with app config"""
redis_config = get_redis_config(app) redis_config = get_redis_config(app)
regions = {} regions = {}
startup_time = int(time.time()) startup_time = int(time.time())